Hi List,
I am running into a problem where I have 2 interfaces bridged with and ip
address assigned.
I have another interface in which traffic has ingress traffic that needs to go
out the bridged interface.
I am trying unsuccessfully to SNAT the traffic leaving the bridge interface to
its assigned address.
# brctl show xbrdg0
bridge name bridge id STP enabled interfaces
xbrdg0 8000.000c297aa55f no eth0
eth1
# ip a s xbrdg0
11: xbrdg0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state
UNKNOWN
link/ether 00:0c:29:7a:a5:5f brd ff:ff:ff:ff:ff:ff
inet 192.168.100.3/24 scope global xbrdg0
# ip a s eth5
7: eth5: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
link/ether 00:0c:29:7a:a5:7d brd ff:ff:ff:ff:ff:ff
inet 10.10.0.1/29 scope global eth5
default via 192.168.100.1 dev xbrdg0
So I want traffic coming in eth5 with 10.10.0.x addresses to be source natted
to 192.168.100.3.
But my iptables nat statement never gets hit.
Chain POSTROUTING (policy ACCEPT 172 packets, 31384 bytes)
pkts bytes target prot opt in out source destination
0 0 SNAT all -- * xbrdg0 0.0.0.0/0 0.0.0.0
to:192.168.100.3
29 1933 MASQUERADE all -- * tun+ 0.0.0.0/0 0.0.0.0/0
# ping -I 10.10.0.1 8.8.8.8
# tcpdump -nli xbrdg0 icmp or arp
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on xbrdg0, link-type EN10MB (Ethernet), capture size 65535 bytes
12:52:06.914295 IP 10.10.0.1 > 8.8.8.8: ICMP echo request, id 38932, seq 1,
length 64
12:52:07.914592 IP 10.10.0.1 > 8.8.8.8: ICMP echo request, id 38932, seq 2,
length 64
12:52:08.914579 IP 10.10.0.1 > 8.8.8.8: ICMP echo request, id 38932, seq 3,
length 64
Any ideas?
Thanks,
Steve
--
Stephen Clark
_______________________________________________
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos
