Openswan as IKE daemon
Openswan and strongSwan both seem to be actively developed, contrary to Racoon which is a port of the userland tools of the KAME FreeBSD and NetBSD utilities and which development seems to have slowed to a crawl.
current state of the project
- openl2tp and openswan don't play nice together...
Openl2tp and ipsec-tools (racoon) play together very nicely. I've been using them for quite a while with built-in Windows VPN client and no problems whatsoever (although not on the plug and not with hardware acceleration). By the way, ipsec-tools-0.8 was released just a few months ago, and judging by the activity in the mailing list, they have been working hard to make it happen. (Before choosing ipsec-tools I tried a couple of *swan-s and found them to be too much of bloatware. I'm not sure it's such a good thing that they are being actively developed further).
I'm quite indifferent to the IKE daemon used. I've tried all (Openswan, strongSwan and racoon), and all work for my purposes (since the rekey fix, which is unrelated to the IKE daemon used).
However: there have only been 6 commits in the entire year 2011 to the Racoon codebase, questions on their mailinglists remain unanswered, both their bug database and their mailinglists are completely littered with spam. I doubt there's much life in racoon after the 0.8.0 release....
Openswan creates a load of processes on startup. strongSwan seems cleaner, apparently has better IKEv2 support and is more modular in buildup (you can chose to only run the IKEv1 or IKEv2 daemon). They also claim to focus more on interoperability with as many other implementations as possible.
Right now I'd say strongSwan is the best choice.