On 5/15/20 3:59 AM, Lorenz Bauer wrote: > > Yes, but that doesn't play well with changing the source address to > the local machine's, since the upper part of the stack will drop the > packet due to accept_local=0. Can you defer the source address swap to the Tx path? Let the packet go up the stack and do the fib lookup again as an skb. neighbor entry does not exist, so the packet is stashed, neighbor resolution done, once resolved the packet goes out. tc program on the egress device can flip the source address, and then subsequent packets take the XDP fast path. If the next host is on the same LAN I believe the stack will want to generate an ICMP redirect, but that can be squashed.
