Date: Thu, 05 Nov 1998 18:41:48 +0900 From: Jun-ichiro itojun Itoh <itojun@iijlab.net> To: "Jordan K. Hubbard" <jkh@time.cdrom.com> Cc: Andreas Klemm <andreas@klemm.gtn.com>, Mike Tancsa <mike@sentex.net>, Juergen Nickelsen <ni@tellique.de>, freebsd-net@FreeBSD.ORG, jkh@FreeBSD.ORG, joerg@FreeBSD.ORG Subject: Re: ipsec (VPN) for -current ? (Re: VPN through encrypted IP tunnel for FreeBSD? ) Message-ID: <22941.910258908@coconut.itojun.org> In-Reply-To: jkh's message of Thu, 05 Nov 1998 00:43:23 PST. <18416.910255403@time.cdrom.com>
next in thread | previous in thread | raw e-mail | index | archive | help
>> - OpenBSD uses PlutoPlus, and KAME uses racoon for IKE daemon. >Can you perhaps say a few words on the differences between these two? Pluto was originally written by Angelos Keromytis, and maintained in several places separately. OpenBSD, NIST (nist.gov), and FreeS/WAN use Pluto-variant IKE daemon. Since they are maintained by separate people, and seems to be heavily modified by each party (to fit with kernel API used by each party), they should be considered as different programs. I dunno much about internals (supported crypto algorithms, negotiations and so forth) about PlutoPlus that is bundled with OpenBSD. KAME IKE daemon (racoon) was tested with FreeS/WAN Pluto variant and NIST Pluto variant and worked fine with them. I have never tested with OpenBSD guys, but I think I can try that soon if needed. There is NO standard IKE codebase, there is NO mature IKE program, IMHO. Interop test still has big troubles. I think it is still too early to recommend some IKE daemon over some others. itojun To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?22941.910258908>