IPSec
Introduction
IP Security (IPSec) is a protocol suite developed in the late 1990s that provides security services for Layer 3 IP datagrams, which otherwise have no inherent security. It is defined in RFCs 2401 through 2412. IPSec is optional for IPv4 and mandatory for IPv6. Because it operates at Layer 3, IPSec provides security for higher-level traffic, including TCP and UDP.
The IPSec suite defines the security protocols, the algorithms used to provide security, and the cryptographic keys required to provide the services.
Traffic protection is provided by two security protocols, Authentication Header ( AH) and Encapsulation Security Payload (ESP). AH provides connectionless integrity and data origin authentication for IP packets, authenticating the complete packet, including the IP header, except for IP header fields that change in transit. It also provides protection against replay attacks, a type of network attack in which valid data is maliciously transmitted repeatedly. ESP offers encryption to provide data confidentiality, and it authenticates the packet payload and the ESP header itself, but not the outer IP header. In the JUNOS software, you can configure either AH or ESP, or a combination of the two.
IPSec authentication algorithms use a shared key to verify the identity of the sending IPSec device. The protocol suite defines two algorithms, MD5 and SHA1. MD5 uses a one-way hash function to convert messages to a 128-bit digest. The calculated digest is compared with one that has been decrypted with a shared key, and if the two match, the IPSec device is authenticated. SHA1 is a stronger algorithm, producing a 160-bit digest. The JUNOS software implements the HMAC version of both these algorithms, and they are available for the AH and ESP protocols and for the Internet Key Exchange ( IKE) protocol, which establishes and maintains SAs and exchanges the authentication and encryption keys between IPSec devices.
Encryption, which is the encoding of packet data, is also done with algorithms that create and verify shared keys. The JUNOS software implements DES and Triple-DES for encryption, both with cipher block chaining ( CBC). DES-CBC uses a 64-bit key for encryption (56 bits for encryption and 8 bits for error checking), and the stronger 3DES-CBC uses three times the number of bits (168 bits) for encryption.
To identify the traffic to protect, IPSec creates security associations (SAs) to negotiate the desired security services. Each SA, which is identified by a security parameter index ( SPI), defines preferences for authentication, encryption, and security protocol. SAs can be either unidirectional or bidirectional and are created either manually or dynamically. For manual SAs, you configure matching preset shared keys for authentication and encryption, security protocols, and fixed SPI values on both ends of the IPSec connection. Dynamic SAs are negotiated by IKE, but you can configure recommended suggestions for all IPSec parameters. As a result of the negotiation with the peer, an SA pair is set up, one inbound and one outbound. The inbound half of the SA pair de-encrypts and authenticates the incoming traffic from the IPSec peer, and the outbound half encrypts and authenticates the outbound traffic going to the peer.
IPSec SAs operate in one of two modes, tunnel mode or transport mode. A tunnel mode SA is essentially an IP tunnel between two security gateways, which are routers or other devices protecting the networks behind them. One common way to use tunnel mode is to send secure traffic between two sites on an intranet (that is, within a corporate network). The router at each end of the tunnel acts as a security gateway. Any data transferred between the two sites is protected as it traverses the tunnel between the security gateways. Transport mode provides security between two hosts, protecting traffic (such as OSPF and BGP traffic) that is destined for the router itself.
For a tunnel mode SA, an IP header specifies the IPsec processing destination and an inner IP header specifies the packet's ultimate destination. The security protocol header is placed between the outer and inner headers. If the protocol is AH, portions of the outer IP header and the entire tunneled IP packet (the inner IP header and the higher-layer protocols) are protected. With ESP, only the tunneled packet is protected, not the outer header.
To use IPSec with M-series and T-series routers, the router must have either an ES PIC or an Adaptive Services (AS) PIC. The configuration for these two PICs differs slightly. The J-series routers also run IPSec but require no additional hardware because they have built-in AS functionality. In this chapter, we show how to configure IPSec with both PICs.