From 289a0e1fd09b1d2670bfe40f360a86e83e0f09a9 Mon Sep 17 00:00:00 2001 From: Claude Date: Mon, 11 May 2026 20:02:42 +0000 Subject: docs: address Copilot grammar review on ospf and vpp ipsec - ipsec.md: "to speed-up" -> "to speed up"; drop article in "creates a corresponding SAs and policies"; "there routes" -> "these routes". - ospf.md: "Cost calculation wireguard interfaces" -> "Cost calculation for WireGuard interfaces". https://claude.ai/code/session_01RDpSBDLSWLKMGnyPCaKECB --- docs/vpp/configuration/ipsec.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'docs/vpp') diff --git a/docs/vpp/configuration/ipsec.md b/docs/vpp/configuration/ipsec.md index 9dc0fca5..710a94b3 100644 --- a/docs/vpp/configuration/ipsec.md +++ b/docs/vpp/configuration/ipsec.md @@ -10,7 +10,7 @@ lastproofread: '2025-09-04' # VPP IPsec Configuration VPP Dataplane in VyOS can offload IPSec processing from kernel. This allows -to speed-up IPSec traffic handling significantly, when necessary conditions +to speed up IPSec traffic handling significantly when necessary conditions are met. :::{note} @@ -36,7 +36,7 @@ configuration itself. IPSec configuration management and control-plane operation, like IKE negotiation, is still done by the kernel and other daemons. After an IPSec tunnel is configured in the kernel, VPP receives the necessary -information via netlink messages and creates a corresponding SAs and policies +information via netlink messages and creates corresponding SAs and policies to be able to offload the traffic. When VPP is used for offloading IPsec, it creates a virtual interface of a @@ -208,7 +208,7 @@ Improper IPsec configuration can lead to various issues, including: - **Conflicting with kernel routes** If the kernel routes synchronization option is enabled, VPP will install - all the routes from kernel. If you have there routes configured via VTI + all the routes from kernel. If you have these routes configured via VTI interfaces to the IPsec peer, they will conflict with the policy routes created for the IPsec tunnel in VPP. Consider using policy-based IPSec configuration to avoid this or -- cgit v1.2.3