Hurricane Electric's IPv6 Tunnel Broker Forums

General IPv6 Topics => IPv6 on Linux & BSD & Mac => Topic started by: Azendale on February 13, 2011, 09:44:47 PM

Title: IPv6 IPsec on Linux (Ubuntu)?
Post by: Azendale on February 13, 2011, 09:44:47 PM
I know that one of the features of IPv6 is that you should be able to encypt at the IP level. I would like to set this up on Ubuntu. I know that there are two kinds, ESP and AH. I think I need racoon and ipsec-tools.

The other half of the question is this:I have heard that IPsec is part of the IPv6 standard. Does that mean that once I set it up, I will be able to encrypt my connections to any of the IPv6 services I connect to? If that is the way it is, why do I need to set anything up to use it? (I'm a little confused...)

Also, I (think) I know that ESP encypts the data along the way, and AH makes it so you know that the traffic is coming from who you think it is. Is it possible to use both, so that no one can read the connection AND you can be sure you are talking to the right server?

I have tried to set up racoon on two computers at home, 2001:470:e89d::1 and 2001:470:e89d:0:21a:73ff:fe62:8329. Here's the config files:

2001:470:e89d::1:
/etc/racoon/racoon.conf:

#
# NOTE: This file will not be used if you use racoon-tool(8) to manage your
# IPsec connections. racoon-tool will process racoon-tool.conf(5) and
# generate a configuration (/var/lib/racoon/racoon.conf) and use it, instead
# of this file.
#
# Simple racoon.conf
#
#
# Please look in /usr/share/doc/racoon/examples for
# examples that come with the source.
#
# Please read racoon.conf(5) for details, and alsoread setkey(8).
#
#
# Also read the Linux IPSEC Howto up at
# http://www.ipsec-howto.org/t1.html
#

path pre_shared_key "/etc/racoon/psk.txt";
path certificate "/etc/racoon/certs";

#remote 172.31.1.1 {
#        exchange_mode main,aggressive;
#        proposal {
#                encryption_algorithm 3des;
#                hash_algorithm sha1;
#                authentication_method pre_shared_key;
#                dh_group modp1024;
#        }
#        generate_policy off;
#}
#
#sainfo address 192.168.203.10[any] any address 192.168.22.0/24[any] any {
#        pfs_group modp768;
#        encryption_algorithm 3des;
#        authentication_algorithm hmac_md5;
#        compression_algorithm deflate;
#}
remote 2001:470:e89d:0:21a:73ff:fe62:8329 {
        exchange_mode main;
        certificate_type x509 "host-cert.pem" "host-key.pem";
        my_identifier fqdn "erikbandersen.com";
        verify_identifier on;
        peers_identifier fqdn "laptop.erikbandersen.com";
        proposal {
                encryption_algorithm aes;
                hash_algorithm sha512;
                authentication_method rsasig;
                dh_group modp1024;
        }
}
sainfo address 2001:470:e89d::1 any address 2001:470:e89d:0:21a:73ff:fe62:8329 any {
        pfs_group modp1024;
        encryption_algorithm aes,3des;
        authentication_algorithm hmac_sha512,hmac_sha1;
        compression_algorithm deflate;
}
# Extra sainfo for port 500 needed, taken from
# <http://bugs.debian.org/341398#msg69>
sainfo address 2001:470:e89d::1[500] any address 2001:470:e89d:0:21a:73ff:fe62:8329[500] any {
        pfs_group modp1024;
        encryption_algorithm aes,3des;
        authentication_algorithm hmac_sha512,hmac_sha1;
        compression_algorithm deflate;
}
# See also:
#<http://lists.freebsd.org/pipermail/freebsd-net/2004-March/003514.html>
##

And /etc/ipsec-tools.conf
#!/usr/sbin/setkey -f

# NOTE: Do not use this file if you use racoon with racoon-tool
# utility. racoon-tool will setup SAs and SPDs automatically using
# /etc/racoon/racoon-tool.conf configuration.
#

## Flush the SAD and SPD
#
# flush;
# spdflush;

## Some sample SPDs for use racoon
#
# spdadd 10.10.100.1 10.10.100.2 any -P out ipsec
#    esp/transport//require;
#                     
# spdadd 10.10.100.2 10.10.100.1 any -P in ipsec
#    esp/transport//require;
#
spdadd ::/0 ::/0 icmp6 135,0 -P out none;
spdadd ::/0 ::/0 icmp6 135,0 -P in none;
spdadd ::/0 ::/0 icmp6 136,0 -P out none;
spdadd ::/0 ::/0 icmp6 136,0 -P in none;

##
# laptop.erikbandersen.com
spdadd 2001:470:e89d:0:21a:73ff:fe62:8329 2001:470:e89d::1 any -P out ipsec esp/transport//require;
spdadd 2001:470:e89d::1 2001:470:e89d:0:21a:73ff:fe62:8329 any -P in  ipsec esp/transport//require;
##

And 'tree /etc/racoon/certs'
tree /etc/racoon/certs
/etc/racoon/certs
├── ca-cert.pem -> /home/bjorn/erikca/CA/erikca.crt
├── host-cert.pem -> /home/bjorn/erikca/erikbandersen.com_ipsec_16k/erikbandersen.com_ipsec_16k.crt
└── host-key.pem -> /home/bjorn/erikca/erikbandersen.com_ipsec_16k/erikbandersen.com_ipsec_16k.key

0 directories, 3 files



2001:470:e89d:0:21a:73ff:fe62:8329:
/etc/racoon/racoon.conf:
#
# NOTE: This file will not be used if you use racoon-tool(8) to manage your
# IPsec connections. racoon-tool will process racoon-tool.conf(5) and
# generate a configuration (/var/lib/racoon/racoon.conf) and use it, instead
# of this file.
#
# Simple racoon.conf
#
#
# Please look in /usr/share/doc/racoon/examples for
# examples that come with the source.
#
# Please read racoon.conf(5) for details, and alsoread setkey(8).
#
#
# Also read the Linux IPSEC Howto up at
# http://www.ipsec-howto.org/t1.html
#

path pre_shared_key "/etc/racoon/psk.txt";
path certificate "/etc/racoon/certs";

#remote 172.31.1.1 {
#        exchange_mode main,aggressive;
#        proposal {
#                encryption_algorithm 3des;
#                hash_algorithm sha1;
#                authentication_method pre_shared_key;
#                dh_group modp1024;
#        }
#        generate_policy off;
#}
#
#sainfo address 192.168.203.10[any] any address 192.168.22.0/24[any] any {
#        pfs_group modp768;
#        encryption_algorithm 3des;
#        authentication_algorithm hmac_md5;
#        compression_algorithm;
#}
remote 2001:470:e89d::1 {
        exchange_mode main;
        certificate_type x509 "laptop.erikbandersen.com_ipsec_16k.crt" "laptop.erikbandersen.com_ipsec_16k.key";
        my_identifier fqdn "laptop.erikbandersen.com";
        verify_identifier on;
        peers_identifier fqdn "laptop.erikbandersen.com";
        proposal {
                encryption_algorithm aes;
                hash_algorithm sha512;
                authentication_method rsasig;
                dh_group modp1024;
        }
}
sainfo address 2001:470:e89d:0:21a:73ff:fe62:8329 any address 2001:470:e89d::1 any {
        pfs_group modp1024;
        encryption_algorithm aes,3des;
        authentication_algorithm hmac_sha512,hmac_sha1;
        compression_algorithm deflate;
}
# Extra sainfo for port 500 needed, taken from
# <http://bugs.debian.org/341398#msg69>
sainfo address 2001:470:e89d:0:21a:73ff:fe62:8329[500] any address 2001:470:e89d::1[500] any {
        pfs_group modp1024;
        encryption_algorithm aes,3des;
        authentication_algorithm hmac_sha512,hmac_sha1;
        compression_algorithm deflate;
}
# See also:
#<http://lists.freebsd.org/pipermail/freebsd-net/2004-March/003514.html>
##


And /etc/ipsec-tools.conf:
#!/usr/sbin/setkey -f

# NOTE: Do not use this file if you use racoon with racoon-tool
# utility. racoon-tool will setup SAs and SPDs automatically using
# /etc/racoon/racoon-tool.conf configuration.
#

## Flush the SAD and SPD
#
# flush;
# spdflush;

## Some sample SPDs for use racoon
#
# spdadd 10.10.100.1 10.10.100.2 any -P out ipsec
#    esp/transport//require;
#                     
# spdadd 10.10.100.2 10.10.100.1 any -P in ipsec
#    esp/transport//require;
#
spdadd ::/0 ::/0 icmp6 135,0 -P out none;
spdadd ::/0 ::/0 icmp6 135,0 -P in none;
spdadd ::/0 ::/0 icmp6 136,0 -P out none;
spdadd ::/0 ::/0 icmp6 136,0 -P in none;

##
# erikbandersen.com
spdadd 2001:470:e89d:0:21a:73ff:fe62:8329 2001:470:e89d::1 any -P in  ipsec esp/transport//require;
spdadd 2001:470:e89d::1 2001:470:e89d:0:21a:73ff:fe62:8329 any -P out ipsec esp/transport//require;
##

And 'tree /etc/racoon/certs'
/etc/racoon/certs
├── ca-cert.pem
├── laptop.erikbandersen.com_ipsec_16k.crt
├── laptop.erikbandersen.com_ipsec_16k.csr
└── laptop.erikbandersen.com_ipsec_16k.key

0 directories, 4 files
Title: Re: IPv6 IPsec on Linux (Ubuntu)?
Post by: antillie on February 14, 2011, 12:01:33 AM
The ability to perform ubiquitous end to end IPSec encryption is one of the goals of the IPv6 standard. However not all IPv6 capable platforms fully implement IPSec despite it being part of the standard.

The AH and ESP protocols both provide full data confidentiality, origin authentication, and data integrity protection so there is no need to try and use both at the same time. AH authenticates the original IP header which makes it impossible for an AH tunnel to traverse any network that modifies the headers of transient packets. (NAT, MPLS, ect...) Tunnel mode ESP literally encrypts the entire original packet (header included) and then sticks on a new IP header. This allows ESP to pass over almost any network without any issues. Upon reaching the remote crypto endpoint the extra IP header added by ESP is removed and the original packet is decrypted and sent on its way.

Wikipedia has an excellent article on ESP here (http://en.wikipedia.org/wiki/IPsec#Encapsulating_Security_Payload).

In practice AH is almost never used in production VPN deployments because it just can't pass over most of the modern internet. In fact many major VPN device vendors don't even bother supporting AH at all. ESP is the defacto standard and provides more than adequate security when used with a good strong cipher and hashing algorithm. There is of course a certain amount of overhead associated with implementing IPSec but AES-128 and SHA1 usually provides the best blend of performance and security for both phase 1 and 2. DH group 2 is generally considered strong enough for initial phase 1 keying material generation in most situations. This level of encryption will satisfy most regulatory requirements such and PCI, GLBA, or HIPAA.

If you are particularly paranoid you can enable PFS at group 2 strength in phase 2 . For the tin foil hat crowd (or people who need DoD military grade secuirty) you can use DH group 5 in phase 1, change the PFS to group 5 in phase 2, and change the cipher in both phases to AES-256.

Unfortunately my experience with IPSec VPNs is very Cisco centric so I don't think I will be of much help setting it up on a Linux box but since IPSec is a well established standard the basic settings and principals should all be the same. Essentially you just need to make sure that all of the settings between your two peers match and you should be set.
Title: Re: IPv6 IPsec on Linux (Ubuntu)?
Post by: jimb on February 14, 2011, 04:41:43 PM
Hrm.  Are you confusing AH and transport vs. tunnel mode ESP?

ESP transport mode should be a lot more usable under IPv6 because of the end-to-end connectivity provided by fully routeable addresses.  Some will probably still opt for the tunnel mode via a device though, since it provides anonymity of the corespondents' addresses.
Title: Re: IPv6 IPsec on Linux (Ubuntu)?
Post by: antillie on February 15, 2011, 11:02:34 AM
True, ESP transport mode should be much more practical in IPv6. But in my experience nobody really bothers using it these days. Everyone just uses tunnel mode since its easier to just do things the same way every time. I guess we'll just have to see how people decide to do things once they start deploying IPSec for IPv6 in large scale production settings.
Title: Re: IPv6 IPsec on Linux (Ubuntu)?
Post by: Azendale on March 19, 2011, 04:02:29 PM
Thanks for the advice everyone. I was getting ESP and AH confused, but I have it sorted out now. I eventually got it kind of working with strongswan. I had to set up an ipv4 webserver with hash and url certificates because for some reason sending the certificate in the request wasn't working.