Chapter 16. IPSec VPN QoS Design

IPSec VPNs are the most widely deployed VPNs and are found in three main contexts:

  • Site-to-site IPSec VPNs

  • Teleworker IPSec VPNs

  • Remote-access client (mobility) IPSec VPNs

QoS considerations for site-to-site and teleworker IPSec VPNs are examined in this design chapter (as QoS is rarely–if ever–deployed in remote-access client IPSec VPN scenarios). These considerations include the following:

  • IPSec modes of operation

  • Bandwidth and delay increases because of encryption

  • IPSec and cRTP incompatibility

  • IP ToS byte preservation through IPSec encryption

  • QoS and Anti-Replay interaction implications

Following a discussion of these considerations, design recommendations for site-to-site and teleworker (DSL and cable) solutions are ...

Get End-to-End QoS Network Design now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.