[LWN Logo]
[Timeline]
From: rhett <rhett@lineo.com>
Subject: Lineo technical bulletin -- NETtel enhancements
Date: Tue, 16 Jan 2001 16:53:00
To: lwn@lwn.net


Tech Bulletin

Lineo enhances NETtel family VPN Router technology

Lineo software engineers have completed a major enhancement to the NETtel
family of Internet security appliance OEM platforms by adding strong VPN
support based upon the IPSec standard. Many appliance style products
currently claim to have IPSec support but most lack the full IPSec feature
set and instead only support "pass through" mode - effectively only
permitting IPSec information to pass through the device but not adding
any
additional value or security.

Simple Steps to Success
The FreeS/WAN IPsec implementation (http://www.freeswan.org) was chosen
as
the basis for the enhancement as it was already open source while being
technically complete and mature. The NETtel devices are also under GPL
so
there was no concerns with tainting of code, and both FreeS/WAN and the
NETtel kernel - uClinux (http://www.lineo.com/products/embedix_uclinux)
are
freely available. The port took place in a matter of days, one of the
advantages of using a Linux operating system. Compatibility issues were
minimal, primarily because of the standardization of Linux library
interfaces.

This implementation provides support for both auto and manual keying,
and
typically uses 3DES for the tunnel encryption. Although encryption is
software based, there are hooks for the addition of hardware encryption
support such as for the Hi/fn 7901.

The overall uClinux kernel size increase was around 150kb for the full
IPSec
stack:	  	   	  	   	 

text	data		bss	Dec	hex	filename
403820	72080	74019	549919	8641f	std/linux
491144	127588	82733	701465	ab419	with-ipsec/linux


In addition, an application binary called Pluto was implemented to handle
the key management. This was also an opportunity to test the enhanced
malloc
that was described in a previous Lineo Technical Bulletin.

IPSec with the original uClinux malloc:
PID	PORT	STAT	SIZE	SHARED	%CPU	COMMAND
21	S0 	R	74K	OK	0.0	/bin/sh
17		S	520K	OK	0.0	pluto
22		S	39K	OK	0.0	/bin/inetd
23		S	39K	OK	0.0	/bin/flatfsd
24		S	137K	OK	0.0	/bin/boa


	Total	Used	Free	Shared	Buffers	Cached
Memory	2052096	1351680	700416	0	303104	24576		

   
Free pages	684kB (%0 frag, %27 slack)
Memory Total	2004 kB
Memory Free	684 kB
Buffers	296 kB
Cached	24 kB		
                
IPSec with the new malloc:

PID	PORT	STAT	SIZE	SHARED	%CPU	COMMAND
21	SO	R	54K	OK	0.2	/bin/sh
17		S	416K	OK	0.2	pluto
22		S	27K	OK	0.0	/bin/inetd
23		S	27K	OK	0.0	/bin/flatfsd
24		S	77K	OK	0.0	/bin/boa


	Total	Used	Free	Shared	Buffers	Cached
Memory	2052096	1122304	929792	0	307200	20480


Free pages	227 (908kB), %0 frag, %2 slack
Free Blks	2 min=1 max=226 avg=113
Used Blks	2 min=3 max=793 avg=398
Memory Total	2004 kB
Memory Free	908 kB
Buffers	300 kB
Cached	20 kB
          
Thus, with Pluto key management overheads use just over another 400K over
the kernel increase. However, some customers prefer to use their own key
distribution scheme as an alternative to Pluto, thus regaining the space.

On a NETtel 2520 raw loopback encryption yields IPSec throughput of
48Mb/second. In end-to-end tests via the NETtel results were measured
as:
    raw TCP/IP               ----------------------?  	8320 kb/s
    IPsec (software 3DES encryp) -----------?  	816 kb/s
    IPsec (Hifn hardware 3DES encrypt) ---?	3208 kb/s

Compatibility
By virtue of choosing the FreeS/WAN implementation the NETtel appliances
gain instant compatibility advantages with Cisco and Nortel equipment
as
well as common software such as Raptor Firewall, PGP on Macintosh, Windows
IPSEC clients, and Native Solaris IPSec software to name a few.

What is a VPN?
A VPN, or Virtual Private Network, is a group of two or more computer
systems, typically connected to a private LAN, that communicate "securely"
over the Internet. VPNs can replace a private WAN. Typically uses of a
VPN
are to connect branch offices and telecommuters into an enterprise-wide
corporate network via the Internet, and can eliminate all long distance
charges. A VPN should include encryption for privacy of data, strong
authentication to prevent third parties from "spoofing" data, and mechanisms
for preventing any tampering of messages that must pass through the
Internet. The end points of a VPN should not reveal information about
the
private network topology from potential attackers on the public network.
An
often overlooked security issue is that although a given VPN may be
inherently secure there are other ways of subverting the security such
as by
attacking the supporting framework of hosts, firewalls, and routers.

What is IPSec?
IPSEC is a set of extensions to the IP protocol family providing
cryptographic security services. These services include privacy
(encryption), authentication, and message integrity. Replay protection
is
also provided by merit of the combination of authentication and message
integrity. One of the practical features of IPSec is that it provides
similar services as SSL but operates at the network layer completely
transparently to your applications, and is much more powerful. We can
say
this because your applications do not have to have any knowledge of IPSec
to
be able to use it. You can use any IP protocol over IPSec. You can create
encrypted tunnels (VPNs), or just do encryption between computers.

So the three ways that IPSec would be setup are:
a) Host-to-Host (or, for example, Workstation-to-Workstation)
b) Host-to-Network (e.g. between a host and router)
c) Network-to-Network (e.g. router to router)
The last option, in combination with a secure firewalling router, let's
you
bridge remotely entire facilities seamlessly.

What are the protocols behind IPSec?
The term IPSec actually covers a series of protocols used to send
authenticated and/or encrypted data over IP networks. Roughly
speaking, the protocols fall into three categories: encapsulating
security payload (ESP) and authentication header (AH), which define
encryption and authentication methods for IP payloads; and the IP
security association key management protocol (ISAKMP), which
manages the exchange of secret keys between senders and recipients
of ESP or AH packets.

AH provides authentication, integrity, and replay protection but not
encryption and, unlike ESP, also secures parts of the IP header of the
packet (such as the source/destination addresses). However, ESP provides
privacy of the data by securing everything in the packet that
follows the header. Encryption can be used orthogonally to
authentication/integrity, and vice versa.

What about PPTP?
PPTP is an open documented standard published by the Internet Engineering
Task Force (IETF) as RFC 2637 ftp://ftp.ietf.org/rfc/rfc2637.txt.

The operation of PPTP as a VPN is performed by encapsulating the Point
to
Point Protocol (PPP) in IP and tunneling through an IP network. All
communication, authentication and encryption is handled almost exclusively
by PPP. The connection mechanism to the IP network is transparent to PPTP.

PPTP takes advantage of PPP for its authentication and encryption. PPP
can
support PAP, CHAP, MSCHAP and MSCHAPv2 authentication. PPP encryption
is
performed through compressor modules and under uClinux allow PPP to support
RC4 compatible 40-128 bit encryption.

PPTP is widely deployed in both client and server forms due its default
existence in Microsoft Windows platforms.

PPTP vs. IPSec
PPTP relies on the PPP daemon to provide the authentication and encryption
mechanisms. Microsoft's version of PPTP was recently upgraded to include
MSCHAPv2 and MPPE enhanced (and more secure) security protocols. Patches
are
available for the Linux PPP daemon that allow PPTP solutions such as PoPToP
to take advantage of Microsoft's enhanced VPN security.

Bruce Schneier, Chief Technical Officer of Counterpane Internet Security
Inc
(http://www.counterpane.com), recently analyzed Microsoft's MSCHAPv2 and
MPPE security protocols and found that Microsoft have addressed the major
security weaknesses found in MSCHAP. Schneier states that the fundamental
weakness of the current authentication and encryption protocols (MSCHAPv2
and MPPE) is that it is only as secure as the password chosen by the user.
MSCHAPv2 relies on password based keys in its authentication and encryption
mechanisms. Because most uses select poor passwords this can leave the
VPN
open to dictionary style password attacks. IPSec was also analyzed and
found
to be superior (security-wise) to PPTP.

PPTP VPN (with MSCHAPv2 and 40-128 bit RC4 encryption) is available now.
With the countless Windows machines already out there supporting PPTP
VPN
the cost effective solution is obvious.  Windows 98 has VPN client software
as an install option. Windows NT 4.0 comes with PPTP (server and client)
by
default. Patches (Microsoft Dial up Networking patch) exist for upgrading
windows 95 machines to include a PPTP client. Windows 2000 has PPTP and
IPsec by default. Again, the only problem is that your VPN is only as
secure
as the supporting infrastructure.

PoPToP - Lineo's PPTP Answer
PoPToP (http://poptop.lineo.com) is the PPTP VPN server for Linux (known
ports exist for Solaris, OpenBSD, FreeBSD and others). PoPToP allows Linux
servers to function seamlessly in PPTP VPN environments thus enabling
administrators to leverage the considerable benefits of both Microsoft
and
Linux. The current release version of PoPToP supports Windows 95, 98,
NT and
Windows 2000 PPTP clients as well as the Linux PPTP client.

PoPToP is a PPTP Access Concentrator (PAC) that employs an enhanced GRE
(Generic Routing Encapsulation - protocol 47) mechanism for carrying PPP
packets and a Control channel (port 1723) for PPTP control messages. The
basic operation of PoPToP is to wrap PPP packets up in IP on a NETtel
and
send them across the public Internet infrastructure. At the other end
of the
connection the PPP packets are stripped from the IP packet and handed
to the
PPP daemon. The operation is almost identical to a dial-in session, except
for the fact that the PPP packets are wrapped in IP and sent over an IP
network as opposed to a generic phone line and modem configuration.

PoPToP has been setup to support MSCHAPv2 authentication and RC4 compatible
40-128 bit encryption. A NETtel box running PoPToP can effectively replace
a
Windows NT PPTP VPN server. However, PoPToP does not support PNS operation.

PoPToP was released under the GNU GPL in April '99 and has since
found widespread acceptance on standard Linux servers and firewalls in
large
production sites and small business and home networks.

A Total VPN solution for OEMs and Systems Integrators
The NETtel family of appliances support both IPSec and PPTP while providing
a Linux firewall shield and additional gateway and server features such
as
Layer 3 routing, DHCP client/server, and numerous other standard Linux
services. With a range of connectivity options including ADSL, cable modem,
T1, ISDN, and V.90 the NETtel family is the first choice for OEMs wishing
to
bypass costly and risky development cycles to produce an end product in
unprecedented times (as little as four to six weeks).

Similarly, Systems Integrators are finding the units to be affordable
and
able to solve many edge problems as part of a total branded service offering.
NETtel units
are comparable to Cisco, Nortel, 3COM and other hardware systems as well
as commercial software firewalling systems running on Linux, Unix, and
Windows NT servers. More information may be found at
http://www.lineo.com/products/nettel/

About Lineo, Inc.
Lineo, Inc. provides Linux-based embedded systems, real-time and high
availability solutions that include software, hardware designs and professional
 services. Lineo's solutions allow OEMs to create devices and systems
that interact with the Internet while helping OEMs to reduce system requirement
s, per-unit costs and time-to-market. The company's key product lines
include: Embedixä (embedded Linux system software), uClinuxä (embedded
Linux for MMU-less processors), NETtel (Linux-based Internet appliances
for secure networking) and Availixä (mission-critical high availability
Linux cluster solutions). Contact Lineo at www.lineo.com, via e-mail to
info@lineo.com or by calling (801) 426-5001.