[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: iptables question


> On Nov 13, 2016, at 5:19 PM, Pascal Hambourg <pascal@plouf.fr.eu.org> wrote:
> 
>> Le 13/11/2016 à 22:27, Henning a écrit :
>> I followed this thread and i wonder if there is a sane reason why you do nat inside your network. Why don't you just route between different subnets i.e.  10.0.1.0/24 and 10.0.2.0/24
> 
> Probably because the modem and hosts in 10.0.0.0/24 don't know about 192.168.40.0/24.
> 

And usually there is no reason for two separate rfc1918 address ranges.
Pick one matching your address space needs and design subnets.
There is only one single reason for nat: you have more hosts than routable ip addresses. I guess 10.0.0.0 meets even the biggest organizations.

-H
Reply to: