Bhatia, Manav (Manav) writes: > And the reason why you might want to use WESP is to prioritize > certain protocol packets over the others, as is normally done for v4 > control packets (e.g. OSPFv3 HELLOs and ACKs over other OSPFv3 > packets)
You cannot do that, as if the packets get reordered more than what is the replay window size of the responder, then older packets will get dropped. If you want to do QoS you need to use multiple IPsec SAs each carrying only one traffic for one QoS level. See RFC4301 section 4.1. -- kivi...@iki.fi _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
