diff --git a/send.go b/send.go
index 734c425..51ee7d3 100644
--- a/send.go
+++ b/send.go
@@ -157,6 +157,7 @@ func (peer *Peer) SendHandshakeInitiation(isRetry bool) error {
 	peer.cookieGenerator.AddMacs(packet)
 
 	peer.timersAnyAuthenticatedPacketTraversal()
+	peer.timersAnyAuthenticatedPacketSent()
 
 	err = peer.SendBuffer(packet)
 	if err != nil {
@@ -194,6 +195,7 @@ func (peer *Peer) SendHandshakeResponse() error {
 
 	peer.timersSessionDerived()
 	peer.timersAnyAuthenticatedPacketTraversal()
+	peer.timersAnyAuthenticatedPacketSent()
 
 	err = peer.SendBuffer(packet)
 	if err != nil {
@@ -544,6 +546,9 @@ func (peer *Peer) RoutineSequentialSender() {
 				continue
 			}
 
+			peer.timersAnyAuthenticatedPacketTraversal()
+			peer.timersAnyAuthenticatedPacketSent()
+
 			// send message and return buffer to pool
 
 			length := uint64(len(elem.packet))
@@ -555,9 +560,6 @@ func (peer *Peer) RoutineSequentialSender() {
 			}
 			atomic.AddUint64(&peer.stats.txBytes, length)
 
-			// update timers
-
-			peer.timersAnyAuthenticatedPacketTraversal()
 			if len(elem.packet) != MessageKeepaliveSize {
 				peer.timersDataSent()
 			}
diff --git a/timers.go b/timers.go
index b9f6b5a..75087cb 100644
--- a/timers.go
+++ b/timers.go
@@ -143,10 +143,6 @@ func expiredPersistentKeepalive(peer *Peer) {
 
 /* Should be called after an authenticated data packet is sent. */
 func (peer *Peer) timersDataSent() {
-	if peer.timersActive() {
-		peer.timers.sendKeepalive.Del()
-	}
-
 	if peer.timersActive() && !peer.timers.newHandshake.isPending {
 		peer.timers.newHandshake.Mod(KeepaliveTimeout + RekeyTimeout)
 	}
@@ -163,7 +159,14 @@ func (peer *Peer) timersDataReceived() {
 	}
 }
 
-/* Should be called after any type of authenticated packet is received -- keepalive or data. */
+/* Should be called after any type of authenticated packet is sent -- keepalive, data, or handshake. */
+func (peer *Peer) timersAnyAuthenticatedPacketSent() {
+	if peer.timersActive() {
+		peer.timers.sendKeepalive.Del()
+	}
+}
+
+/* Should be called after any type of authenticated packet is received -- keepalive, data, or handshake. */
 func (peer *Peer) timersAnyAuthenticatedPacketReceived() {
 	if peer.timersActive() {
 		peer.timers.newHandshake.Del()
@@ -173,7 +176,6 @@ func (peer *Peer) timersAnyAuthenticatedPacketReceived() {
 /* Should be called after a handshake initiation message is sent. */
 func (peer *Peer) timersHandshakeInitiated() {
 	if peer.timersActive() {
-		peer.timers.sendKeepalive.Del()
 		peer.timers.retransmitHandshake.Mod(RekeyTimeout + time.Millisecond*time.Duration(rand.Int31n(RekeyTimeoutJitterMaxMs)))
 	}
 }
@@ -195,7 +197,7 @@ func (peer *Peer) timersSessionDerived() {
 	}
 }
 
-/* Should be called before a packet with authentication -- data, keepalive, either handshake -- is sent, or after one is received. */
+/* Should be called before a packet with authentication -- keepalive, data, or handshake -- is sent, or after one is received. */
 func (peer *Peer) timersAnyAuthenticatedPacketTraversal() {
 	if peer.persistentKeepaliveInterval > 0 && peer.timersActive() {
 		peer.timers.persistentKeepalive.Mod(time.Duration(peer.persistentKeepaliveInterval) * time.Second)