Ok, that KPTD helps a bit. Question about that though, it seems that a forwarded packet will have 3 chances at getting marked (PRE,FORWARD,POST); is that correct? Similarly, a packet originating on the QoS box will have 2 mark chances (OUTPUT and POST). If thats correct, is there any advantage to using one or the other. I dont see why you wouldnt just do everything in POSTROUTING since all packets go there eventually according to the diagram. btw, thanks for all the help
