[prev in list] [next in list] [prev in thread] [next in thread]
List: suse-security
Subject: RE: [suse-security] IPSec system design questions (slightly OT)
From: Ed <scotte () intheairnet ! com>
Date: 2001-06-30 4:21:17
[Download RAW message or body]
I would appreciate comments on some IPSec design issues.
A transportation manufacture recently requested proposals for
a Linux based system to put Internet and email services on
their vehicles. This system would let passengers plug a laptop
into the on board network. A number of protocols were specified
including IPSec. They also specified Linux kernel 2.4.x.
It seemed to me that they intended IPSec to be used from
transportation vehicle to satellite to fixed server. The VP
of Technology here has recently discussed using IPSec
on board vehicle from web server, email server and file
server to passenger seats - typically many hundreds of
passengers.
The transportation manufacture specified: "The file
server will not preclude a user from initiating and completing
a supported VPN connection from their user device through
the transportation manufacturer network using the IPSec and
PPTP protocol, as a minimum. The system should allow the
user to switch between IPSec VPN and non-VPN without need
of rebooting the laptop. The system will only pass IP based
protocols between the laptop passenger interface and the file
server. Passenger laptops will be assigned default gateway
address via DHCP. The default gateway should reside in the
server. The system will by default, route user outbound packets
to a configurable gateway."
Is it feasible to support IPSec from a passenger's laptop when
implementations of IPSec vary and either ESP or AH modes might
be used? If feasible what performance hit would be involved? I have
heard estimates of 40% when encryption is used (mileage may vary I
suppose based on CPU speed and resources).
I assumed that a "default gateway at the server" implied that the
IPSec pipe started or ended there. Since the transportation
manufacturer called out other security requirements to the passenger
seat, I assumed that IPSec to the seat was not required.
Examples of requested security: "Multiple passengers will not be
connected to shared physical media. Laptop users will not be
permitted to view packets from another user's network session.
Each passenger's laptop's user interface will be isolated to its own
link layer subnetwork. The passenger laptop will not be able to access
unauthorized IP address. The system will be immune to DoS attacks.
The server will ensure that passenger laptop's can only pass packets
with that user's assigned IP address."
My main question are,
1) "Does the transportation manufacturer really want IPSec extended
directly to the passenger's laptop?"
2) "Would it even be feasible to automate re configuration of IPSec
software running on a passenger laptop to avoid compatibility issues?"
3) "What would the performance cost be of running ESP or AH IPSec
on a laptop that might also be viewing an MPEG2 movie, web browsing
or playing a game?"
I would appreciate any opinions you care to offer.
The job you save may be my own. <s>
Thanks,
Ed
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic