> Can the new IP ROUTE stuff in 2.2 do ONE-ONE NAT insted of the standard
> good ole MASQ (MANY-ONE)? I got hit with having to set up a nat solution
> by Saturday AM, and it looks like Linux is the only thing that could hit
> that deadline within budget.
ONE-ONE is the only thing, which ROUTE_NAT is able. It is supposed to be
used for site renumbering and to facilitate policy routing, rather
then to compress ip address space or to split load.
The setup is very easy: micro-howto may be found
at http://www.compendium.com.ar/policy-routing.txt
It is very small, but contains basic hints.
Also: ftp://post.tepkom.ru/pub/vol2/Linux/docs/advanced-routing.txt
> I'll also need it to pass through port numbers unmolested. :( (stupid
> state security).
I failed to parse it, but try to continue 8)
- it is stateless to be scalable. -> no dynamic nat, no load splitting.
- it does not touch packet payload to be fast and does not check
it to be not ambigous. -> no active ftp in one direction and no passive
in backward.
- it is not intended to remap only range of ports, though
it is possible with fwmark.
Alexey Kuznetsov
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/