Wed, 28 Jun 2000 16:40:19 +1000
In message <2175AA14AAC7D31186370080AD3ADF0D030B27@EXCHANGE> you write:
> I checked the HOWTO's and mailing list, but couldn't find an answer.
> Sorry if this is a re-hash of an old problem.
> I am running linux-2.4.0-test2 and iptables-1.1.0 on a fresh RedHat 6.2
> install. I'm trying to do Source NAT for a range of IP addresses and
> can't get it to work for addresses not set up on the system. In the lab
> I have this set up
> /sbin/iptables -t nat -A POSTROUTING -o eth0 -s <internal network>/24 -j
> SNAT --to <EXT_IP1>-<EXT_IPn>
> eth0 is EXT_IP1. IP's 2 through n are unused on the network. I send
> pings from a test host on the inside to a test host on the outside. The
> outside host sees the echo requests with the correct source addresses,
> does an arp_who_has for the source IP, but only gets a response from the
> firewall for EXT_IP1. The firewall doesn't do arp replies for the other
> SNAT'ed addresses.
You need to convince everyone to route those addresses to you. In
your case this means proxy arp, or adding those interfaces as aliases.