Hello there, i’ve got a question that i know it’s probably been already answered but i couldn’t find the answer.
I do not have MK gear to mess with right now, so can’t test this to find the answer, my question is:
Are the marks applied on packets/connections lost after said packets/connections are encapsulated/decapsulated?
For instance, a packet is marked with say “MK1”, that packet is then encapsulated with a GRE header and a new IP header, can i still refer to the packet by the mark “MK1”?
Let’s say that now the same packet after being encapsulated by GRE is encapsulated by IPSec, is the mark kept?
Same scenario but on decapsulation, say i marked a packet when it enters the router, it’s encrypted by IPSec and i add a mark “IPS1”, then the packet is decrypted, is the mark kept?
It is my understanding that packet and connection marks never leave the router which added them.
I am not certain from your question if you are referring to the marks in the same device which added them, then encapsulated them.
Or are you wanting to refer to the marks added on one device, call it router1, then encapulated and sent to a different device, call it router2, after decapsulating the packet on router2?
The packets on the “wire” are never actually modified to have the marks added. Marks are just “metadata” for the device currently processing the packet. The next device has to process the packet without the benefit of the work done to identify the connection or packet by the first device.
Hello, i do know that marks are only locally significant, my question was related to marks on the same device,
(same device)
1.- Packet gets in, get a mark of say MK01
2.- Packet is then encapsulated/decapsulated (still on same device), by any protocol (IPSec, GRE, L2TP, etc)
Is the device able to reference the original packet with the mark “MK01” even though not it’s been encapsulated/decapsulated by a different protocol than the one it had when got marked?
I believe the answer is no. I am not 100% certain.
I think you would have to tag the encapsulated packet at the time it was encapsulated because once it is encapsulated, it is a different packet.
It might help you to follow the packet processing through the packet processing flow charts which have been posted in here and on the Wiki. I don’t have time to review the flow path this week.