Re: Advice on best way to set up multi-route NAT for lots of IPs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

On Fri, 2012-01-06 at 06:15 +0100, Anton Melser wrote:
> If the only way to do the NAT is with 1600 rules then I'll stop
> looking elsewhere, thanks!

I think it probably is the only option from what you've said, especially
given the variety of different networks you have. I can't comment on the
performance though, which was one of your original questions.

> There is also the matter of routing though. I agree that this question
> is more an iproute2 issue, and could/should be better asked on the
> iproute2 list.

Well, there isn't really an iproute2 list as such...

There's netdev and LARTC, both also hosted at VGER, but by all means try
your question here if you'd like.

>  In my mind marking the packets for ToS or fwmark was
> actually for use at the routing level.

Sounds like the way to go. Gives you plenty of flexibility.

> ps. I'll do a blog post when I get a coherent config set up and post
> back here for reference and your comments. It will need failover using
> connection tracking so could end up being a nice little article.

That would be excellent. The more "real life" examples there are, the


To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at

[Linux Netfilter Development]     [Linux Kernel Networking Development]     [Linux Networking Development]     [Linux Kernel Development]     [Linux Resources]     [LARTC]     [Bugtraq]     [Consulting]     [Free Internet Dating]     [Yosemite Forum]     [Photo]

Add to Google Powered by Linux