Nat

sanjibgupta · 05-30-2011, 09:16 PM

Hi
I have a network of global ip xxx.yyy.141.0/24 and many local network running behind global ip proxy 192.168.0.0/16.

I want to add NAT

My machine xxx.yyy.141.36 on eth0 192.168.20.0/24 on eth1 .
I have another server xxx.yyy.141.64 on eth0 & 192.168.10.0/24

From my machine in the NAT rules of iptables
- A POSTROUTING -s 192.168.20.0/24 -d !192.168.0.0/16 -o eth0 -j MASQUERADE
Works fine my from local LAN 192.168.20.0/24
OR
- A POSTROUTING -s 192.168.20.0/25 -d !xxx.yyy.141.0/24 -o eth0 -j MASQUERADE
Also works ok. But I cannot make them work together

How can I go to both xxx.yyy.141.0/24 & 192.168.0.0/16 without NAT from my local LAN 192.168.20.0/24
Sanjib Gupta

estabroo · 05-31-2011, 05:18 PM

if you want to do it without nat then you'll need to put in routes for the various networks at the routers, essentially if you look at your network as a tree any non-leaf node will need routes in them to the leaf nodes under it and a default route going to it's parent node

sanjibgupta · 06-01-2011, 11:59 AM

Routing networks is not my problem. I am albe to reach all my network but it gets nat to the global IP which I don't want when I try to reach the global ip(xxx.yyy.141.0/24)
I want to move both within local ip range(192.168.0.0/16) & (xxx.yyy.141.0/24) with my loca ip as many servers only allow local IPs

Sanjib Gupta