services.strongswan-swanctl.swanctl.connections.<name>.children.<name>.rekey_packets
Number of packets processed before initiating CHILD_SA rekeying.
Number of packets processed before initiating CHILD_SA rekeying. CHILD_SA rekeying refreshes key material, optionally using a Diffie-Hellman exchange if a group is specified in the proposal.
To avoid rekey collisions initiated by both ends simultaneously, a value
in the range of rand_packets gets subtracted to form the effective soft
packet count limit.
Packet count based CHILD_SA rekeying is disabled by default. If
life_packets is explicitly configured, rekey_packets defaults to
10% less than that.
- Type
null or signed integer- Default
null- Declared
- <nixpkgs/nixos/modules/services/networking/strongswan-swanctl/module.nix>