Tue, 27 Jun 2000 10:26:49 -0500
I checked the HOWTO's and mailing list, but couldn't find an answer.
Sorry if this is a re-hash of an old problem.
I am running linux-2.4.0-test2 and iptables-1.1.0 on a fresh RedHat 6.2
install. I'm trying to do Source NAT for a range of IP addresses and
can't get it to work for addresses not set up on the system. In the lab
I have this set up
/sbin/iptables -t nat -A POSTROUTING -o eth0 -s <internal network>/24 -j
SNAT --to <EXT_IP1>-<EXT_IPn>
eth0 is EXT_IP1. IP's 2 through n are unused on the network. I send
pings from a test host on the inside to a test host on the outside. The
outside host sees the echo requests with the correct source addresses,
does an arp_who_has for the source IP, but only gets a response from the
firewall for EXT_IP1. The firewall doesn't do arp replies for the other
I can make it work using ip aliasing on eth0, but that would require me
to set up an alias for each masqueraded IP and that seems like a kludge.
I also looked into proxy_arp, but couldn't get it to work.
Does anyone have an idea what I'm missing? Thanks for your help.
Jeff A. Odegard
List admin: I am subscribed under a company mailing list account.