[Q]Why do we use DNAT and SNAT ?
Thu, 26 Jul 2001 10:54:24 +0200
> soohong Park wrote:
> Hi all !
> While i study about netfilter especially nat, one question strikes me.
> Where are DNAT and SNAT used and what kind of service and network
> configuration is it available ?
> In DNAT case, i think it is available for configuring of web mirror
> And in SNAT case...... i don't know
SNAT is used if you have a LAN with private addresses (a la 192.168.0.1)
that should be able to surf the internet via a Linux box acting as a
gateway/firewall. All source ip addresses are rewritten to the external
ip address of the gateway. It is sometimes also called masquerading
(where the MASQUERADING target has a special function in iptables).
DNAT is often used for allowing clients on the internet to access hosts
behind a firewall where the hosts have private addresses.