Re: racoon?



> From: "Derek Atkins" <warlord MIT EDU>
> Pavel Simerda <psimerda redhat com> writes:
> > The Racoon software is fairly obsolete and abandoned. I admit it
> > can serve
> > your purpose but it is not really worth any new work. There is
> > Strongswan,
> > Racoon2 (a separate project) or, maybem, Openswan. AFAIK only
> > Strongswan
> > and Openswan have some support for NetworkManager. I'm curious
> > about any
> > new information you might have.
> 
> It may be old but it is neither obsolete nor abandoned.

I am sorry but I insist on the word obsolete for software that implements
obsolete IETF protocols and ignores their replacements.

> There is still work being done on ipsec-tools,

Yes? What news can I expect, then?

> but you are right that it's generally a
> pretty stable platform so there are not many releases needed anymore.

Exactly. There is no need for new releases for Racoon when there are
three other tools that are each hundred times better in its own way.

> But it is not abandoned.

Possibly not. But IMO any work on it is a waste of resources. Strongswan
and Racoon2 support IKEv2 and IPv6. I tested Strongswan in various scenarios
as it proved easier and more active than Racoon2 but Racoon2 seemed to be
more flexible and tunable.

Some information here:

http://data.pavlix.net/devconf/2012/pavel-simerda-ipsec.pdf

Cheers,

Pavel


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]