IPsec in Fedora

Pavel imerda pavlix@pavlix.net

Developer Conference 2012, Brno http://data.pavlix.net/devconf2012/

Pavel imerda pavlix@pavlix.net

IPsec in Fedora

Contents

IP Security Overview Kernel IPsec implementation Comparison of Key Exchange Implementations Real World Conguration Examples

Pavel imerda pavlix@pavlix.net

IPsec in Fedora

IP Security Overview

Pavel imerda pavlix@pavlix.net

IPsec in Fedora

IPsec

IP Security IPsec Mandatory part of IPv6 stack, extension to IPv4 stack Network-layer packet encryption and authentication

Pavel imerda pavlix@pavlix.net

IPsec in Fedora

IPsec provides

Security layer for network and transport protocols Data authentication, integrity and condentiality Mutual host and user authentication Security orthogonal to routing (with public IPv6 or IPv4) End-to-end secure communication (with public IP and DNSSEC)

Pavel imerda pavlix@pavlix.net

IPsec in Fedora

IPsec essentials

Security policy database Security association database Encapsulated security payload Key exchange and conguration NAT traversal

Pavel imerda pavlix@pavlix.net

IPsec in Fedora

Kernel IPsec Implementation

Pavel imerda pavlix@pavlix.net

IPsec in Fedora

What you need to experiment with IPsec

Kernel IPsec support enabled The iproute package Firewall setup (for testing just disable rewall) Time and patience (or follow examples)

Pavel imerda pavlix@pavlix.net

IPsec in Fedora

ESP transport channel

Mode: Transport Encapsulation: IPv6ESP Direction: alpha.example.net beta.example.net Addresses: 2001:db8::a 2001:db8::b Use the same commands for the reverse channel Suitable for secure end-to-end connectivity You can always use IPv4 addresses instead of IPv6. When testing with documentation address space, you may nd yourself separated from some public internet services.

Pavel imerda pavlix@pavlix.net

IPsec in Fedora

ESP transport channel

alpha.example.net
# ip address add 2001: db8 :: a /64 dev eth0 # ip xfrm policy add dir out \ src 2001: db8 :: a dst 2001: db8 :: b tmpl proto esp # ip xfrm state add \ src 2001: db8 :: a dst 2001: db8 :: b proto esp spi 1 \ enc cbc ( aes ) 0 x 3 e d 0 a f 4 0 8 c f 5 d c b f 5 d 5 d 9 a 5 f a 8 0 6 b 2 2 4

beta.example.net
# ip address add 2001: db8 :: b /64 dev eth0 # ip xfrm policy add dir in \ src 2001: db8 :: a dst 2001: db8 :: b tmpl proto esp # ip xfrm state add \ src 2001: db8 :: a dst 2001: db8 :: b proto esp spi 1 \ enc cbc ( aes ) 0 x 3 e d 0 a f 4 0 8 c f 5 d c b f 5 d 5 d 9 a 5 f a 8 0 6 b 2 2 4 http://data.pavlix.net/devconf2012/

Pavel imerda pavlix@pavlix.net

IPsec in Fedora

ESP transport channel

Quick check on aplha.example.net

# ip xfrm state show src 2001: db8 :: a dst 2001: db8 :: b src 2001: db8 :: a dst 2001: db8 :: b proto esp spi 0 x00000000 reqid 0 mode transport replay - window 0 enc cbc ( aes ) 0 x 3 e d 0 a f 4 0 8 c f 5 d c b f 5 d 5 d 9 a 5 f a 8 0 6 b 2 2 4 sel src ::/0 dst ::/0 # ip xfrm policy show src 2001: db8 :: a dst 2001: db8 :: b src 2001: db8 :: a /128 dst 2001: db8 :: b /128 dir out priority 0 ptype main tmpl src :: dst :: proto esp reqid 0 mode transport

Pavel imerda pavlix@pavlix.net

IPsec in Fedora

ESP transport channel

ICMP ping from alpha to beta
# ping6 2001: db8 :: b PING 2001: db8 :: b (2001: db8 :: b ) 56 data bytes 64 bytes from 2001: db8 :: b : icmp_seq =1 ttl =255 time =0.630 ms 64 bytes from 2001: db8 :: b : icmp_seq =2 ttl =255 time =0.504 ms

Network trac (tcpdump)

IP6 2001: db8 :: a > 2001: db8 :: b : ESP ( spi =0 x00000001 , seq =0 x1 ) , length 104 IP6 2001: db8 :: b > 2001: db8 :: a : ICMP6 , echo reply , seq 1 , length 64 IP6 2001: db8 :: a > 2001: db8 :: b : ESP ( spi =0 x00000001 , seq =0 x2 ) , length 104 IP6 2001: db8 :: b > 2001: db8 :: a : ICMP6 , echo reply , seq 2 , length 64

Pavel imerda pavlix@pavlix.net

IPsec in Fedora

ESP tunnel

Mode: Tunnel Encapsulation: IPv6ESPIPv6 Routers: 2001:db8::a 2001:db8::b Networks: 2001:db8:a:a::/64 2001:db8:b:b::/64 Use the same commands for the other direction Suitable for secure links between two networks You can use IPv4 addresses instead of IPv6.

Pavel imerda pavlix@pavlix.net

IPsec in Fedora

Example: One-way ESP in tunnel mode

alpha.example.net
# ip address add 2001: db8 :: a /64 dev eth0 # ip address add 2001: db8 : a : a ::1/64 dev eth1 # ip xfrm policy add dir out \ src 2001: db8 :: a : a ::/64 dst 2001: db8 : b : b ::/64 \ tmpl src 2001: db8 :: a /128 dst 2001: db8 :: b /128 \ proto esp mode tunnel # ip xfrm state add \ src 2001: db8 :: a dst 2001: db8 :: b proto esp spi 1 mode tunnel \ enc cbc ( aes ) 0 x 3 e d 0 a f 4 0 8 c f 5 d c b f 5 d 5 d 9 a 5 f a 8 0 6 b 2 2 4

b.example.net
# ip address add 2001: db8 :: b /64 dev eth0 # ip address add 2001: db8 : b : b ::1/64 dev eth1 # ip xfrm policy add dir in \ src 2001: db8 :: a dst 2001: db8 :: b tmpl proto esp # ip xfrm state add \ src 2001: db8 :: a dst 2001: db8 :: b proto esp spi 1 \ enc cbc ( aes ) 0 x 3 e d 0 a f 4 0 8 c f 5 d c b f 5 d 5 d 9 a 5 f a 8 0 6 b 2 2 4

http://data.pavlix.net/devconf2012/

Pavel imerda pavlix@pavlix.net

IPsec in Fedora

Hybrid IPv6/IPv4 ESP tunnels

Mode: Tunnel Encapsulation: IPv4ESPIPv6 or IPv6ESPIPv4 Use the same commands as for IPv6ESPIPv6 tunnels Use IPv4 network or host addresses where appropriate Suitable for secure IPv4 links between IPv6 networks and vice versa

Pavel imerda pavlix@pavlix.net

IPsec in Fedora

Comparison of Key Exchange Implementations

Pavel imerda pavlix@pavlix.net

IPsec in Fedora

The IKE protocol

Dynamic security policies and associations (including keys) On-demand associations Mutual authentication using PSK, PKI or other mechanisms IKEv1 Multiple initial exchange modes Cryptographic weaknesses IKEv2 Fusion of previous specications Single initial exchange mechanism Improved cryptography and unied with ESP Improved remote network conguration Improved NAT-T support
Pavel imerda pavlix@pavlix.net IPsec in Fedora

IKE implementations in Fedora/EPEL

Racoon Openswan Racoon2 Strongswan There may be others. For example vpnc seems to be a specialized IPsec implementation used as a client to Cisco EasyVPN.

Pavel imerda pavlix@pavlix.net

IPsec in Fedora

Racoon (ipsec-tools)

Included in Fedora as ipsec-tools Not in EPEL6 Limited to obsolete IKEv1 Very hard to congure for advanced scenarios Even road warrior scenario requires shell scripting It seems to support IPv6 except hybrid tunnels

Pavel imerda pavlix@pavlix.net

IPsec in Fedora

Openswan

Included in Fedora and RHEL IKEv2 doesnt work with NAT traversal IKEv2 doesnt work in road warrior setup IPv6 doesnt work in road warrior setup IPv6 conguration and errors are confusing Hybrid tunnels arent supported Openswan gets confused by multiple IPs per interface Disclaimer: I may have missed some tricks or new development. Tested with openswan-2.6.33-1.fc15.x86_64.

Pavel imerda pavlix@pavlix.net

IPsec in Fedora

Racoon2

Newly added to Fedora 16 and EPEL 6, please test Latest version from May 2010 Bad upstream makeles (patched) No starter daemon, separate spmd, iked (patched) KINK support disabled (dependency problems) Rather complicated conguration, but very exible Ready-to-use conguration examples Reportedly decent IKEv2, IKEv1 and IPv6 support

Pavel imerda pavlix@pavlix.net

IPsec in Fedora

Strongswan

Newly added to Fedora 16 and EPEL 6, please test Active upstream, new release every few months Builds without change, systemd unit les included Renaming required to avoid conicts with Openswan IKEv2, IKEv1 and IPv6 support NAT-T, Mediation, MOBIKE and virtual IP support Various authentication mechanisms Easy and almost at conguration, similar to Openswan

Pavel imerda pavlix@pavlix.net

IPsec in Fedora

Real World Conguration Examples

Pavel imerda pavlix@pavlix.net

IPsec in Fedora

Choosing from implementations

We need to choose one key exchange implementation for IKEv2 and IKEv1 support IPv6 and IPv4 support Road warrior setup IPv4 NAT traversal All of the above working together

Pavel imerda pavlix@pavlix.net

IPsec in Fedora

Evaluation

Racoon not suitable, lacks IKEv2 Openswan not suitable, broken IKEv2 as well as IPv6 Racoon2 suitable, but rather passive Strongswan suitable, actively developed The winner is Strongswan!

Pavel imerda pavlix@pavlix.net

IPsec in Fedora

Symmetric on-demand ESP transport channel

Mode: Transport Encapsulation: IPv6ESP Direction: alpha.example.net beta.example.net Addresses: 2001:db8::a 2001:db8::b Strongswan supports IPv6 and IPv4 addresses.

Pavel imerda pavlix@pavlix.net

IPsec in Fedora

Symmetric on-demand ESP transport channel

ipsec.conf
conn test auto = route type = transport left =2001: db8 :: a right =2001: db8 :: b authby = psk mobike = no http://data.pavlix.net/devconf2012/

Pavel imerda pavlix@pavlix.net

IPsec in Fedora

Symmetric on-demand ESP transport channel

ICMP ping from alpha to beta
# ping6 2001: db8 :: b PING 2001: db8 :: b (2001: db8 :: b ) 56 data bytes 64 bytes from 2001: db8 :: b : icmp_seq =2 ttl =64 time =83.7 ms 64 bytes from 2001: db8 :: b : icmp_seq =3 ttl =64 time =4.08 ms

Network trac (tcpdump)

1 9: 44: 59. 334377 IP6 2001: db8 :: a . isakmp > 2001: db8 :: b . isakmp : isakmp : parent_sa ikev2_init [ I ] 19: 44: 59. 375153 IP6 2001: db8 :: b . isakmp > 2001: db8 :: a . isakmp : isakmp : parent_sa ikev2_init [ R ] 19: 44: 59. 478870 IP6 2001: db8 :: a . isakmp > 2001: db8 :: b . isakmp : isakmp : child_sa ikev2_auth [ I ] 19: 44 :59 .484953 IP6 2001: db8 :: b . isakmp > 2001: db8 :: a . isakmp : isakmp : child_sa ikev2_auth [ R ] 19: 45 :00 .196900 IP6 2001: db8 :: a > 2001: db8 :: b : ESP ( spi =0 xcc21c264 , seq =0 x1 ) , 19: 45: 00. 280492 IP6 2001: db8 :: b > 2001: db8 :: a : ESP ( spi =0 xc2779c7b , seq =0 x1 ) , 19: 45 :01 .198069 IP6 2001: db8 :: a > 2001: db8 :: b : ESP ( spi =0 xcc21c264 , seq =0 x2 ) , 19: 45: 01. 202001 IP6 2001: db8 :: b > 2001: db8 :: a : ESP ( spi =0 xc2779c7b , seq =0 x2 ) ,

... ... ... ...

Pavel imerda pavlix@pavlix.net

IPsec in Fedora

Road warrior: VPN server/concentrator

ipsec.conf
conn test auto = add type = transport left =% any right =2001: db8 :: b authby = psk mobike = no

Pavel imerda pavlix@pavlix.net

IPsec in Fedora

Road warrior: VPN client

ipsec.conf
conn test auto = add type = transport left =% defaultroute leftid = @alpha . example . net right =2001: db8 :: b authby = psk mobike = no

Pavel imerda pavlix@pavlix.net

IPsec in Fedora

Symmetric on-demand ESP transport channel

Mode: Tunnel Encapsulation: IPv6ESPIPv6 Routers: 2001:db8::a 2001:db8::b Networks: 2001:db8:a:a::/64 2001:db8:b:b::/64 You can use IPv4 addresses for routers and networks. Strongswan supports hybrid IPv4/IPv6 tunnels.

Pavel imerda pavlix@pavlix.net

IPsec in Fedora

Symmetric on-demand ESP tunnel

ipsec.conf
conn test auto = route type = tunnel left =2001: db8 :: a leftsubnet =2001: db8 : a : a ::/64 right =2001: db8 :: b leftsubnet =2001: db8 : b : b ::/64 authby = psk mobike = no http://data.pavlix.net/devconf2012/

Pavel imerda pavlix@pavlix.net

IPsec in Fedora

Notes

Authentication Please test Racoon2 and Strongswan!

Pavel imerda pavlix@pavlix.net

IPsec in Fedora

Questions?
http://data.pavlix.net/devconf2012/ pavlix@pavlix.net

Pavel imerda pavlix@pavlix.net

IPsec in Fedora