Skip to content

SYSTEM Cited by 1 source

strongswan

What

strongswan (strongswan.org) is a widely-used open-source IPsec implementation for Linux, macOS, Android, Windows, and FreeBSD. It implements the [[systems/ikev2- protocol|IKEv2]] key-exchange protocol, the associated [ESP / AH] data-plane, and a broad set of authentication methods (certificate-based, pre-shared key, EAP, XAuth). strongswan has been under active development since 2005 as a fork of FreeS/WAN.

On the sysdesign-wiki, strongswan appears primarily in its reference-implementation role — the open-source codebase that commercial IPsec vendors and cloud providers test their implementations against for cross-implementation interoperability.

(Source: sources/2026-04-30-cloudflare-post-quantum-encryption-for-cloudflare-ipsec-is-ga)

Role in the wiki

strongswan is canonical as the reference IPsec implementation used by Cloudflare's IPsec team for pre-GA interoperability testing of post-quantum IPsec. Cloudflare's 2026-04-30 post:

"Earlier we announced the closed beta of our implementation of draft-ietf-ipsecme-ikev2-mlkem in production in our Cloudflare IPsec product and tested it against a reference implementation (strongswan)." (Source: sources/2026-04-30-cloudflare-post-quantum-encryption-for-cloudflare-ipsec-is-ga)

The role it plays:

  • Canonical implementation the standards community treats as baseline. If a new IPsec implementation interoperates with strongswan, it's considered protocol-conformant.
  • Implementation-first mover on IETF IPsec drafts — strongswan typically ships draft implementations before commercial appliances, which then test against it.
  • Zero-cost interop partner for pre-GA testing at commercial cloud providers. Cloudflare didn't need to wait for Cisco / Fortinet / Palo Alto hardware for initial validation; strongswan was sufficient.

Why strongswan is the reference

Three structural properties:

  1. Protocol coverage. strongswan implements the full IKEv2 / IPsec spec including extensions — RFC 9242 IKE_INTERMEDIATE (the extension point hybrid ML-KEM rides on), RFC 9370, RFC 8784, MOBIKE, etc.
  2. Permissive licensing. GPLv2+; commercial vendors can inspect the codebase freely and extract algorithmic details without licensing friction.
  3. Active standards participation. strongswan maintainers participate in the IETF IPSECME working group and ship draft implementations during the standardisation process rather than waiting for RFC publication.

Post-quantum support

strongswan supports hybrid ML-KEM per draft-ietf-ipsecme-ikev2-mlkem via its ML-KEM integration landed during 2024-2025. This made strongswan the pre-GA test harness for Cloudflare's IPsec PQ implementation. The strongswan codebase — being open-source — serves as a concrete disambiguation reference when an ambiguous clause in the draft needs a reading; the strongswan implementation is the de facto intended interpretation.

Similar reference-implementation roles on the wiki

  • OpenSSL — reference TLS / cryptographic-primitive implementation.
  • OpenSSH — reference SSH implementation; GitHub's 2025 PQ SSH rollout shipped sntrup761x25519-sha512 to github.com's OpenSSH server.
  • libsodium — reference modern-cryptography API surface.
  • strongswan — reference IPsec / IKEv2 implementation. (This page.)

All four are open-source codebases the commercial-implementation ecosystem uses as interop baselines.

Caveats

  • Not a hardware-appliance vendor. strongswan runs on commodity hosts (Linux, macOS, Android, Windows, FreeBSD) — not a replacement for branch-connector hardware (Cisco 8000 Series, Fortinet FortiGate, Palo Alto Networks) that enterprise deployments typically use. The role is standards-reference, not deployment- substrate.
  • Performance ≠ appliance-grade. For production enterprise deployments terminating many gigabits per second of IPsec traffic, dedicated ASICs in appliances beat strongswan-on-commodity- CPU by an order of magnitude. strongswan's role is correctness + coverage, not peak throughput.
  • The 2026-04-30 Cloudflare post mentions strongswan only as the pre-GA reference; no architectural internals or strongswan- specific deep dive on the wiki from this ingest.

Seen in

Last updated · 433 distilled / 1,256 read