Using conventional approaches, it may not be possible for network devices to differentiate transactions within IP security (IPsec), or other encrypted tunnels. Thus, the network may not apply differential processing, such as charging or quality of service (QoS) to various transactions passing through such tunnels.
Instead, network processing rules in conventional approaches may simply be applied in aggregate for such a tunnel. However, these conventional approaches may not allow for transaction awareness suitable for differential processing.