snat bridge routes reply packets
Martijn Lievaart
m at rtij.nl
Fri Sep 30 07:27:46 CEST 2005
Henrik Nordstrom wrote:
> On Thu, 29 Sep 2005, Martijn Lievaart wrote:
>
>> so I think I'm still missing something.
>
>
> Simplest setup explaining the case as I understood it:
>
> unknown network mesh -> Bridge running SNAT -> Internet
>
> and you want the bridge to SNAT whatever is seen from the internal
> network, no matter what address is being used. The bridge does not
> have full knowledge of how the internal network mesh looks like, only
> that packets coming in on that interface is from the internal network.
>
>
Ah, now I see. The unknown network mesh uses multiple routers which are
unknown to the bridge, so the bridge does not know where to route the
return packets, although it could know if it saved the mac the original
packet came from. Right?
M4
More information about the netfilter-devel
mailing list