Re: multiple outbound NAT

To: debian-user@lists.debian.org
Subject: Re: multiple outbound NAT
From: Paul van der Vlis <paul@vandervlis.nl>
Date: Thu, 08 Jan 2015 12:51:13 +0100
Message-id: <[🔎] m8lqvi$573$1@ger.gmane.org>
In-reply-to: <[🔎] 89D1798A7351D040B4E74E0A043C69D7AD5FF8DA@EinExch-01.tio.nl>
References: <[🔎] 89D1798A7351D040B4E74E0A043C69D7AD5FF8DA@EinExch-01.tio.nl>

Hi Bonno,

Op 08-01-15 om 07:57 schreef Bonno Bloksma:
> Hi,
> 
> At one place I have a Debian wheezy machine that acts as router / firewall using iptables and default routing.
> I used to have just 1 ip number on the uplink interface. And a simple 
>   $IPTABLES --table nat -A POSTROUTING -o $WORLD_IF -j MASQUERADE
> line in my firewall script sends all traffic out with that single ip addres via NAT.
> 
> Due to several reasons I now have to use more than 1 outbound ip address to make clear from which internal segment the traffic is coming from.
> So traffic coming from 172.16.20.0/24 needs to use $WORLD_IP1
> And traffic coming from 172.16.22.0/24 needs to use $WORLD_IP2
> And maybe traffic coming from 172.16.24.0/23 needs to use $WORLD_IP3
> 
> How do I configure something like that?

Maybe by adding network aliases, and using SNAT in your firewall.

See e.g. here:
http://stackoverflow.com/questions/18052116/iptables-postrouting-with-snat-for-a-paritcular-destination-ip

With regards,
Paul van der Vlis.


-- 
Paul van der Vlis Linux systeembeheer, Groningen
http://www.vandervlis.nl/

Reply to:

Follow-Ups:
- RE: multiple outbound NAT
  - From: Bonno Bloksma <b.bloksma@tio.nl>

References:
- multiple outbound NAT
  - From: Bonno Bloksma <b.bloksma@tio.nl>

Prev by Date: Been out of it, when will there be a new `testing'
Next by Date: Re: Been out of it, when will there be a new `testing'
Previous by thread: multiple outbound NAT
Next by thread: RE: multiple outbound NAT
Index(es):
- Date
- Thread