<html><head><meta http-equiv="content-type" content="text/html; charset=utf-8"></head><body dir="auto"><div>I will double check the kernel sources and update the man page if needed.</div><div id="AppleMailSignature"><br></div><div id="AppleMailSignature">Thanks,</div><div id="AppleMailSignature"><br></div><div id="AppleMailSignature">Paul<br><br>Sent from my iPhone</div><div><br>On Jul 31, 2016, at 9:28 PM, Jobst Schmalenbach <<a href="mailto:jobst@barrett.com.au">jobst@barrett.com.au</a>> wrote:<br><br></div><blockquote type="cite"><div>
<meta content="text/html; charset=windows-1252" http-equiv="Content-Type">
<p><font size="-1"><font face="Arial">Paul</font></font></p>
<p><font size="-1"><font face="Arial">you might want to update the
manuals if you say that 128 is possible:<br>
In <a class="moz-txt-link-freetext" href="https://libreswan.org/man/spi.8.html">https://libreswan.org/man/spi.8.html</a> it is written:<br>
</font></font></p>
<p class="level1"><span class="bold"> --replay_window</span>
replayw<br>
sets the replay window size; valid values are decimal, 1 to 64 </p>
<p><font size="-1"><font face="Arial"><br>
</font></font></p>
<p><font size="-1"><font face="Arial">Jobst</font></font></p>
<p><font size="-1"><font face="Arial"><br>
</font></font></p>
<p><font size="-1"><font face="Arial"></font></font><br>
</p>
<div class="moz-signature">
<title></title>
<div class="moz-signature">
<table style="background-color:white;border:0;font-family:Arial,Helvetica;" border="0" cellpadding="4" cellspacing="0">
<tbody>
<tr>
<td colspan="2" style="text-align:left;
color:black;font-size:12px;font-weight:bold;">Helping
people and businesses sell better</td>
</tr>
<tr>
<td style="margin:0;padding:0;width:280px;font-size:10px;vertical-align:top;">
<a href="http://www.barrett.com.au/" style="color:black;" title="Click to go to our
Barrett.com.au"><barrett_everybodylives_black.png></a><br>
</td>
<td style="margin:0;padding:0;padding-left:8px;width:270px;vertical-align:top;font-size:12px;">
<table style="background-color:white;border:0;font-family:Arial,Helvetica;" border="0" cellpadding="0" cellspacing="0">
<tbody>
<tr>
<td colspan="2" style="margin:0;padding:0;width:270px;vertical-align:top;">
<b style="font-size:12px;color:#000;">Jobst
Schmalenbach</b> </td>
</tr>
<tr>
<td colspan="2" style="margin:0;padding:0;padding-bottom:3px;padding-top:3px;width:270px;vertical-align:top;">
<span style="font-size:11px;color:#555;">
General Manager and Geek </span> </td>
</tr>
<tr>
<td style="width:15px;"><span style="font-size:11px;color:#555;"> <b>P</b></span></td>
<td><span style="font-size:11px;color:#555;">+61 3
9533 0000</span> </td>
</tr>
<tr>
<td style="width:15px;"><span style="font-size:11px;color:#555;"> <b>M</b></span>
</td>
<td> <span style="font-size:11px;color:#555;">+61
411 611 855</span> </td>
</tr>
<tr>
<td style="width:15px;"> <span style="font-size:11px;color:#555;"><b>E</b></span>
</td>
<td> <span style="font-size:11px;color:#555;"><a href="mailto:jobst@barrett.com.au" style="color:#555;text-decortion:underline;">jobst@barrett.com.au</a></span>
</td>
</tr>
<tr>
<td style="width:15px;"> <span style="font-size:11px;color:#555;"><b>W</b></span>
</td>
<td> <span style="font-size:11px;color:#555;"><a href="http://www.barrett.com.au" style="color:#555;text-decortion:underline;" title="Go to our Website">www.barrett.com.au</a></span>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
<tr>
<td style="height:50px;margin:0;padding:0;padding-left:3px;width:280px;vertical-aligin:middle;font-size:10px;">
<a style="color:#555;text-decoration:underline;" href="http://www.barrett.com.au/sales-training.html" title="Go to our Sales Training Pages">Sales Training</a>,
<a style="color:#555;text-decoration:underline;" href="http://www.barrett.com.au/sales-consulting.html" title="Go to our Sales Consulting Pages">Sales Consulting</a>,
<a style="color:#555;text-decoration:underline;" href="http://www.barrett.com.au/coaching.html" title="Go to our Coaching Pages">Coaching</a>, <a style="color:#555;text-decoration:underline;" href="http://www.barrett.com.au/assessments.html" title="Go to our Assessments Pages">Assessments</a> </td>
<td style="height:50px;margin:0;padding:0;padding-left:8px;width:270px;vertical-align:middle;font-size:10px;">
<a href="http://salesblog.barrett.com.au/" style="color:black;"><blog.png></a>
<a href="http://www.linkedin.com/groups?mostPopular=&gid=3672003" style="color:black;"><linkedin.png></a>
<a href="https://twitter.com/#%21/barrettconsult" style="color:black;"><twitter.png></a>
<a href="https://www.facebook.com/pages/Barrett-Consulting-Group/217319694964184" style="color:black;"><facebook.png></a>
</td>
</tr>
<tr>
<td colspan="2" style="text-align:left;
color:green;font-size:9px;">Consider the environment
before printing this email, please.</td>
</tr>
</tbody>
</table>
</div>
</div>
<div class="moz-cite-prefix">On 01/08/2016 02:12, Paul Wouters
wrote:<br>
</div>
<blockquote cite="mid:72AC69D4-B5B9-423B-ABE0-84378B789B7D@nohats.ca" type="cite">
<pre wrap="">Try libreswan-3.18 with replay-window=64 (or 128)
Paul
Sent from my iPhone
</pre>
<blockquote type="cite">
<pre wrap="">On Jul 27, 2016, at 11:09, Renzo Dani <a class="moz-txt-link-rfc2396E" href="mailto:arons7@gmail.com"><arons7@gmail.com></a> wrote:
Hi,
we have a vpn tunnel between two offices, both have an internet connection of 100Mbps.
Time to time we have serious issue with very poor bandwidth, the problem is not always present, some time we are experience a good bandwidth on the vpn too.
So we are currently not able to identify the problem, we already contact the two Internet service providers but they simply reply they cannot identify any issue on their network.
Iperf between the two vpn gateways using the tunnel (during problem occurs)
[ ID] Interval Transfer Bandwidth
[ 5] 0.00-1.00 sec 215 KBytes 1.76 Mbits/sec
[ 5] 1.00-2.00 sec 195 KBytes 1.60 Mbits/sec
[ 5] 2.00-3.00 sec 112 KBytes 920 Kbits/sec
[ 5] 3.00-4.00 sec 115 KBytes 942 Kbits/sec
[ 5] 4.00-5.00 sec 55.5 KBytes 454 Kbits/sec
[ 5] 5.00-6.00 sec 44.7 KBytes 366 Kbits/sec
[ 5] 6.00-7.00 sec 134 KBytes 1.10 Mbits/sec
[ 5] 7.00-8.00 sec 108 KBytes 887 Kbits/sec
[ 5] 8.00-9.00 sec 83.9 KBytes 687 Kbits/sec
[ 5] 9.00-10.00 sec 100 KBytes 821 Kbits/sec
[ 5] 10.00-10.03 sec 8.12 KBytes 2.02 Mbits/sec
- - - - - - - - - - - - - - - - - - - - - - - - -
[ ID] Interval Transfer Bandwidth
[ 5] 0.00-10.03 sec 0.00 Bytes 0.00 bits/sec sender
[ 5] 0.00-10.03 sec 1.14 MBytes 957 Kbits/sec receiver
Iperf between the two vpn gateways using public internet ips at the same time as before
[ ID] Interval Transfer Bandwidth
[ 5] 0.00-1.00 sec 9.50 MBytes 79.7 Mbits/sec
[ 5] 1.00-2.00 sec 11.2 MBytes 93.6 Mbits/sec
[ 5] 2.00-3.00 sec 11.0 MBytes 92.5 Mbits/sec
[ 5] 3.00-4.00 sec 11.1 MBytes 93.5 Mbits/sec
[ 5] 4.00-5.00 sec 11.2 MBytes 93.6 Mbits/sec
[ 5] 5.00-6.00 sec 11.2 MBytes 93.7 Mbits/sec
[ 5] 6.00-7.00 sec 11.2 MBytes 93.7 Mbits/sec
[ 5] 7.00-8.00 sec 11.2 MBytes 94.0 Mbits/sec
[ 5] 8.00-9.00 sec 11.2 MBytes 93.9 Mbits/sec
[ 5] 9.00-10.00 sec 11.2 MBytes 93.8 Mbits/sec
[ 5] 10.00-10.04 sec 510 KBytes 93.6 Mbits/sec
- - - - - - - - - - - - - - - - - - - - - - - - -
[ ID] Interval Transfer Bandwidth
[ 5] 0.00-10.04 sec 0.00 Bytes 0.00 bits/sec sender
[ 5] 0.00-10.04 sec 110 MBytes 92.2 Mbits/sec receiver
Our config:
config setup
nat_traversal=yes
oe=off
protostack=netkey
uniqueids=no
conn our_vpn
authby=secret
disablearrivalcheck=no
....
# PHASE 1
aggrmode=no
ike=aes256-sha2_256;modp3072
ikelifetime=8h
# PHASE 2
type=tunnel
phase2=esp
phase2alg=aes-256-sha2_256;modp3072
salifetime=2h
pfs=yes
auto=start
Thanks for any help/suggestion
Renzo
_______________________________________________
Swan mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Swan@lists.libreswan.org">Swan@lists.libreswan.org</a>
<a class="moz-txt-link-freetext" href="https://lists.libreswan.org/mailman/listinfo/swan">https://lists.libreswan.org/mailman/listinfo/swan</a>
</pre>
</blockquote>
<pre wrap="">_______________________________________________
Swan mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Swan@lists.libreswan.org">Swan@lists.libreswan.org</a>
<a class="moz-txt-link-freetext" href="https://lists.libreswan.org/mailman/listinfo/swan">https://lists.libreswan.org/mailman/listinfo/swan</a>
</pre>
</blockquote>
<br>
</div></blockquote></body></html>