Hi Guys,
To use crypto ipsec fragmentation before-encryption (LAF) will have better
performance according to Cisco.
http://www.cisco.com/en/US/docs/ios/12_1/12_1e11/feature/guide/lookaheadfrag
.html
But I tried both ( before & after) and it seems to me after is slightly
better ( CPU utilization). Don't know why. There is another Cisco link
explaining after-encryption, but the condition is crypto map applied on both
physical and tunnel interfaces.
http://www.cisco.com/en/US/ts/fn/620/fn62394.html
Not sure if anyone has any experience on this... What is the best practise
in DMVPN phase 1 environment.
Thanks
Charles
Blogs and organic groups at http://www.ccie.net
Received on Fri Jun 10 2011 - 10:20:34 ART
This archive was generated by hypermail 2.2.0 : Fri Jul 01 2011 - 06:24:28 ART