[c-nsp] IPSec deployment that preserves the IP ToS information.

Oliver Boehmer (oboehmer) oboehmer at cisco.com
Thu May 11 15:54:18 EDT 2006


jimmi <> wrote on Thursday, May 11, 2006 8:02 PM:

> I wonder if there's a IPSec deployment where the IPSec header
> would preserve the information contained at the byte ToS of
> the IP packet header, so it would be feasible confront this
> value against a match statement at a service-police.

this is default behavior for IOS Ipsec, the ToS byte is copied into the
IPSec header.. check
http://www.cisco.com/warp/public/105/crypto_qos.html for more info on
this subject..

	oli



More information about the cisco-nsp mailing list