Re: Future of VPN: CIPE or IPSEC?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, 2003-11-19 at 10:30, Christians, Stefan Mr. wrote:

> 1) The reasons we had for choosing IPSEC over CIPE turned out to be
> non-issues (all arguments we had for using IPSEC were never used, needed
> or implemented).

I have heard that CIPE is plagued of security problems and lacks a good
design. IPSec, however, is a backport of the same functionality from
IPv6 and I think it's a proven technology.

> So now the big question for us is whether we should migrate our VPN
> routers to Fedora Core 1 and convert them to CIPE, or whether we should
> wait a few more months until the 2.6 kernel with integrated IPSEC is
> included in the standard distribution.

AFAIK, Fedora kernel doesn't rely on FreeSWAN anymore. Instead, they
have backported the IPSec code from 2.6 kernels that is based on
KAME/USAGI stack.

> The key question here is whether CIPE will be maintained as a Fedora
> Package once the 3.6 kernel is distributed, or whether it will gradually
> be phased out. We want to avoid converting to CIPE now and then back to
> IPSEC again after a year.

I think you'd better stick with IPSec.




[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux