Future of VPN: CIPE or IPSEC?

Dave Jones davej at redhat.com
Wed Nov 19 15:31:55 UTC 2003

On Wed, Nov 19, 2003 at 06:30:09PM +0900, Christians, Stefan Mr. wrote:

 > The key question here is whether CIPE will be maintained as a Fedora
 > Package once the 3.6 kernel is distributed, or whether it will gradually
 > be phased out. We want to avoid converting to CIPE now and then back to
 > IPSEC again after a year.
 > Can any Fedora developer or strategist comment on this?

Long term, CIPE is going away. Hopefully for FC2.
IPSec is the way forward, however the existing FC1 doesn't support it.
Additionally, Freeswan may not be 100% compatable with what will be
in FC2. The last I heard there were some problems connecting a Linux 2.5
IPSEC box to Freeswan. I don't know if they got worked out, or even if
its possible to be worked out.  Also the userspace tools are completley
different between Freeswan and what will be in FC2.

A nice project for someone interested in this area, would be to get the 2.4
backport of the IPSEC code (try the Taroon SRPM for a good start).
and bend that to fit the FC1 kernel. The Taroon SRPMs for the userspace
tools should recompile easily enough under Fedora..
With this done, you'll be ready and prepared when we get to FC2.


More information about the fedora-list mailing list