Future of VPN: CIPE or IPSEC?

[Phil Knirsch]

Christians, Stefan Mr. wrote:
> So now the big question for us is whether we should migrate our VPN
> routers to Fedora Core 1 and convert them to CIPE, or whether we should
> wait a few more months until the 2.6 kernel with integrated IPSEC is
> included in the standard distribution.
> 
> The key question here is whether CIPE will be maintained as a Fedora
> Package once the 3.6 kernel is distributed, or whether it will gradually
> be phased out. We want to avoid converting to CIPE now and then back to
> IPSEC again after a year.
> 
> Can any Fedora developer or strategist comment on this?

Why would you want to switch? If IPSEC is working for you and you have 
already an working infrastructure in place there would be no reason imho 
to switch.

I personally have been using CIPE and IPSEC over the last couple of 
years and was pleased with both of them.

But to get to the point: If you have IPSEC up and running, stay with it. 
It has the certain advantage that it's a real standard (as opposed to 
CIPE), so integrating new heterogenous systems into your infrastructure 
will always be easier using IPSEC.

Just my $0.02

Read ya, Phil

-- 
Philipp Knirsch      | Tel.:  +49-711-96437-470
Development          | Fax.:  +49-711-96437-111
Red Hat GmbH         | Email: Phil Knirsch <phil at redhat.de>
Hauptstaetterstr. 58 | Web:   http://www.redhat.de/
D-70178 Stuttgart    | Motd:  Better be root than to reboot. %^)
main(d,o){char 
**t=o;for(t++,d=o=2e3;--d;o%d?o:--d?d=--o:--**t?d=--o:printf("%d 
",o)?*++*t?d=o=2e3:d++:o);}