Using the Racoon IKE/ISAKMP daemon

Basic configuration

For the examples in this section we shall assume that four hosts have had the racoon daemon installed and configured as shown below. Three of these hosts are on the private 10.0.1.0/24 range (connected to the Internet through a NAT enabled router) and one is on a static publicly addressable network address. To follow these examples on your own network you will need to modify the network addresses as appropriate.

As we shall just be testing our racoon configurations we shall not configure any Security Policies at this stage. The file below will ensure that both the Security Policy Database and the Security Association Database are empty and should be installed on all hosts.

/etc/ipsec-tools.conf

#! /usr/sbin/setkey -f

# Flush the SPD and SAD
spdflush;
flush;

The example racoon configuration below should also be installed on all the hosts which will be used. We shall modify the configuration on some hosts as we progress through this section.

/etc/racoon/racoon.conf

log info;

path pre_shared_key "/etc/racoon/psk.txt";

complex_bundle on;

remote anonymous
{
    exchange_mode main;
    passive off;
    nat_traversal on;
    dpd_delay 30;

    proposal
    {
        encryption_algorithm aes;
        hash_algorithm sha1;
        authentication_method pre_shared_key;
        dh_group modp2048;
        lifetime time 24 hour;
    }
}

sainfo anonymous
{
    encryption_algorithm aes, 3des;
    authentication_algorithm hmac_sha512, hmac_sha384, hmac_sha256, hmac_sha1;
    compression_algorithm deflate;
    pfs_group modp1024;
    lifetime time 12 hour;
}

In addition to the basic configuration provided above each pair of hosts will require a unique key. The table below lists some example keys which will be used to authenticate each peer combination. As you can see, the keys used to identify each host must be symmetrical.

Table

Source	Destination	Key
10.0.1.1	10.0.1.2	0x619b8d214a283ea1fa2e58d19bd6234200bf50efce3cb420
10.0.1.1	10.0.1.3	0xca0f14b7b9e19f8e239e53e8fdb3456be3c50e40052f1e64
10.0.1.1	83.56.124.167	0x1d4f9b09620b5fbb07ec50aebf2af8be5927715f11b2b547
10.0.1.2	10.0.1.1	0x619b8d214a283ea1fa2e58d19bd6234200bf50efce3cb420
10.0.1.2	10.0.1.3	0x08e63d3267d2629fd11f35fe8294d48761967a415ffe6264
10.0.1.3	10.0.1.1	0xca0f14b7b9e19f8e239e53e8fdb3456be3c50e40052f1e64
10.0.1.3	10.0.1.2	0x08e63d3267d2629fd11f35fe8294d48761967a415ffe6264
83.56.124.167	10.0.1.1	0x1d4f9b09620b5fbb07ec50aebf2af8be5927715f11b2b547

Table of Pre-Shared Keys (PSKs)

Finally, using the table above, we can create the Pre-Shared Key (PSK) files which also need to be present on all the host machines. Clearly, on your own network you will need to use different network addresses and should change those in the example below as required.

/etc/racoon/psk.txt [on 10.0.1.1]

10.0.1.2      0x619b8d214a283ea1fa2e58d19bd6234200bf50efce3cb420
10.0.1.3      0xca0f14b7b9e19f8e239e53e8fdb3456be3c50e40052f1e64
83.56.124.167 0x1d4f9b09620b5fbb07ec50aebf2af8be5927715f11b2b547

/etc/racoon/psk.txt [on 10.0.1.2]

10.0.1.1      0x619b8d214a283ea1fa2e58d19bd6234200bf50efce3cb420
10.0.1.3      0x08e63d3267d2629fd11f35fe8294d48761967a415ffe6264

/etc/racoon/psk.txt [on 10.0.1.3]

10.0.1.1      0xca0f14b7b9e19f8e239e53e8fdb3456be3c50e40052f1e64
10.0.1.2      0x08e63d3267d2629fd11f35fe8294d48761967a415ffe6264

/etc/racoon/psk.txt [on 83.56.124.167]

10.0.1.1      0x1d4f9b09620b5fbb07ec50aebf2af8be5927715f11b2b547

If you wish to generate your own unique keys the command below should produce suitable output, although it will need prefixing with 0x before it may be used in the above file.

lisa ~ # dd if=/dev/random count=24 bs=1 2>/dev/null | hexdump -e '24/1 "%02x" "\n"'

1d4f9b09620b5fbb07ec50aebf2af8be5927715f11b2b547

Establishing an ISAKMP SA

Now that all the participating hosts have been correctly configured, and the racoon daemons have been started, we can check that there are no existing ISAKMP Security Associations by using the racoonctl application, as shown below.

10.0.1.2 ~ # racoonctl -l show-sa isakmp

Destination            Cookies                           ST S  V E Created             Phase2

As we have no Security Policies defined we shall have to initiate the establishment of an ISAKMP SA manually. The racoonctl application may be used for this purpose and an example invocation is provided below.

10.0.1.2 ~ # racoonctl establish-sa -w isakmp inet 10.0.1.2 10.0.1.1

The example output below shows a successful negotiation from the point of view of the initiating host.

10.0.1.2 ~ # tail -f /var/log/messages

racoon: INFO: accept a request to establish IKE-SA: 10.0.1.1
racoon: INFO: initiate new phase 1 negotiation: 10.0.1.2[500]<=>10.0.1.1[500]
racoon: INFO: begin Identity Protection mode.
racoon: phase1(ident I msg1): 0.000657
racoon: INFO: received Vendor ID: RFC 3947
racoon: INFO: received Vendor ID: DPD
racoon: INFO: received broken Microsoft ID: FRAGMENTATION
racoon: [10.0.1.1] INFO: Selected NAT-T version: RFC 3947
racoon: oakley_dh_generate(MODP1024): 0.003821
racoon: [10.0.1.1] INFO: Hashing 10.0.1.1[500] with algo #2 
racoon: [10.0.1.2] INFO: Hashing 10.0.1.2[500] with algo #2 
racoon: INFO: Adding remote and local NAT-D payloads.
racoon: phase1(ident I msg2): 0.005240
racoon: [10.0.1.2] INFO: Hashing 10.0.1.2[500] with algo #2 
racoon: INFO: NAT-D payload #0 verified
racoon: [10.0.1.1] INFO: Hashing 10.0.1.1[500] with algo #2 
racoon: INFO: NAT-D payload #1 verified
racoon: INFO: NAT not detected 
racoon: oakley_dh_compute(MODP1024): 0.003545
racoon: alg_oakley_hmacdef_one(hmac_sha1 size=32): 0.000048
racoon: alg_oakley_hmacdef_one(hmac_sha1 size=145): 0.000016
racoon: alg_oakley_hmacdef_one(hmac_sha1 size=165): 0.000011
racoon: alg_oakley_hmacdef_one(hmac_sha1 size=165): 0.000011
racoon: alg_oakley_hmacdef_one(hmac_sha1 size=336): 0.000010
racoon: alg_oakley_encdef_encrypt(aes klen=128 size=48): 0.000115
racoon: phase1(ident I msg3): 0.007361
racoon: alg_oakley_encdef_decrypt(aes klen=128 size=48): 0.000021
racoon: alg_oakley_hmacdef_one(hmac_sha1 size=336): 0.000015
racoon: oakley_validate_auth(pre-shared key): 0.000217
racoon: phase1(ident R msg3): 0.000700
racoon: phase1(Identity Protection): 0.730750
racoon: alg_oakley_hmacdef_one(hmac_sha1 size=32): 0.000008
racoon: alg_oakley_encdef_encrypt(aes klen=128 size=64): 0.000008
racoon: INFO: ISAKMP-SA established 10.0.1.2[500]-10.0.1.1[500] spi:c975a7dfb6e52d2c:a61484394c7fe6e3
racoon: alg_oakley_encdef_decrypt(aes klen=128 size=64): 0.000009
racoon: alg_oakley_hmacdef_one(hmac_sha1 size=32): 0.000013
racoon: [10.0.1.1] INFO: received INITIAL-CONTACT

The example output below shows a successful negotiation from the point of view of the responding host.

10.0.1.1 ~ # tail -f /var/log/messages

Feb 10 15:20:59 backup1 racoon: INFO: respond new phase 1 negotiation: 10.0.1.1[500]<=>10.0.1.2[500]
racoon: INFO: begin Identity Protection mode.
racoon: INFO: received Vendor ID: RFC 3947
racoon: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-08
racoon: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-07
racoon: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-06
racoon: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-05
racoon: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-04
racoon: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-03
racoon: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-02
racoon: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-02
racoon: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-01
racoon: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-00
racoon: INFO: received broken Microsoft ID: FRAGMENTATION
racoon: INFO: received Vendor ID: DPD
racoon: [10.0.1.2] INFO: Selected NAT-T version: RFC 3947
racoon: phase1(ident R msg1): 0.000845
racoon: [10.0.1.1] INFO: Hashing 10.0.1.1[500] with algo #2 
racoon: INFO: NAT-D payload #0 verified
racoon: [10.0.1.2] INFO: Hashing 10.0.1.2[500] with algo #2 
racoon: INFO: NAT-D payload #1 verified
racoon: INFO: NAT not detected 
racoon: oakley_dh_generate(MODP1024): 0.003742
racoon: [10.0.1.2] INFO: Hashing 10.0.1.2[500] with algo #2 
racoon: [10.0.1.1] INFO: Hashing 10.0.1.1[500] with algo #2 
racoon: INFO: Adding remote and local NAT-D payloads.
racoon: oakley_dh_compute(MODP1024): 0.003518
racoon: alg_oakley_hmacdef_one(hmac_sha1 size=32): 0.000044
racoon: alg_oakley_hmacdef_one(hmac_sha1 size=145): 0.000018
racoon: alg_oakley_hmacdef_one(hmac_sha1 size=165): 0.000012
racoon: alg_oakley_hmacdef_one(hmac_sha1 size=165): 0.000011
racoon: phase1(ident R msg2): 0.029955
racoon: alg_oakley_encdef_decrypt(aes klen=128 size=48): 0.000142
racoon: alg_oakley_hmacdef_one(hmac_sha1 size=336): 0.000018
racoon: oakley_validate_auth(pre-shared key): 0.000280
racoon: alg_oakley_hmacdef_one(hmac_sha1 size=336): 0.000013
racoon: alg_oakley_encdef_encrypt(aes klen=128 size=48): 0.000007
racoon: phase1(ident R msg3): 0.001691
racoon: phase1(Identity Protection): 0.677624
racoon: alg_oakley_hmacdef_one(hmac_sha1 size=32): 0.000008
racoon: alg_oakley_encdef_encrypt(aes klen=128 size=64): 0.000008
racoon: INFO: ISAKMP-SA established 10.0.1.1[500]-10.0.1.2[500] spi:c975a7dfb6e52d2c:a61484394c7fe6e3
racoon: alg_oakley_encdef_decrypt(aes klen=128 size=64): 0.000009
racoon: alg_oakley_hmacdef_one(hmac_sha1 size=32): 0.000015
racoon: [10.0.1.2] INFO: received INITIAL-CONTACT

We can also use the racoonctl application, as before, to verify that an ISAKMP SA has been established. The examples below show the expected output from the initiator and the responder respectively.

10.0.1.2 ~ # racoonctl -l show-sa isakmp

Destination            Cookies                           ST S  V E Created             Phase2

10.0.1.10.500          c975a7dfb6e52d2c:a61484394c7fe6e3  9 I 10 M 2012-02-10 15:21:00      0

10.0.1.1 ~ # racoonctl -l show-sa isakmp

Destination            Cookies                           ST S  V E Created             Phase2

10.0.1.2.500           c975a7dfb6e52d2c:a61484394c7fe6e3  9 R 10 M 2012-02-10 15:21:00      0

Establishing an IPsec SA

Once we are sure that the racoon daemons are configured correctly and that a Phase 1 Key Exchange is possible between the participating hosts we can move on to actually securing some network traffic.

So that we can still contact the participating hosts using ssh should something go wrong, and to avoid unduly disrupting other network traffic in the event of such a misconfiguration, we shall use a very selective Security Policy which will ensure that ICMP packets sent between two hosts will be secured with an Authentication Header. Clearly, this Security Policy may be easily extended to cover other network traffic once we are confident that everything is working as intended.

Whenever the networking configuration of a computer is modified there is always a possibility that the computer will no longer be reachable over the network. Please ensure that physical access or other means of remotely correcting any configuration issues are available before proceeding with the examples in this section.

/etc/ipsec-tools.conf [10.0.1.1]

#! /usr/sbin/setkey -f

# Flush the SPD and SAD
spdflush;
flush;

# Require IPsec AH when sending/receiving ICMP packets
spdadd 10.0.1.1/32 10.0.1.2/32 icmp -P in  ipsec ah/transport//require;
spdadd 10.0.1.2/32 10.0.1.1/32 icmp -P out ipsec ah/transport//require;

As you can see from our two example IPsec configurations (above and below) we have secured ICMP traffic between two hosts using an Authentication Header. It is extremely important that the source and destination addresses as well as the direction are all correct if the rule is to function correctly. Once the desired IPsec policy has been tested the source and destination addresses may be replaced with the base address and network mask of the local area network segment to apply the policy to all communications on that network segment.

/etc/ipsec-tools.conf [10.0.1.2]

#! /usr/sbin/setkey -f

# Flush the SPD and SAD
spdflush;
flush;

# Require IPsec AH when sending/receiving ICMP packets
spdadd 10.0.1.2/32 10.0.1.1/32 icmp -P in  ipsec ah/transport//require;
spdadd 10.0.1.1/32 10.0.1.2/32 icmp -P out ipsec ah/transport//require;

When the new security policy configurations have been created the racoon daemon will need restarting on all participating hosts, as shown below.

lisa ~ # /etc/init.d/racoon restart

We can now initiate a Phase 2 Key Exchange using either of the two methods below. The first uses the racoonctl application to manually establish an IPsec SA suitable for use with AH and ICMP. The second method uses the ping utility to generate some ICMP traffic which matches our policy which should cause the kernel to automatically signal the racoon daemon to establish a suitable SA.

10.0.1.2 ~ # racoonctl establish-sa ah inet 10.0.1.2 10.0.1.1 icmp

10.0.1.2 ~ # ping -c3 10.0.1.1

64 bytes from 10.0.1.10: icmp_req=3 ttl=63 time=0.351 ms

--- 10.0.1.10 ping statistics ---

3 packets transmitted, 1 received, 66% packet loss, time 1999ms

rtt min/avg/max/mdev = 0.351/0.351/0.351/0.000 ms

When using the second method to initiate a connection it should be noted that it takes some time for an ISAKMP SA and an IPsec SA to be established. During this time network communications between the two hosts will be queued for transmission once the correct SAs have been established.

As before we can check the system log to see if everything worked as expected. The example below shows the logs from the initiating side.

10.0.1.2 ~ # tail -f /var/log/messages

racoon: INFO: initiate new phase 2 negotiation: 10.0.1.2[500]<=>10.0.1.1[500]
racoon: oakley_dh_generate(MODP1024): 0.001871
racoon: alg_oakley_hmacdef_one(hmac_sha1 size=316): 0.000007
racoon: alg_oakley_encdef_encrypt(aes klen=128 size=352): 0.000011
racoon: phase2(quick I msg1): 0.002035
racoon: alg_oakley_encdef_decrypt(aes klen=128 size=256): 0.000012
racoon: alg_oakley_hmacdef_one(hmac_sha1 size=248): 0.000009
racoon: alg_oakley_hmacdef_one(hmac_sha1 size=37): 0.000006
racoon: alg_oakley_encdef_encrypt(aes klen=128 size=32): 0.000004
racoon: oakley_dh_compute(MODP1024): 0.001803
racoon: alg_oakley_hmacdef_one(hmac_sha1 size=165): 0.000007
racoon: alg_oakley_hmacdef_one(hmac_sha1 size=185): 0.000010
racoon: alg_oakley_hmacdef_one(hmac_sha1 size=185): 0.000007
racoon: alg_oakley_hmacdef_one(hmac_sha1 size=185): 0.000006
racoon: alg_oakley_hmacdef_one(hmac_sha1 size=185): 0.000007
racoon: alg_oakley_hmacdef_one(hmac_sha1 size=165): 0.000005
racoon: alg_oakley_hmacdef_one(hmac_sha1 size=185): 0.000006
racoon: alg_oakley_hmacdef_one(hmac_sha1 size=185): 0.000007
racoon: alg_oakley_hmacdef_one(hmac_sha1 size=185): 0.000006
racoon: alg_oakley_hmacdef_one(hmac_sha1 size=185): 0.000007
racoon: phase2(quick I msg2): 0.006034
racoon: INFO: IPsec-SA established: AH/Transport 10.0.1.2[500]->10.0.1.1[500] spi=111521208(0x6a5adb8)
racoon: phase2(quick): 0.011202
racoon: INFO: IPsec-SA established: AH/Transport 10.0.1.2[500]->10.0.1.1[500] spi=6242900(0x5f4254)

For completeness the logs from the responding side are provided below.

10.0.1.1 ~ # tail -f /var/log/messages

racoon: INFO: respond new phase 2 negotiation: 10.0.1.1[500]<=>10.0.1.2[500]
racoon: alg_oakley_encdef_decrypt(aes klen=128 size=352): 0.000014
racoon: alg_oakley_hmacdef_one(hmac_sha1 size=316): 0.000008
racoon: phase2(???): 0.000139
racoon: oakley_dh_generate(MODP1024): 0.001804
racoon: alg_oakley_hmacdef_one(hmac_sha1 size=248): 0.000005
racoon: alg_oakley_encdef_encrypt(aes klen=128 size=256): 0.000007
racoon: phase2(quick R msg1): 0.001918
racoon: alg_oakley_encdef_decrypt(aes klen=128 size=32): 0.000005
racoon: alg_oakley_hmacdef_one(hmac_sha1 size=37): 0.000007
racoon: oakley_dh_compute(MODP1024): 0.001848
racoon: alg_oakley_hmacdef_one(hmac_sha1 size=165): 0.000007
racoon: alg_oakley_hmacdef_one(hmac_sha1 size=185): 0.000006
racoon: alg_oakley_hmacdef_one(hmac_sha1 size=185): 0.000006
racoon: alg_oakley_hmacdef_one(hmac_sha1 size=185): 0.000012
racoon: alg_oakley_hmacdef_one(hmac_sha1 size=185): 0.000008
racoon: alg_oakley_hmacdef_one(hmac_sha1 size=165): 0.000012
racoon: alg_oakley_hmacdef_one(hmac_sha1 size=185): 0.000006
racoon: alg_oakley_hmacdef_one(hmac_sha1 size=185): 0.000006
racoon: alg_oakley_hmacdef_one(hmac_sha1 size=185): 0.000006
racoon: alg_oakley_hmacdef_one(hmac_sha1 size=185): 0.000006
racoon: phase2(???): 0.005316
racoon: INFO: IPsec-SA established: AH/Transport 10.0.1.1[500]->10.0.1.2[500] spi=6242900(0x5f4254)
racoon: phase2(quick): 1330361124.076928
racoon: INFO: IPsec-SA established: AH/Transport 10.0.1.1[500]->10.0.1.2[500] spi=111521208(0x6a5adb8)

We can also use the racoonctl application to check that the correct Security Associations were established, as shown in the following example.

10.0.1.2 ~ # racoonctl show-sa ipsec

10.0.1.2 10.0.1.1 
	ah mode=transport spi=6242900(0x005f4254) reqid=0(0x00000000)
	A: hmac-sha512  e7fced21 dd353450 d3d5965d 2bd1eb9f 1509f107 7b0fae85 02764bff 6876051a ad908c13
	seq=0x00000000 replay=4 flags=0x00000000 state=mature 
	created: Feb 27 17:45:21 2012	current: Feb 27 17:46:22 2012
	diff: 61(s)	hard: 43200(s)	soft: 34560(s)
	last:                     	hard: 0(s)	soft: 0(s)
	current: 0(bytes)	hard: 0(bytes)	soft: 0(bytes)
	allocated: 0	hard: 0	soft: 0
	sadb_seq=1 pid=32273 refcnt=0
10.0.1.1 10.0.1.2 
	ah mode=transport spi=111521208(0x06a5adb8) reqid=0(0x00000000)
	A: hmac-sha512  2a2ba836 0c553cba cb979c94 f501808c ed0b4919 efe36baf e8dff055 1fb6bb6a 6077e784
	seq=0x00000000 replay=4 flags=0x00000000 state=mature 
	created: Feb 27 17:45:21 2012	current: Feb 27 17:46:22 2012
	diff: 61(s)	hard: 43200(s)	soft: 34560(s)
	last:                     	hard: 0(s)	soft: 0(s)
	current: 0(bytes)	hard: 0(bytes)	soft: 0(bytes)
	allocated: 0	hard: 0	soft: 0
	sadb_seq=0 pid=32273 refcnt=0

Limitations of Pre-Shared Keys

Whilst the racoon daemon greatly simplifies the configuration of security policies You may well have noticed, while examining the examples in this section, that the use of Pre-Shared Keys has