7/28/2019 Pavel Simerda Ipsec

1/34

IPsec in Fedora

Pavel imerdapavlix@pavlix.net

Developer Conference 2012, Brno

http://data.pavlix.net/devconf2012/

Pavel imerda pavlix@pavlix.net IPsec in Fedora

http://find/

7/28/2019 Pavel Simerda Ipsec

2/34

Contents

IP Security OverviewKernel IPsec implementationComparison of Key Exchange ImplementationsReal World Conguration Examples

Pavel imerda pavlix@pavlix.net IPsec in Fedora

http://find/

7/28/2019 Pavel Simerda Ipsec

3/34

IP Security Overview

Pavel imerda pavlix@pavlix.net IPsec in Fedora

http://find/

7/28/2019 Pavel Simerda Ipsec

4/34

IPsec

IP Security IPsec

Mandatory part of IPv6 stack, extension to IPv4 stackNetwork-layer packet encryption and authentication

Pavel imerda pavlix@pavlix.net IPsec in Fedora

http://find/

7/28/2019 Pavel Simerda Ipsec

5/34

IPsec provides

Security layer for network and transport protocolsData authentication, integrity and condentiality

Mutual host and user authenticationSecurity orthogonal to routing (with public IPv6 or IPv4)End-to-end secure communication (with public IP andDNSSEC)

Pavel imerda pavlix@pavlix.net IPsec in Fedora

http://find/

7/28/2019 Pavel Simerda Ipsec

6/34

IPsec essentials

Security policy databaseSecurity association database

Encapsulated security payloadKey exchange and congurationNAT traversal

Pavel imerda pavlix@pavlix.net IPsec in Fedora

http://find/

7/28/2019 Pavel Simerda Ipsec

7/34

Kernel IPsec Implementation

Pavel imerda pavlix@pavlix.net IPsec in Fedora

http://find/

7/28/2019 Pavel Simerda Ipsec

8/34

What you need to experiment with IPsec

Kernel IPsec support enabledThe iproute packageFirewall setup (for testing just disable rewall)Time and patience (or follow examples)

Pavel imerda pavlix@pavlix.net IPsec in Fedora

http://find/http://goback/

7/28/2019 Pavel Simerda Ipsec

9/34

ESP transport channel

Mode: TransportEncapsulation: IPv6ESPDirection: alpha.example.net beta.example.netAddresses:2001:db8::a 2001:db8::bUse the same commands for the reverse channelSuitable for secure end-to-end connectivity

You can always use IPv4 addresses instead of IPv6.

When testing with documentation address space, you may ndyourself separated from some public internet services.

Pavel imerda pavlix@pavlix.net IPsec in Fedora

http://find/

7/28/2019 Pavel Simerda Ipsec

10/34

ESP transport channelalpha.example.net

# ip a dd re ss ad d 2 00 1: d b8 : :a /6 4 d ev e th 0# ip xfrm policy add dir out \

s rc 2 00 1: d b 8 :: a d st 2 00 1: d b 8 :: b t mp l p ro to e sp# ip xfrm state add \

s rc 2 00 1: d b8 : :a ds t 2 00 1: d b8 : :b p ro to es p sp i 1 \enc cbc(aes ) 0x3ed0af408cf5dcb f5d5d9a5fa806b224

beta.example.net

# ip a dd re ss ad d 2 00 1: d b8 : :b /6 4 d ev e th 0# ip xfrm policy add dir in \

s rc 2 00 1: d b 8 :: a d st 2 00 1: d b 8 :: b t mp l p ro to e sp

# ip xfrm state add \s rc 2 00 1: d b8 : :a ds t 2 00 1: d b8 : :b p ro to es p sp i 1 \enc cbc(aes ) 0x3ed0af408cf5dcb f5d5d9a5fa806b224

http://data.pavlix.net/devconf2012/

Pavel imerda pavlix@pavlix.net IPsec in Fedora

h l

http://find/http://goback/

7/28/2019 Pavel Simerda Ipsec

11/34

ESP transport channel

Quick check on aplha.example.net# ip x fr m s ta te s ho w sr c 2 00 1: d b8 : :a d st 2 00 1: d b8 : :bs rc 2 00 1: d b 8 :: a d st 2 00 1: d b 8 :: b

p ro to es p s pi 0 x 00 00 00 00 r eq id 0 m od e t ra ns po rtreplay -window 0

enc cbc(aes ) 0x3ed0af408cf5dcb f5d5d9a5fa806b224s el sr c : :/ 0 ds t : :/ 0# ip x fr m p ol ic y s ho w sr c 2 00 1: d b8 : :a d st 2 00 1: d b8 : :bs rc 2001 :db8 : : a /128 d st 2001 :db8 : :b /128

d ir ou t p ri or it y 0 p ty pe m ai ntmpl src :: dst ::

p ro to e sp r eq id 0 m od e t ra ns po rt

Pavel imerda pavlix@pavlix.net IPsec in Fedora

ESP h l

http://find/

7/28/2019 Pavel Simerda Ipsec

12/34

ESP transport channel

ICMP ping from alpha to beta

# p in g6 2 00 1: d b 8 :: bP IN G 2 00 1: d b 8 :: b ( 2 00 1: d b 8 :: b ) 5 6 d at a b yt es6 4 b yt es f ro m 2 00 1: d b 8 :: b : i cm p_ se q =1 t tl =2 55 t im e =0 .6 30 m s6 4 b yt es f ro m 2 00 1: d b 8 :: b : i cm p_ se q =2 t tl =2 55 t im e =0 .5 04 m s

Network traffic (tcpdump)I P6 2 00 1: d b 8 :: a > 2 00 1: d b 8 :: b :

ESP(sp i=0x00000001 ,seq=0x1) , leng th 104I P6 2 00 1: d b 8 :: b > 2 00 1: d b 8 :: a :

ICMP6 , e ch o r eply , se q 1 , l en gt h 64

I P6 2 00 1: d b 8 :: a > 2 00 1: d b 8 :: b :ESP(sp i=0x00000001 ,seq=0x2) , leng th 104I P6 2 00 1: d b 8 :: b > 2 00 1: d b 8 :: a :

ICMP6 , e ch o r eply , se q 2 , l en gt h 64

Pavel imerda pavlix@pavlix.net IPsec in Fedora

ESP l

http://find/

7/28/2019 Pavel Simerda Ipsec

13/34

ESP tunnel

Mode: TunnelEncapsulation: IPv6ESPIPv6Routers:2001:db8::a 2001:db8::b

Networks:2001:db8:a:a::/64 2001:db8:b:b::/64Use the same commands for the other directionSuitable for secure links between two networks

You can use IPv4 addresses instead of IPv6.

Pavel imerda pavlix@pavlix.net IPsec in Fedora

E l O ESP i t l d

http://find/

7/28/2019 Pavel Simerda Ipsec

14/34

Example: One-way ESP in tunnel mode

alpha.example.net# ip a dd res s a dd 2 00 1:d b 8 :: a /64 d ev e th 0

# ip a dd res s a dd 2 00 1:d b 8 :a : a : :1 /6 4 d ev e th 1# ip x frm p ol ic y ad d d ir ou t \s rc 2001:db8: :a :a : : /64 dst 2001:db8:b :b : :/64 \tmp l s rc 2 00 1:d b 8 :: a /12 8 d st 2 00 1:d b 8 ::b /12 8 \p ro to e sp mod e tun n el

# ip x frm s ta te add \s rc 2 00 1: d b8 : :a d st 2 00 1: d b8 : :b p ro to e sp s pi 1 m od e t un ne l \enc cbc(aes) 0x3ed0af408cf5dcbf5d5d9a5fa806b224

b.example.net# ip a dd res s a dd 2 00 1:d b 8 ::b /64 d ev e th 0# ip a dd res s a dd 2 00 1:d b 8 :b :b : :1 /6 4 d ev e th 1# ip x frm p ol ic y ad d d ir in \

s rc 2 00 1 :db 8 :: a d st 2 00 1:d b 8 ::b tmp l p roto e sp# ip x frm s ta te add \

s rc 2 00 1: d b8 : :a d st 2 00 1: d b8 : :b p ro to e sp s pi 1 \enc cbc(aes) 0x3ed0af408cf5dcbf5d5d9a5fa806b224

http://data.pavlix.net/devconf2012/

Pavel imerda pavlix@pavlix.net IPsec in Fedora

H b id IP 6/IP 4 ESP t l

http://find/

7/28/2019 Pavel Simerda Ipsec

15/34

Hybrid IPv6/IPv4 ESP tunnels

Mode: TunnelEncapsulation: IPv4ESPIPv6 or IPv6ESPIPv4

Use the same commands as for IPv6ESPIPv6 tunnelsUse IPv4 network or host addresses where appropriateSuitable for secure IPv4 links between IPv6 networks and viceversa

Pavel imerda pavlix@pavlix.net IPsec in Fedora

http://find/

7/28/2019 Pavel Simerda Ipsec

16/34

Comparison of

Key Exchange Implementations

Pavel imerda pavlix@pavlix.net IPsec in Fedora

The IKE protocol

http://find/

7/28/2019 Pavel Simerda Ipsec

17/34

The IKE protocol

Dynamic security policies and associations (including keys)On-demand associationsMutual authentication using PSK, PKI or other mechanisms

IKEv1Multiple initial exchange modesCryptographic weaknesses

IKEv2Fusion of previous specications

Single initial exchange mechanismImproved cryptography and unied with ESPImproved remote network congurationImproved NAT-T support

Pavel imerda pavlix@pavlix.net IPsec in Fedora

IKE implementations in Fedora/EPEL

http://find/

7/28/2019 Pavel Simerda Ipsec

18/34

IKE implementations in Fedora/EPEL

RacoonOpenswanRacoon2Strongswan

There may be others. For example vpnc seems to be a specializedIPsec implementation used as a client to Cisco EasyVPN.

Pavel imerda pavlix@pavlix.net IPsec in Fedora

Racoon (ipsec tools)

http://find/http://goback/

7/28/2019 Pavel Simerda Ipsec

19/34

Racoon (ipsec-tools)

Included in Fedora as ipsec-toolsNot in EPEL6Limited to obsolete IKEv1Very hard to congure for advanced scenariosEven road warrior scenario requires shell scriptingIt seems to support IPv6 except hybrid tunnels

Pavel imerda pavlix@pavlix.net IPsec in Fedora

Openswan

http://find/http://goback/

7/28/2019 Pavel Simerda Ipsec

20/34

Openswan

Included in Fedora and RHELIKEv2 doesnt work with NAT traversalIKEv2 doesnt work in road warrior setupIPv6 doesnt work in road warrior setupIPv6 conguration and errors are confusingHybrid tunnels arent supportedOpenswan gets confused by multiple IPs per interface

Disclaimer: I may have missed some tricks or new development.Tested with openswan-2.6.33-1.fc15.x86_64.

Pavel imerda pavlix@pavlix.net IPsec in Fedora

Racoon2

http://find/http://goback/

7/28/2019 Pavel Simerda Ipsec

21/34

Racoon2

Newly added to Fedora 16 and EPEL 6, please testLatest version from May 2010Bad upstream makeles (patched)

No starter daemon, separate spmd, iked (patched)KINK support disabled (dependency problems)Rather complicated conguration, butvery exibleReady-to-use conguration examples

Reportedly decent IKEv2, IKEv1 and IPv6 support

Pavel imerda pavlix@pavlix.net IPsec in Fedora

Strongswan

http://find/http://goback/

7/28/2019 Pavel Simerda Ipsec

22/34

Strongswan

Newly added to Fedora 16 and EPEL 6, please testActive upstream, new release every few monthsBuilds without change, systemd unit les included

Renaming required to avoid conicts with OpenswanIKEv2, IKEv1 and IPv6 supportNAT-T, Mediation, MOBIKE and virtual IP supportVarious authentication mechanisms

Easy and almost at conguration, similar to Openswan

Pavel imerda pavlix@pavlix.net IPsec in Fedora

http://find/

7/28/2019 Pavel Simerda Ipsec

23/34

Real World Conguration Examples

Pavel imerda pavlix@pavlix.net IPsec in Fedora

Choosing from implementations

http://find/

7/28/2019 Pavel Simerda Ipsec

24/34

Choosing from implementations

We need to choose one key exchange implementation for

IKEv2 and IKEv1 support

IPv6 and IPv4 supportRoad warrior setupIPv4 NAT traversalAll of the above working together

Pavel imerda pavlix@pavlix.net IPsec in Fedora

Evaluation

http://find/

7/28/2019 Pavel Simerda Ipsec

25/34

Evaluation

Racoon not suitable, lacks IKEv2Openswan not suitable, broken IKEv2 as well as IPv6

Racoon2 suitable, but rather passiveStrongswan suitable, actively developed

The winner is Strongswan!

Pavel imerda pavlix@pavlix.net IPsec in Fedora

Symmetric on-demand ESP transport channel

http://find/

7/28/2019 Pavel Simerda Ipsec

26/34

y p

Mode: TransportEncapsulation: IPv6ESP

Direction: alpha.example.net

beta.example.netAddresses:2001:db8::a 2001:db8::b

Strongswan supports IPv6 and IPv4 addresses.

Pavel imerda pavlix@pavlix.net IPsec in Fedora

Symmetric on-demand ESP transport channel

http://find/

7/28/2019 Pavel Simerda Ipsec

27/34

y p

ipsec.conf conn t es t

auto=routetype=t ranspor tlef t=2001:db8: :a

r igh t=2001:db8: :bauthby=psk mobike =no

http://data.pavlix.net/devconf2012/

Pavel imerda pavlix@pavlix.net IPsec in Fedora

Symmetric on-demand ESP transport channel

http://find/

7/28/2019 Pavel Simerda Ipsec

28/34

y p

ICMP ping from alpha to beta

# p in g6 2 00 1: d b 8 :: bP IN G 2 00 1: d b 8 :: b ( 2 00 1: d b 8 :: b ) 5 6 d at a b yt es6 4 b yt es f ro m 2 00 1: d b 8 :: b : i cm p_ se q =2 t tl =6 4 t im e =83 .7 m s6 4 b yt es f ro m 2 00 1: d b 8 :: b : i cm p_ se q =3 t tl =6 4 t im e =4. 08 m s

Network traffic (tcpdump)19:44 :59 .334377 IP6 2001:db8: :a . i sakmp > 2001:db8: :b . i sakmp:

isakmp: parent_sa ikev2_in i t [ I ]19 :44 :59 .375153 IP6 2001:db8: :b . i sakmp > 2001:db8: :a . i sakmp:

isakmp: parent_sa ikev2_in i t [R]19 :44 :59 .478870 IP6 2001:db8: :a . i sakmp > 2001:db8: :b . i sakmp:

i s ak mp : c h i ld _ sa i k ev 2 _a u th [ I ]19 :44 :59 .484953 IP6 2001:db8: :b . i sakmp > 2001:db8: :a . i sakmp:

i s ak mp : c h i ld _ sa i k ev 2 _a u th [R ]19 :45 :00 .196900 IP6 2001:db8: :a > 2001:db8: :b : ESP(spi=0xcc21c264 , seq=0x1) , . ..19 :45 :00 .280492 IP6 2001:db8: :b > 2001:db8: :a : ESP(spi=0xc2779c7b , seq=0x1) , . ..19 :45 :01 .198069 IP6 2001:db8: :a > 2001:db8: :b : ESP(spi=0xcc21c264 , seq=0x2) , . ..19 :45 :01 .202001 IP6 2001:db8: :b > 2001:db8: :a : ESP(spi=0xc2779c7b , seq=0x2) , . ..

Pavel imerda pavlix@pavlix.net IPsec in Fedora

Road warrior: VPN server/concentrator

http://find/

7/28/2019 Pavel Simerda Ipsec

29/34

ipsec.conf

conn t es tauto=addtype=t ranspor t

lef t=%anyr igh t=2001:db8: :bauthby=psk mobike =no

Pavel imerda pavlix@pavlix.net IPsec in Fedora

Road warrior: VPN client

http://find/

7/28/2019 Pavel Simerda Ipsec

30/34

ipsec.conf

conn t es tauto=addtype=t ranspor t

lef t=%defau l t rou telef t id=@alpha.example .netr igh t=2001:db8: :bauthby=psk mobike =no

Pavel imerda pavlix@pavlix.net IPsec in Fedora

Symmetric on-demand ESP transport channel

http://find/

7/28/2019 Pavel Simerda Ipsec

31/34

Mode: TunnelEncapsulation: IPv6ESPIPv6Routers:2001:db8::a 2001:db8::bNetworks:2001:db8:a:a::/64 2001:db8:b:b::/64

You can use IPv4 addresses for routers and networks. Strongswansupports hybrid IPv4/IPv6 tunnels.

Pavel imerda pavlix@pavlix.net IPsec in Fedora

Symmetric on-demand ESP tunnel

http://find/

7/28/2019 Pavel Simerda Ipsec

32/34

ipsec.conf conn t es t

auto=routetype=tunnellef t=2001:db8: :alef t subnet=2001:db8:a :a : : /64r igh t=2001:db8: :blef t subnet=2001:db8:b :b : : /64authby=psk mobike =no

http://data.pavlix.net/devconf2012/

Pavel imerda pavlix@pavlix.net IPsec in Fedora

Notes

http://find/

7/28/2019 Pavel Simerda Ipsec

33/34

Authentication

Please test Racoon2 and Strongswan!

Pavel imerda pavlix@pavlix.net IPsec in Fedora

http://find/

7/28/2019 Pavel Simerda Ipsec

34/34

Questions?

http://data.pavlix.net/devconf2012/

pavlix@pavlix.net

Pavel imerda pavlix@pavlix.net IPsec in Fedora

http://find/