mirror of https://github.com/tLDP/LDP
61 lines
1.9 KiB
XML
61 lines
1.9 KiB
XML
<!-- $Id$ -->
|
|
|
|
<chapter id="ch-snat">
|
|
<title>Masquerading and Source Network Address Translation</title>
|
|
<para>
|
|
Masquerading for connections or traffic initiated from inside a network.
|
|
Consider reading <xref linkend="ch-nat"/> for details on handling inbound
|
|
traffic or connections.
|
|
</para>
|
|
<para>
|
|
Masquerading has been supported under the linux kernel since before
|
|
kernel 2.0. The technique of masquerading
|
|
</para>
|
|
|
|
<!--
|
|
|
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - #
|
|
# #
|
|
# connection tracking #
|
|
# #
|
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - #
|
|
|
|
#
|
|
# connection tracking is done in /proc/net/ip_conntrack for
|
|
# both inbound (DNAT) and outbound (SNAT, MASQUERADE) connections
|
|
|
|
|
|
-->
|
|
|
|
<section id="snat-intro">
|
|
<title>Concepts of Source NAT</title>
|
|
<para>
|
|
</para>
|
|
<section id="snat-masq-diff">
|
|
<title>Differences Between SNAT and Masquerading</title>
|
|
<para>
|
|
Though SNAT and masquerading perform the same fundamental function,
|
|
mapping one address space into another one, the details differ
|
|
slighly. Most noticeably, masquerading chooses the source IP address
|
|
for the outbound packet from the IP bound to the interface through
|
|
which the packet will exit.
|
|
</para>
|
|
</section>
|
|
<section id="snat-double">
|
|
<title>Double SNAT/Masquerading</title>
|
|
<para>
|
|
</para>
|
|
</section>
|
|
</section>
|
|
<section id="snat-inbound">
|
|
<title>Issues with SNAT/Masquerading and Inbound Traffic</title>
|
|
<para>
|
|
</para>
|
|
</section>
|
|
<section id="snat-break">
|
|
<title>Where Masquerading and SNAT Break</title>
|
|
<para>
|
|
</para>
|
|
</section>
|
|
</chapter>
|