[c-nsp] IPSec deployment that preserves the IP ToS information.
Oliver Boehmer (oboehmer)
oboehmer at cisco.com
Thu May 11 15:54:18 EDT 2006
jimmi <> wrote on Thursday, May 11, 2006 8:02 PM:
> I wonder if there's a IPSec deployment where the IPSec header
> would preserve the information contained at the byte ToS of
> the IP packet header, so it would be feasible confront this
> value against a match statement at a service-police.
this is default behavior for IOS Ipsec, the ToS byte is copied into the
IPSec header.. check
http://www.cisco.com/warp/public/105/crypto_qos.html for more info on
this subject..
oli
More information about the cisco-nsp
mailing list