Question: Why it is not possible to mark packet BEFORE first "route selection" in OUTPUT chain

Question: Why it is not possible to mark packet BEFORE first "route selection" in OUTPUT chain

[macach]

I have a question.

I just want to understand this.

Why it is not possible to mark packet BEFORE "route selection" in OUTPUT chain.
And then choose route by mark
Then change source ip
And then send it to destination

Instead of this packet enter "route selection" where it SHOULD hit default route, otherwise it will never enter "-t mangle -A OUTPUT".
Default route changes it source ip.
"-t mangle -A OUTPUT" adds a mark
Then another "route selection" checks for marked route and redirects packet to appropriate interface, BUT doesn't change source ip (also why?)
Then "-t nat -A POSTROUTNG" changes source ip.


My question is why we can't mark packet BEFORE first "route selection", then choose routing table by mark, then change source ip, and send 
packet to interface.


Thank you for explanations.

Re: Question: Why it is not possible to mark packet BEFORE first "route selection" in OUTPUT chain

[Pascal Hambourg]

macach a écrit :
> 
> Why it is not possible to mark packet BEFORE "route selection" in OUTPUT chain.

Because when the initial route selection happens, the packet does not
exist yet. It is in the process of being created. The reason why route
selection takes place during the packet creation is that its result
influences packet features such as the source address, TOS...

Re: Question: Why it is not possible to mark packet BEFORE first "route selection" in OUTPUT chain

[macach]

On 10/25/2015 07:11 PM, Pascal Hambourg wrote:
> macach a écrit :
>>
>> Why it is not possible to mark packet BEFORE "route selection" in OUTPUT chain.
>
> Because when the initial route selection happens, the packet does not
> exist yet. It is in the process of being created. The reason why route
> selection takes place during the packet creation is that its result
> influences packet features such as the source address, TOS...
>

Thank you for your answer.

I understand that it necessary to put "something" into the packet header.
But why it should be one of many interfaces ip, which may be changed later.
In this case, without default route, packet will never left "route selection", this is completely irrational = just to put something and 
change it later.
If packet transformation doesn't finish at this point, why to apply routing and interface source ip?
Why do not use local host ip = 127.0.0.1, inside of output packet belongs to the local host anyway.

Then apply mangle (if any) and other modification (if any), then finally select appropriate route.
And routing decision should the last action, because I think router it just packet dispatcher.

Also I forgot to ask: why second "route selection" doesn't change source ip.
For example in multi-routing table when decision is made by port or destination.
It is necessary to add another operation to modify source ip according to interface: -t nat POSTROUTING ... -j SNAT ...


Thank you in advance.