strongSwan

Hello,

As discussed in the mailing list (https://lists.strongswan.org/pipermail/dev/2014-August/001048.html)
UDP packet drops on the HA link prevent nodes to be fully synchronized.

This leads to a lot of errors when:
- resyncing a segment with hundreds of tunnels.
- negociating thousands of tunnels in a short delay.

Implementing a bandwidth limiter and increasing the receive buffer size of the HA socket helped, but there are still problems.

Regards,