Dear Folks. I wonder if there's a IPSec deployment where the IPSec header would preserve the information contained at the byte ToS of the IP packet header, so it would be feasible confront this value against a match statement at a service-police. Yours Truly. Jimmi.