I'm currently about to replace our existing 10.0.0.0/8 network into several /24 networks.
This covers 200+ servers.

Since I've NFS shares across the network I need to have these up and running meanwhile I'm doing the IP-range changes.

For this I though that SNAT and DNAT would be a good solution but I haven't succeeded doing it.

For the test I've 2 VLANS.

eth0
eth0.10 10.128.16.0/24
eth0.20 10.128.17.0/24

Not I want to map lets say 10.100.1.20 to the host who has 10.128.17.2 on VLAN eth0.20.

For doing this I did it this way.

# ip addr add 10.100.1.20/8 dev eth0
# iptables -t nat -I PREROUTING -i eth0 -s 0.0.0.0/0 -d 10.100.1.20 -j DNAT --to-destiation 10.128.17.2
# iptables -t nat -I POSTROUTING -o eth0 -s 10.128.17.2 -d 0.0.0.0/0 -j SNAT --to-source 10.100.1.20

I've used this setup earlier to map external addresses to a internal ip address but in this case it doesn't seam to work.

By doing some tcpdumps the ICMP never seams to reach the final host but the gateway instead.

Please advice, thanks!

Are you trying to DNAT packets from inside the vlan on one subnet to the same internal vlan on another subnet?

Packets moving this way will use ARP to locate the hosts rather than ip routing via a gateway..

If you are doing this to balance traffic across the segments, I would suggest you first add the second vlan ip address to each server, and then monitor traffic on the old ip addresses for any services that need reconfiguring.. then drop the old ip address on each server and split the segments.

A usual problem is the time it takes for ARP caches to go stale. You could use this time to move patch cords and introduce the new gateways.

I'm trying to DNAT it on another internal VLAN on another subnet.

I did try to use proxy_arp and add both 10.128.17.2 and 10.100.1.20 to the server but since it's locked to the 10.128.17.0/24 subnet and VLAN it didn't really work out.

So just to confirm..

You're testing on a separate subnet, a separate segment, and they are separated by the gateway?

That's correct