712246 – There is no obvious way to make racoon transports or tunnels permanent

Bug 712246 - There is no obvious way to make racoon transports or tunnels permanent

Summary: There is no obvious way to make racoon transports or tunnels permanent

Keywords:
Status:	CLOSED WONTFIX
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	NetworkManager
Sub Component:
Version:	15
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Assignee:	Dan Williams
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2011-06-09 22:24 UTC by Pavel Šimerda (pavlix)
Modified:	2012-02-26 09:54 UTC (History)
CC List:	1 user (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2012-02-26 09:54:48 UTC
Type:	---
Dependent Products:

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Description Pavel Šimerda (pavlix) 2011-06-09 22:24:56 UTC

It is not easy (by means of changing configuration or easy scripting) to set up Racoon to establish transports or tunnels for IPsec traffic upon booting or activating a network interface (acquiring an IP address).

Transports/tunnels are dynamically started when traffic apears. As a side-effect, first several packets of communication are often dropped, which is bad. Even if that was fixed, there will still be significant delay.

Some tunnels are intended to be run whenever possible, while others are better served on-demand.

Comment 1 Pavel Šimerda (pavlix) 2012-02-26 09:53:16 UTC

Racoon is obsolete. It can be superseded by Racoon2 or Strongswan, both recently packaged for Fedora.

Note You need to log in before you can comment on or make changes to this bug.