Questions tagged [nat]
In computer networking, Network Address Translation (NAT) is the process of modifying IP address information in IPv4 headers while in transit across a traffic routing device.
368 questions
0
votes
0
answers
16
views
nftables masquerade on interface with multiple addresses
I have what appears to be a unique situation that I am surprised is unique as it's common to most cablemodem implementations...
I need to masquerade to the dynamic public address provided by $CABLECO ...
- 83
2
votes
1
answer
49
views
nftables NAT 'redirect' rule description ambiguity
I'm currently covering nftables NAT rules. There are four of them, namely:
snat: replace the packet's source address with a given one (clear);
dnat: replace the packet's destination address with a ...
- 23
2
votes
1
answer
95
views
Nested VPN connection via Wireguard
I designed the following topology:
Client A -> Server B -> Server C
Server C: wireguard server that NATs packets from its clients (in this case just B) before sending them to the Internet. Its ...
- 141
1
vote
0
answers
148
views
KVM/QEMU libvirt Network "default" NAT Configuration - Guest cannot connect to Internet (no VPN)
KVM/QEMU libvirt Network "default" NAT Configuration - Guest can connect to host and the host to guest but the guest cannot connect to Internet(no VPN).
$ sudo virsh net-list --all
Name ...
- 621
2
votes
1
answer
86
views
How do I make a virtual "alias" for a remote IP without a proxy process?
I have interfaces enp101s0f0u2u{1..3}, on each of which there is device responding to 192.168.8.1.
I want a local processes to be able to reach all of them simultaneously.
This is one process, so ...
0
votes
1
answer
218
views
Zyxel EX3301-T0 router not accessible remotely with static IP
I am attempting to communicate with devices on my LAN via the internet.
I have purchased a static IP for my router.
When I log in to my router, the IP address displayed on the router GUI matches the ...
2
votes
1
answer
351
views
What process can remove an entry from a router NAT table?
I have just been watching a video which explains UDP holepunching.
https://www.youtube.com/watch?v=GfRLNg6DOnI
In this video, some processes which create entries in a router NAT table are explained.
...
- 987
1
vote
2
answers
667
views
Connecting to an SSH server behind NAT
I have a situation where I've got a target machine behind a standard home router/firewall/NAT configuration (we'll call it target), and a machine with a known public IP address (we'll call it server).
...
- 165
0
votes
0
answers
33
views
odd need to change packet addresses
I have a very poorly designed appliance which advertises wifi.
But what it actually delivers is a device that can only create a hotspot, and the hotspot name is fixed. The address is also fixed. The ...
- 1
0
votes
2
answers
59
views
Faking traceroute hops but only for the VM, not for the VM host
I'm trying to modify ICMP time-exceeded responses (type 11) for traceroute packets, but only when they're responses to traceroute probes from a specific VM. My setup is:
Host OS running Ubuntu with ...
- 175
1
vote
1
answer
46
views
nft ignores packets on lo?
I have a fairly standard debian 10 system set up as a router (echo 1 > /proc/sys/net/ipv4/ip_forward) with one WAN (=enp11s0) interface and one DMZ (=enp10s0) interface.
The WAN interface has a ...
- 13
1
vote
0
answers
195
views
Fedora Linux VM on Windows 10 HyperV host behind a network proxy cannot access internet
I posted this question over in the Server Fault boards but haven't had any response on it, hoping to get some information by posting it over here.
I'm setting up a Fedora VM using HyperV on a Windows ...
- 193
0
votes
1
answer
344
views
Wireguard connection to localhost via VPN refused
In order to access my webserver (behind CGNAT on my home PC), I established a wireguard tunnel between my home PC (wireguard IP 10.8.0.3) and a VPS (wireguard IP 10.8.0.1 and public IP 11.22.33.44). I ...
- 101
0
votes
1
answer
85
views
NAT table skipped for server replies running inside Docker container
I have a Docker container running on a vanilla setup which listens on port 9999:
docker run --rm -it -p 9999:9999 busybox nc -vvl -p 9999 0.0.0.0
I added a LOG rule to the POSTROUTING table on NAT in ...
- 250
0
votes
0
answers
110
views
pfSense routing issues
Ive got a routing issue on my pfSense box that shows the response to a ping request being routed to a IP in a separate subnet/vlan.
10:25:13.239238 IP 10.2.0.2 > 8.8.8.8: ICMP echo request, id 9374,...
- 103