I have a couple of server on different internal lan which all have an own public IP-adress. Today I have have set upp additional IP addresses on the external NIC, one for each servers' public IP address.
I am using DNAT to switch to the coresponding internal IP-adress. This works very well.
However if a server connect a socket to a server on the Internet, maquerading cannot be used to set an additional IP address as source on External since maquerading can only use a interface IP-adress, not an additional IP address!
One solution is to use SNAT, but this is not a very good if the server wants to connect to an internal server, since the SNAT rule is for ANY destination and I cannot create a SNAT rule which do not change source and service, one of them must be changed, otherwise the SNAT rule cannot be added.
How can I solve this?
This thread was automatically locked due to age.
