On Thu, 21 Jul 2005, [ISO-8859-1] Jörg Harmuth wrote: > >>>local process -> routing -> OUTPUT chain -> routing -> POSTROUTING chain > >>> > >>>No problem with policy routing for the locally generated traffic. > >> > >>This sounds like a total overhead calculating the route twice. > > > > The first one is required to fill out output device for the packet. The > > second one is there to give chance to play with routing in OUTPUT. > > Still only 95% clear to me. You say, the second routing decision takes > place right after filter/OUTPUT ? And if so, do packets after > filter/FORWARD have this second routing decision too ? No, that's the forward path. But for the record: for locally generated packets the routing engine is called after OUTPUT only if source address, destination address, nfmark field or tos of the skbuff changed. So it's not called blindly for every packet. Best regards, Jozsef - E-mail : kadlec@xxxxxxxxxxxxxxxxx, kadlec@xxxxxxxxxxxxxxx PGP key : http://www.kfki.hu/~kadlec/pgp_public_key.txt Address : KFKI Research Institute for Particle and Nuclear Physics H-1525 Budapest 114, POB. 49, Hungary
