Jason Opperisano opie at
Sat Apr 23 00:24:56 CEST 2005

On Fri, Apr 22, 2005 at 05:12:41PM -0500, Taylor, Grant wrote:
> Are there any merits to using REDIRECT over (or under) DNAT when 
> redirecting traffic back to the box that is doing the redirecting?  
> Reference Alejandro Villarroel's post (and thread) at 
> I responded with an email stating to REDIRECT the traffic only moments 
> after Jason Opperisano responded stating to DNAT the traffic.  I'm just 
> curious if any one knows of any performance benefits / penalties for using 

REDIRECT is a special case of DNAT, where the dst IP is rewritten to the
IP address of the interface the packet is received on (optionally
re-writing the dst port as well).

i used DNAT in my response, as it wasn't clear from the OP what local IP
the translated packets needed to be sent to.


"Peter: I'd sell my soul to be famous.
 Satan: We've got a live one. Peter.
 Assistant: No good, sir. It seems he already sold his soul once in
 1977 for Bee Gees tickets and then again in 1983 for half a mallomar."
        --Family Guy

More information about the netfilter mailing list