Questions tagged [nat]
In computer networking, network address translation (NAT) is the process of modifying network address information in datagram (IP) packet headers while in transit across a traffic routing device for the purpose of remapping one IP address space into another.
2,011
questions
75
votes
1
answer
140k
views
What is the difference between a Source NAT, Destination NAT and Masquerading?
What is the difference between a Source NAT, Destination NAT and Masquerading?
For example, I thought IP Masqurading was what they used to call it in Linux?
But what confuses me is that in our Astaro ...
- 14.5k
64
votes
12
answers
97k
views
Loopback to forwarded Public IP address from local network - Hairpin NAT
This is a Canonical Question about Hairpin NAT (Loopback NAT).
The generic form of this question is:
We have a network with clients, a server, and a NAT Router. There is port forwarding on the ...
- 1,531
45
votes
6
answers
100k
views
Forwarding ports to guests in libvirt / KVM
How can I forward ports on a server running libvirt/KVM to specified ports on VM's, when using NAT?
For example, the host has a public IP of 1.2.3.4. I want to forward port 80 to 10.0.0.1 and port 22 ...
- 453
34
votes
4
answers
142k
views
Differences between bridged and NAT networking
I don't fully understand the differences between NAT and a bridged connection over an virtual machine. As far as I've found, machines which are on the same network with our host machine can access our ...
- 441
33
votes
7
answers
49k
views
How many computers can have the same public IP?
I've got a list of hundreds of page requests from the same IP and I need to know if these could be requests by different computers.
- 931
30
votes
5
answers
3k
views
Will everyone having Globally Accessible IP's in IPv6 be kind of a security nightmare? [duplicate]
Possible Duplicate:
Switch to IPv6 and get rid of NAT? Are you kidding?
I'm thinking about the way that in IPv4 most of the time you have a single point to configure a firewall on, mainly your ...
- 4,909
25
votes
1
answer
56k
views
Why Are There Only 65,535 Ports, and Will We Ever Have More? [closed]
I understand the original reasoning behind having 65,535 ports per IP address: this is the highest number that can be represented by a 16-bit, or 2-byte, number, and it wasn't conceivable that ...
- 395
24
votes
7
answers
6k
views
Why don't more organizations use inside-to-inside NAT or similar solutions to allow NAT hairpins?
Inside-to-inside NAT aka NAT loopback solves hairpin NAT issues when accessing a web server on the external interface of an ASA or similar device from computers on the internal interface. This ...
- 101k
23
votes
11
answers
48k
views
Windows Server 2008: specifying the default IP address when NIC has multiple addresses
I have a Windows Server which has ~10 IP addresses statically bound. The problem is I don't know how to specify the default IP address.
Sometimes when I assign a new address to the NIC, the default ...
22
votes
4
answers
120k
views
Ping: sendmsg: operation not permitted error after installing iptables on Arch GNU/Linux
Yesterday I got a new computer as my homeserver, a HP Proliant Microserver.
Installed Arch Linux on it, with kernel version 3.2.12.
After installing iptables (1.4.12.2 - the current version AFAIK) ...
- 381
22
votes
7
answers
24k
views
Why is it a bad idea to use multiple NAT layers or is it?
The computer network of an organization has a NAT with 192.168/16 IP address range. There is a department with a server that has an IP address 192.168.x.y and this server handles hosts of this ...
- 584
21
votes
3
answers
77k
views
What is strict, moderate and open NAT?
NAT options on domestic routers often come configured as strict. What does this mean? What do moderate or open do? Port-forwarding/DMZ access works properly on strict so why bother with the other two?
...
- 537
20
votes
5
answers
13k
views
Are people really going to use public IPv6 addresses on their private networks? [duplicate]
I have been reading the Debian System Administrator's Handbook, and I came across this passage in the gateway section:
...Note that NAT is only relevant for IPv4 and its limited address space;
in ...
- 321
18
votes
4
answers
29k
views
How to configure a custom NAT for use in Amazon VPC
I have an Ubuntu box I wish to use as NAT instance (among other things). I would prefer to avoid using the NAT AMIs provided by Amazon, and instead configuring NAT myself.
Currently, my host has a ...
- 3,437
17
votes
3
answers
54k
views
How to Set Up Linux Server As A Router with NAT
We have a simple router which has NAT of symmetric type, but because this router doesn't provide us with any debugging interface, we cannot figure out if a specific packet reaches the NAT or not.
...
- 579
17
votes
3
answers
43k
views
Exposing multiple servers behind NAT using a single public IP address
This is a Canonical Question about NAT and DNS
I'm currently trying to set up a network with a DMZ containing a web server and an e-mail server separated from the Internet by a network address ...
- 271
17
votes
2
answers
42k
views
Load balancing & NAT-ing multiple ISP connections on Linux
I have two internet connections from two different ISPs and I need to balance the traffic originating to and from my network between the two ISPs. I am using Debian GNU/Linux.
My set-up is like this -...
17
votes
3
answers
85k
views
VMWare networking mode (NAT or Bridged)?
I am running Windows 7 within a virtual Machine from my Mac. I use Windows 7 for Visual Studio primarily and also to host a dev install of IIS. There are two things I need and I am not sure what ...
- 604
17
votes
1
answer
31k
views
Create a multi-homed linux load balancer with two internet connections and one LAN connection
OK,... this has possibly been answered, unfortunately, I have not found anything that looks like it might be the resolution.
Ive looked at these pages and they have some useful information, but not ...
- 383
16
votes
3
answers
46k
views
Public static ip for vagrant box
I have server (Debian Squeeze) with 1 ethernet card and 2 public static IPs (188.120.245.4 and 188.120.244.5).
What I want: Setup virtual box (Ubuntu) with access via static IP (188.120.244.5).
...
- 183
16
votes
2
answers
18k
views
How to configure a static wildcard subdomain with dnsmasq
I have a network behind a NAT with a few machines.
The machines are:
router - NAT, dnsmasq, forwarding - directly connected to the inet
server - which runs ssh, www and some other stuff
clients - ...
- 623
16
votes
1
answer
42k
views
How are cellphone IP addresses assigned?
When my cellphone accesses a website via the tower and its GPRS gateway, NAT ensures that the sites receive a public IP. Would all phones using a single tower have the same IP?
If yes, then how can ...
- 560
14
votes
7
answers
24k
views
Accessing the DNAT'ted webserver from inside the LAN
I have a small network with a router, which maintains a connection to Internet, a server and some workstations in a local network.
Server is meant to be accessed from the Internet, and there are ...
- 484
14
votes
4
answers
51k
views
iptables nat does not exist
Today my iptables nat on the host system stopped working and I have no clue what happend! (That's very bad, I know)
All commands are executed as root user.
If I run $ iptables -t nat -L I get the ...
- 683
13
votes
3
answers
20k
views
AWS: NAT Gateway in public subnet. Why?
As I understand it, a public subnet is one that can route traffic to the internet via an Internet Gateway, and a private subnet is one that cannot (can't reach the internet nor it can be reached from ...
- 545
13
votes
5
answers
29k
views
NAT Gateway - Maximum connection limit
I know just enough networking to be dangerous. The nitty gritty low level details of NAT are not something I am particularly knowledgeable about.
I accidentally found myself in a discussion earlier ...
- 3,488
13
votes
2
answers
4k
views
IPv6 without nat but what about an isp change?
I haven't worked with IPv6 outside of 4to6 tunneling on my home pc with stuff like GoGoNet. I've read about how it works in a general way. No NAT required (or suggested) and each client uses a public ...
- 163
12
votes
4
answers
8k
views
What happens if two local systems download the same resource on same port?
I'm aware of NAT table. I just want to know what happens if two clients in a private local area network want to download exactly the same resource on the same port? In other words , When a packet ...
- 231
12
votes
2
answers
17k
views
How to persist iptables configuration on Amazon EC2 VPC NAT Ami? [duplicate]
I have a small script like this to configure the iptables:
#!/bin/bash
PRE_STR="iptables -t nat -A PREROUTING -p tcp -j DNAT"
FOR_STR="iptables -A FORWARD -p tcp -j ACCEPT"
#########################...
- 223
12
votes
2
answers
88k
views
Wireguard not completing handshake
I have two Debian GNU/Linux systems (bullseye/sid), both running wireguard on port 23456, both behind NAT. Both run a kernel version > 5.6 (wireguard mainlined).
System A is the server, and it ...
- 432
12
votes
4
answers
34k
views
Is it possible to configure a reverse VPN tunnel?
Basically, my goal is to have a 100% portable and independent server. I'm building it using a Raspberry Pi powered by solar panels and batteries, and it is to be connected to the internet using a 4g ...
- 219
11
votes
2
answers
13k
views
Why is nat required when proxy is enough? [closed]
My machine is connected in a local lan. to connect to the internet the traffic goes through proxy server. my understanding of proxy server is that it sends the request on behalf of the original ...
- 317
11
votes
1
answer
41k
views
Basic iptables NAT port forwarding
I have three machines: A local PC (public IP 1.2.3.4), an Ubuntu 10 Server box in a datacentre (eth0 on 5.6.7.8 public IP), and a third-party server hosting a website outside of my network (let's say ...
- 922
11
votes
1
answer
688
views
What ports should be mapped via NAT for Lync client?
I installed gateway with NAT between PC and network. User of PC can chat via Lync client but can't call or join conference. What ports should be mapped via NAT for Lync client to use all Lync ...
- 149
11
votes
2
answers
18k
views
iptables: Port forwarding with masquerading is not working
I'm having some issues with my port forwards. NAT seems to work ok and one out of the port forwards seem to work (udp port 7887 to machine 192.168.1.100). But not the others.
I doubt that it matters, ...
- 233
11
votes
2
answers
3k
views
Forwarding traffic from TUN device (C++ backend) to the default gateway
The following problem is just a piece of the bigger solution I have a problem with. All other elements seem working so far, so I'll try to describe very small piece which I have problem with.
I've ...
- 111
10
votes
4
answers
16k
views
AWS VPC + IPtables + NAT: Port Forwarding is not working
Yesterday, I posted a question here but I think was not clear enough in my words. BTW, This question is not a duplicate.
I have AWS VPC Setup as below.
GOAL/PROBLEM: SSH to Server A from internet. ...
- 504
10
votes
1
answer
747
views
Configuring 1:1 Nat using Firewalld for VM's
I've setup 2 vm's within my server and I'm trying to setup a 1:1 NAT for them with firewalld on CentOS 7. Currently both vm's are behind a virtual bridge (virbr0, vnet0, vnet1) and I've made copies of ...
- 285
9
votes
3
answers
29k
views
Windows 7 with internal port redirection, is it possible?
I received a request from one of our developers that I am having trouble solving.
Here in the office they use linux desktops and I can forward the localhost:80 via a iptables nat to localhost:8080. ...
- 208
9
votes
1
answer
40k
views
DNAT port range with different internal port range with Iptables
The standard way of DNATing a single port to a different port on an internal network is something like that:
ip(6)tables -t nat -A PREROUTING -i wan0 -p tcp --dport 80 --to-destination 10.0.0.1:8080
...
- 265
9
votes
2
answers
10k
views
Does the ELB also route outbound reply traffic in AWS
I have been trying to understand how routing works in an AWS VPC with public/private subnets.
I have a setup as recommended by amazon with an ELB and NAT in the public subnet and the webserver in the ...
- 290
9
votes
3
answers
5k
views
NAT: If two hosts initiate a connection to the same IP:PORT, with the same source PORT, how does the router handle it?
I was just thinking and that idea came to my mind.
Let say I have hosts A and B inside my local area network. I have a Router, and a host C in the internet. I know that when initiating the connection,...
- 389
9
votes
2
answers
9k
views
Symmetric NAT and UDP Hole Punching
I've read this question, but the explanation of Symmetric NAT wasn't detailed enough.
Please could someone help me to understand the following paragraphs?
I read this about Symmetric NAT:
Each ...
- 1,995
9
votes
1
answer
38k
views
strongSwan setup where both sides are behind NAT
I'm trying to setup a strongSwan server in my home and connect to it from another network. Let's say sun is the VPN server and venus is the client. Both sun and venus are behind NAT networks. sun is ...
- 384
8
votes
2
answers
5k
views
DMZ subnet: to NAT or not to NAT?
I'm looking at setting up a DMZ behind a Cisco ASA that will contain a large number of HTTP front-end load balancers and SSL offload services - over 100 IPs, concentrated on a smaller number of hosts.
...
- 3,377
8
votes
3
answers
4k
views
How widely deployed is carrier grade NAT?
I was just reading How bad is IPv4 address exhaustion really? and noticed this comment, which seems to imply that carrier grade NAT is actually widely deployed. I was always under the impression that ...
- 891
8
votes
1
answer
12k
views
AWS VPC routing table with both Internet Gateway and NAT Gateway
I have a single VPC in Amazon Web Services with the subnet 172.31.0.0/16. I have created an EC2 instance in this subnet and given it a public Elastic IP. There is an Internet Gateway on this VPC. So, ...
- 2,711
8
votes
2
answers
51k
views
Openvpn routing for lan to lan through tun
I am trying to setup an OpenVPN tun to connect two lan's
The open vpn connection is up and working but there is a problem with my routing or nat or something.
What I need is an example of what a ...
- 81
8
votes
4
answers
29k
views
Iptables NAT logging
I have a box setup as a router using Iptables (masquerade), logging all network traffic.
The problem:
Connections from LAN IPs to WAN show fine, i.e. SRC=192.168.32.10 -> DST=60.242.67.190
but for ...
Gerard
7
votes
3
answers
15k
views
How to get VirtualBox NAT working with actual client IP's?
I'm using Virtualbox 4.0.10 on a Debian Squeeze box. I have a Windows 7 VM that I use to host a game server. After setting up NAT and port redirection, clients can connect to the VM, but the game ...
- 71