About Racoon2

What is Racoon2?

Racoon2 is a system to exchange and to install security parameters for IPsec. This is provided by the Racoon2 Project in the WIDE Project. The project aims to provide the IPsec system for FreeBSD, NetBSD, and Linux. There are some other projects doing similar work in the Internet community. We'd like to collaborate with them to achieve widespread deployment of IPsec and good interoperability with other implementations.

Currently the system supports the following specifications:

  • Internet Key Exchange (IKEv2) Protocol
    • RFC 4306
    • RFC 4307
    • RFC 4718
  • Kerberized Internet Negotiation of Keys (KINK)
    • RFC 4430
  • The Internet Key Exchange (IKE)
    • RFC 2409
    • RFC 3947
    • RFC 3948
  • PF_KEY Key Management API, Version 2
    • RFC 2367

What is the difference from the "previous racoon"?

The previous racoon (usually called just as racoon, but sometimes racoon1 in contrast to racoon2) only supports IKEv1. Racoon2 implements both IKEv2, KINK, and IKEv1. The configuration syntax is completely different because the Racoon2 system supports multiple key exchange protocols.

FutureItems


Front page   Diff Backup   List of pages Search Recent changes   Help   RSS of recent changes
Last-modified: 2007-03-22 (Thu) 13:18:14 (3900d)