[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: SNAT or MASQUERADE?



On Tue, Dec 04, 2001 at 07:45:45PM -0800, martin f krafft wrote:
> * mdevin@ozemail.com.au <mdevin@ozemail.com.au> [2001.12.05 11:32:39+1000]:
> > I didn't know you couldn't use DNAT if you used Masquerading.  Are you
> > sure?
> 
> think about it. masquerade is used when you have a single dynamic IP.
> if you had multiple IPs, then you don't have a dynamic IP connection,
> which means that you should be using SNAT. and with a single IP, DNAT
> is less interesting. it is possible (and i do it), for instance, to
> redirect port 22004 to my machine .4, port 22, but even though that
> uses the DNAT chain, it's really just port forwarding or relaying...
>
OK, I see the distinction now.  I guess I was just referring to port
forwarding in my previous example.

Thanks for clarifying things.

Cheers.
Mark. 

Attachment: pgpkmLPPFEStw.pgp
Description: PGP signature


Reply to: