[Swan] mark in route-based VPN
Paul Wouters
paul at nohats.ca
Thu Feb 9 20:26:16 UTC 2017
On Thu, 9 Feb 2017, Xinwei Hong wrote:
> mark=
> The mark number to use for this connection's IPsec SA policy. It will be used for all instances as well.
>
> in the example, we have:
>
> mark=5/0xffffffff
> How are those numbers used? What do 5 and 0xffffffff mean here? What is the guidance to select a number for it? e.g.
> when there are multiple VTIs configured. Does this mark have anything to do with mark in iptables?
Its the mark number and mask. Yes these are the same as the mark with
iptables where you can use it.
Paul
More information about the Swan
mailing list