Hi Manuel,
On Mon, Mar 21, 2016 at 04:00:14PM +0100, Manuel José Muñoz Calero wrote:
I am evaluating these days the possibility to do something interesting which could be used as my project and also to put my bit for the OpenGGSN project.
thanks for reaching out about this.
Long story short, what about me implementing IPSec for GTP-C in OpenGGSN? Do you think it could be useful? Feasible?
I've quickly looked at the documents you linked, and they don't really state anything beyond "use IPsec for GTP". Specifically, the do not specify how to do key distribution, how to set up the SAs, whether they use a standard IKEv2 or something else, ...
As Linux has a fairly complete IPsec implementation consisting of the kernel-level IPsec transforms with its netlink interface and e.g. the Strongswan userland, I don't really think there is anything that would need to be done in addition to configuring both this IPsec stack and OpenGGSN.
So what exactly would you want to do? Am I missing something?