You can use either 3DES or AES, but void DES
AES is known as significantly faster. 3DES consumes much resources, so 3DES could eventually slow down the system.
You must be aware that setting up an encrypted SWAP blocks the memory dumping in case of unstable system, so you won't be able to debug the system, because DUMP uses the SWAP device.
So I advise to use the following settings
I creates a label for the Swap partition, with 
 glabel label FreeBSD_SWAP /dev/ada....
In rc.conf we activate the dump device, and a special script to start the swap later
	
	
	
		Code:
	
	
		dumpdev="/dev/label/FeeeBSD_SWAP"
dumpdir="/var/crash"
savecore_flags="-m 5" #store a max of 5 memory dumps
geli_swap_enable="yes"
	 
 
In fstab we set the unencrypted swap, but with no auto-mounting (even if swap is not mounted, DUMP read the fstab to locate the Swap partition)
	
	
	
		Code:
	
	
		/dev/label/FreeBSD_SWAP    none     swap    sw,noauto
	 
 
In /usr/local/etc/rc.d put the following geli_swap script wth chmod 555, and chown 0:0
Example of rc.d script to start the swap :
	
	
	
		Code:
	
	
		#!/bin/sh
# $FreeBSD$
# PROVIDE: SWAP START
# REQUIRE :
# KEYWORD :
. /etc/rc.sub
name="geli_swap"
rcvar="geli_swap_enable
start-cmd="$(name)_start"
#stop_cmd="$(name)_stop"
load_rc config $name
geli_swap_start{}
{
geli onetime -d -a HMAC/SHA256 -e AES-XTS -l 256 -s 4096 ./dev/label/FreeBSD_SWAP
}
run_rc_command "$1"
	 
 
How does it work ?
System becomes unstable and crashes, swap is closed, and with the -d option, system automatically detaches the Geli Swap
So the base swap partition (unencrypted) is available again, and system can dump the memory in the swap partition before rebooting.
On reboot, first the system detects the DUMP device directive in rc.conf. The system checks if the unencrypted swap partition has dumping data. If yes it moves theses data from the swap partition to /var/crash, and so system can start the 
 geli_swap script.
Further, you will be able to load the content of /var/crash to debug the system with gdb
If unencrypted swap partition is empty, system can start immediately the 
 geli_swap script
Use 
 swapinfo to check if swap is running, you can also go to /dev/label and you will find
	
	
To list Geli devices
 geli list