Submit
Path:
~
/
/
usr
/
share
/
doc
/
iptables
/
html
/
File Content:
NAT-HOWTO-9.html
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN"> <HTML> <HEAD> <META NAME="GENERATOR" CONTENT="LinuxDoc-Tools 0.9.82"> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> <TITLE>Linux 2.4 NAT HOWTO: Source NAT and Routing</TITLE> <LINK HREF="NAT-HOWTO-10.html" REL=next> <LINK HREF="NAT-HOWTO-8.html" REL=previous> <LINK HREF="NAT-HOWTO.html#toc9" REL=contents> </HEAD> <BODY> <A HREF="NAT-HOWTO-10.html">Next</A> <A HREF="NAT-HOWTO-8.html">Previous</A> <A HREF="NAT-HOWTO.html#toc9">Contents</A> <HR> <H2><A NAME="s9">9.</A> <A HREF="NAT-HOWTO.html#toc9">Source NAT and Routing</A></H2> <P>If you are doing SNAT, you will want to make sure that every machine the SNAT'ed packets goes to will send replies back to the NAT box. For example, if you are mapping some outgoing packets onto the source address 1.2.3.4, then the outside router must know that it is to send reply packets (which will have <B>destination</B> 1.2.3.4) back to this box. This can be done in the following ways:</P> <P> <OL> <LI> If you are doing SNAT onto the box's own address (for which routing and everything already works), you don't need to do anything. </LI> <LI> If you are doing SNAT onto an unused address on the local LAN (for example, you're mapping onto 1.2.3.99, a free IP on your 1.2.3.0/24 network), your NAT box will need to respond to ARP requests for that address as well as its own: the easiest way to do this is create an IP alias, e.g.: <BLOCKQUOTE><CODE> <PRE> # ip address add 1.2.3.99 dev eth0 </PRE> </CODE></BLOCKQUOTE> </LI> <LI> If you are doing SNAT onto a completely different address, you will have to ensure that the machines the SNAT packets will hit will route this address back to the NAT box. This is already achieved if the NAT box is their default gateway, otherwise you will need to advertise a route (if running a routing protocol) or manually add routes to each machine involved.</LI> </OL> </P> <HR> <A HREF="NAT-HOWTO-10.html">Next</A> <A HREF="NAT-HOWTO-8.html">Previous</A> <A HREF="NAT-HOWTO.html#toc9">Contents</A> </BODY> </HTML>
Edit
Rename
Chmod
Delete
FILE
FOLDER
INFO
Name
Size
Permission
Action
NAT-HOWTO-1.html
1152 bytes
0644
NAT-HOWTO-10.html
2525 bytes
0644
NAT-HOWTO-11.html
910 bytes
0644
NAT-HOWTO-2.html
4346 bytes
0644
NAT-HOWTO-3.html
1444 bytes
0644
NAT-HOWTO-4.html
4400 bytes
0644
NAT-HOWTO-5.html
5139 bytes
0644
NAT-HOWTO-6.html
8397 bytes
0644
NAT-HOWTO-7.html
1324 bytes
0644
NAT-HOWTO-8.html
1136 bytes
0644
NAT-HOWTO-9.html
2091 bytes
0644
NAT-HOWTO.html
2666 bytes
0644
netfilter-extensions-HOWTO-1.html
2102 bytes
0644
netfilter-extensions-HOWTO-2.html
7807 bytes
0644
netfilter-extensions-HOWTO-3.html
28969 bytes
0644
netfilter-extensions-HOWTO-4.html
12548 bytes
0644
netfilter-extensions-HOWTO-5.html
7041 bytes
0644
netfilter-extensions-HOWTO-6.html
11242 bytes
0644
netfilter-extensions-HOWTO-7.html
2188 bytes
0644
netfilter-extensions-HOWTO-8.html
1021 bytes
0644
netfilter-extensions-HOWTO-9.html
2222 bytes
0644
netfilter-extensions-HOWTO.html
7267 bytes
0644
netfilter-hacking-HOWTO-1.html
7474 bytes
0644
netfilter-hacking-HOWTO-2.html
1718 bytes
0644
netfilter-hacking-HOWTO-3.html
8038 bytes
0644
netfilter-hacking-HOWTO-4.html
53338 bytes
0644
netfilter-hacking-HOWTO-5.html
1056 bytes
0644
netfilter-hacking-HOWTO-6.html
3028 bytes
0644
netfilter-hacking-HOWTO-7.html
9288 bytes
0644
netfilter-hacking-HOWTO-8.html
5234 bytes
0644
netfilter-hacking-HOWTO-9.html
835 bytes
0644
netfilter-hacking-HOWTO.html
3811 bytes
0644
packet-filtering-HOWTO-1.html
1891 bytes
0644
packet-filtering-HOWTO-10.html
2575 bytes
0644
packet-filtering-HOWTO-11.html
3742 bytes
0644
packet-filtering-HOWTO-2.html
1593 bytes
0644
packet-filtering-HOWTO-3.html
5775 bytes
0644
packet-filtering-HOWTO-4.html
2189 bytes
0644
packet-filtering-HOWTO-5.html
1644 bytes
0644
packet-filtering-HOWTO-6.html
3505 bytes
0644
packet-filtering-HOWTO-7.html
35616 bytes
0644
packet-filtering-HOWTO-8.html
1457 bytes
0644
packet-filtering-HOWTO-9.html
2333 bytes
0644
packet-filtering-HOWTO.html
2831 bytes
0644
N4ST4R_ID | Naxtarrr
