How to not use NAT: DNAT in asymmetric routing
image/svg+xml
How to not use NAT: DNAT in asymmetric routing
2008-04-04
Jan Engelhardt <jengelh@inai.de>
Jan Engelhardt <jengelh@inai.de>
Jan Engelhardt <jengelh@inai.de>
en_US
NAT
A part on the series How to not use NAT
BAD: Attempted use of DNAT with asymmetric routing
host with DNAT rule
source host
destination host
packet mangled andthen forwarded1.3.3.7 → 1.3.3.9
2nd packet1.3.3.9 → 1.3.3.7
3rd packet:“what the hell do you want?(I talked to 1.3.3.8, not 1.3.3.9!)”
switch
1st packet1.3.3.7 → 1.3.3.8
local network
FIX: Directly connect to 1.3.3.9 in the first place.