IKE packets are used to negotiate IKE SAs and IPSec SAs or used for Deal Peer Detection (DPD). If IKE packets are lost during transmission, problems such as failures to negotiate IKE SAs and IPSec SAs may occur. As a result, packets cannot be protected by IPSec SAs. To solve these problems, ensure that network devices process IKE packets before service packets.
You can increase IKE packet priority by specifying the DSCP priority for IKE packets. This configuration ensures that IKE packets are processed in time on a busy network, improving transmission reliability of IKE packets.
You can configure the DSCP priority for IKE packets globally or on an IKE peer. The DSCP priority configured on an IKE peer takes precedence over that configured globally. When the DSCP priority is not configured on an IKE peer, the DSCP priority configured globally takes effect.