Skip to content

Instantly share code, notes, and snippets.

@yaggytter

yaggytter/gist:1e08f735de4e6ef6d909

Created April 21, 2015 08:39
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save yaggytter/1e08f735de4e6ef6d909 to your computer and use it in GitHub Desktop.
Save yaggytter/1e08f735de4e6ef6d909 to your computer and use it in GitHub Desktop.
Download ZIP
VyOS謎たち
Raw
gistfile1.txt
SourceNATの謎
eth1を使うと変わらない〜
---
set nat source rule 10 outbound-interface 'eth0'
set nat source rule 10 source address '10.0.0.0/8'
set nat source rule 10 translation address 'masquerade'
vyos@vyos:~$ show nat source rules
Disabled rules are not shown
Codes: X - exclude rule, M - masquerade rule
rule intf translation
---- ---- -----------
M10 eth0 saddr 10.0.0.0/8 to 10.x.131.157
proto-all sport ANY
vyos@vyos:~$ show nat source translations
Pre-NAT Post-NAT Prot Timeout
10.x.153.182 10.x.131.157 icmp 29
---
set nat source rule 10 outbound-interface 'eth1'
set nat source rule 10 source address '10.0.0.0/8'
set nat source rule 10 translation address 'masquerade'
vyos@vyos:~$ show nat source rules
Disabled rules are not shown
Codes: X - exclude rule, M - masquerade rule
rule intf translation
---- ---- -----------
M10 eth1 saddr 10.0.0.0/8 to 10.x.131.31
proto-all sport ANY
vyos@vyos:~$ show nat source translations
Pre-NAT Post-NAT Prot Timeout
10.x.153.182 10.x.153.182 icmp 28
#変わってない〜
@yaggytter
Copy link
Author

VyOS 1.0.5, 1.1.3, 1.1.5 ともに同じ感じ

@yaggytter
Copy link
Author

masqueradeはPOSTROUTINGだから、単純にルーティングが向いていないのかも・・・

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment