I've been studying IPSec in the last couple of days/weeks. Absolutely
fascinating. Learned an awful lot.
And it's frightening. There appear to be so many misconceptions about
IPSec. Most importantly, many of my senior colleagues in IT believe
that IPSec is a stable and reliable solution.
After reading the RFCs and playing with various implementations, I
feel that IKEv1 is a very fragile protocol. How do you do simple
things like detecting a dead peer? Uhm, yeah, depends on the
implementation. Kind of. How do you do rekeying? Uhm, yeah, let's
agree on a key lifetime but let's break horribly if we try to initiate
rekeying at the same time (sic). Also, let's negotiate a couple of
parameters when the IKE connection starts -- but let's leave it to the
implementation if those parameters actually have to match.
IKEv2 seems to be a big improvement, however many firewall appliances
out there still don't implement it. And there are still design issues
like rekeying collisions and duplicate CHILD-SAs.
Oh and how do you monitor an IPSec "tunnel"? I have no idea yet how to
do that properly.
All of my criticism applies to IPSec as a basis for site-to-site VPNs.
Those are long-running VPN tunnels that can't just be broken from time
to time. But maybe that's the problem. IPSec feels like it was meant
to connect two hosts with a secure channel for just a couple of
minutes. I feel like IPSec (meaning SAs, SPs, and the ESP protocol --
not IKE) and TLS are trying to do a very similar (if not the same)
thing. Why do we use IPSec for site-to-site VPNs so often? Probably
just because so many firewall appliances have built-in support for
IPSec and nothing else.
I probably sound very arrogant because I'm a newbie in this area and
I'm basically telling everybody that they're stupid. This is not my
intention. It's likely that I have not yet understood some core
principles. I'm well aware that I'm not an expert and I'm willing to
learn.
