On Sun, 24 Nov 2002, Rikard Bostrom wrote: > Hi, > > I was wondering if anyone could try to give me a good explaination > on the differences between NAT and MASQUERADING? > Good sides, bad sides etc...
The main difference is that MASQUERADE shows all outbound connections as coming from the same place. Ie, no matter which system, behind the firewall, initiates a connection, the rest of the world sees it as if it came from the firewall. NAT is a two part deal. The part that compares to MASQ is SNAT...Source Network Address Translation. If you have been granted multiple external addresses by your ISP, you can set up the firewall to NAT one of those external addresses to a particular internal system. Ie, xxx.xxx.xxx.1 could be the firewall's main IP, xxx.xxx.xxx.xx2 could be an additional IP. You can set up a NAT rule that shows all connections from internal address yyy.yyy.yyy.yyy to appear, to the world, as xxx.xxx.xxx.2. -- Mike Burger http://www.bubbanfriends.org Visit the Dog Pound II BBS telnet://dogpound2.citadel.org or http://dogpound2.citadel.org:2000 -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
