Pardon the two-list post, but since IPsec is both networking and security...
I've been trying to port racoon2 (http://www.racoon2.wide.ad.jp/) - a BSD-licensed IKE daemon (and more) - to OpenSolaris. Darren Moffat suggested I post this URL: http://blogs.sun.com/danmcd/entry/racoon2_on_opensolaris_first_tiny here for people to see. And Darren --> I'm working the IKEv1 bits first as a regression test against the massive PF_KEY changes I need to make to racoon2, then I'll do IKEv2. It's gonna be a while, due to the divergence between KAME/WIDE and Solaris 9+ from the underpowered 2367 spec. The racoon2 port is part one of a two-part IKEv2 process. Once I get racoon2 ported, and hopefully contributed back to the racoon2 community, we will figure out what the integrated-into-ON solution will be. In spite of the OEM core, we have several bits of IKE that are open-sourceable (e.g. ikeadm(1M) and it's daemon-side support) and we have lots of OpenSolaris-specific technologies to exploit. It's only a small step, but we are moving IKE bits as the IKEv1 initiator. Dan
