RE: IPSec Latency [7:15874]

Mon, 13 Aug 2001 13:28:55 -0700 


The maximum delay for keepalives really depend on your phase one and phase
two lifetimes. And if you have an idle timer set for your tunnels and
whatever that value may be. Keepalives are mostly supported by your router
or vpn box. I haven't ran across a client that supported keepalives.
Although there may be one. It only takes one direct for keepalives to keep
the tunnel up. As for documentation, I haven't seen any. I have been working
with IPSEC for a little over a year now and I have yet to see alot of vender
specific documentation, only because IPSEC is still new and being tweaked. 



-----Original Message-----
From: Cisco Chic [mailto:[EMAIL PROTECTED]]
Sent: Monday, August 13, 2001 10:32 AM
To: [EMAIL PROTECTED]
Subject: IPSec Latency [7:15874]


Hi All,

I was wondering if anyone has any information or sites
which talk about how to tweak (if this can be done)
IPSec tunnls (via keepalives) from a dial up client to
a VPN5008?

We have a latency of around 800 milliseconds on a 
network and we are trying to determine what the
maximum delay can be in the network to keep the tunnel
up via keepalives. How long can the delay be for the
keepalives and who sends the keepalives or  are the
keepalives sent in both directions via remote dial up
access. (we are using static routes)

I know that a keepalive protocol is used by L2TP in
order to allow it to distinguish between a tunnel
outage and prolonged periods of tunnel inactivity. We
are trying to find out if this can be done for IPSec.

We have a open case with cisco tac currently to get
more details and have been looking at third party web
sites and RFCs. Can't find anything about latency but
have found performance issues concerning bw, memory
etc.

Any information or sites you can direct me to would be
great.

Thanks!!



__________________________________________________
Do You Yahoo!?
Send instant messages & get email alerts with Yahoo! Messenger.
http://im.yahoo.com/




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=15926&t=15874
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Reply via email to