Future of VPN: CIPE or IPSEC?

Dave Jones davej at redhat.com
Wed Nov 19 15:33:48 UTC 2003


On Wed, Nov 19, 2003 at 11:28:17AM +0100, Felipe Alfaro Solana wrote:

 > AFAIK, Fedora kernel doesn't rely on FreeSWAN anymore.

No Fedora kernel, (or Red Hat kernel that I'm aware of) ever did.
 
 > Instead, they have backported the IPSec code from 2.6 kernels that is based
 > on KAME/USAGI stack.

Not for Fedora Core 1 I'm afraid.

 > > The key question here is whether CIPE will be maintained as a Fedora
 > > Package once the 3.6 kernel is distributed, or whether it will gradually
 > > be phased out. We want to avoid converting to CIPE now and then back to
 > > IPSEC again after a year.
 > 
 > I think you'd better stick with IPSec.

Yep. Though see previous mail re interoperability with Freeswan and Linux 2.6 IPSEC.
Another project idea that just occured to me that some folks might find really
useful would be a FreeSWAN -> 2.6 IPSEC configuration migration tool.
Any takers ? 8)

		Dave





More information about the fedora-list mailing list