ipsec and QoS
by KatrinAlec from LinuxQuestions.org on (#6GT6T)
I've set up multiple ipsec-tunnels on one machine.
There is quite a lot of data going over those tunnels.
When those ipsec-tunnels have to go back up after some interruption it takes very long to get them established (up to some minutes) and CPU load also goes up.
When there is no load on those tunnels everything works just fine
and once the session is established things seem to get back to normal until there is a rekeying.
I've tried to find out the reason for this behaviour.
Is it possible, that I need to set up QoS, so that the packets belonging to the the ipsec establishment get a higher priority than the those inside of the tunnels?
There is quite a lot of data going over those tunnels.
When those ipsec-tunnels have to go back up after some interruption it takes very long to get them established (up to some minutes) and CPU load also goes up.
When there is no load on those tunnels everything works just fine
and once the session is established things seem to get back to normal until there is a rekeying.
I've tried to find out the reason for this behaviour.
Is it possible, that I need to set up QoS, so that the packets belonging to the the ipsec establishment get a higher priority than the those inside of the tunnels?