- Posts: 23
- Thank you received: 0
IPSec
- calicutbobby
- Topic Author
- Offline
- Junior Member
Less
More
18 years 11 months ago #12682
by calicutbobby
IPSec was created by calicutbobby
Hi,
We had a IPSec running between our network and our corporate office. We had voice traffic going through this network . Though initially everything was going fine lately we have found that there is a high level of breakage in the voice taking place. Can anyone help me figure out why this takes place.
We had a IPSec running between our network and our corporate office. We had voice traffic going through this network . Though initially everything was going fine lately we have found that there is a high level of breakage in the voice taking place. Can anyone help me figure out why this takes place.
18 years 11 months ago #12697
by Ozzy_98
It might be as simple as too much load on the server. I take it you're running IPSec in tunnel mode, so what encodes the IPSec? Voice has a *LOT* of data, and if it uses IPSec on it, it has to encode a lot. If voice data packets must be encoded, maybe you could lower the encoding to lighten the load (Just for voice). For example, AH wouldn't be needed. And you could pick MD5 over SHA1, DES over 3DES, ect. I don't think anyone will change voice data on the fly. If they do, well, *I* sure wouldn't want to try to keep them out of the network...
18 years 11 months ago #12703
by havohej
The explanation about the algorithms is great, but you are using hardware or software encryption??
Check the cpu and interface utlization.
Encrypting data and voice would add extra delay for the voice traffic, and if it exceed 150 ms one way it is broken.
I have also some routers doing voip but not encrypting them.
I'm not sure if this will work with your network but try to use LLQ defining the priority queue for voice traffic. An wred for avoiding the vocie queues get full congested because of the data traffic.
hope it helps, and luck
Salute
Check the cpu and interface utlization.
Encrypting data and voice would add extra delay for the voice traffic, and if it exceed 150 ms one way it is broken.
I have also some routers doing voip but not encrypting them.
I'm not sure if this will work with your network but try to use LLQ defining the priority queue for voice traffic. An wred for avoiding the vocie queues get full congested because of the data traffic.
hope it helps, and luck
Salute
- calicutbobby
- Topic Author
- Offline
- Junior Member
Less
More
- Posts: 23
- Thank you received: 0
18 years 11 months ago #12729
by calicutbobby
Replied by calicutbobby on topic thanks
Thanks for the replies but I would appreciate if someone could give bigger description of the problem. Though as informed voice do contain more packets than data and this would cause the delay but is there any other way to go through. We are using MD5.
Time to create page: 0.171 seconds