0

I have a server on AWS with a floating (secondary) IP. During integrations with a partner I provide my secondary IP to be whitelisted and define a POSTROUTING rule to SNAT my IP to the secondary IP to reach to destination such as

sudo iptables -t nat -A POSTROUTING -d partnersip/32 -s myprivateip -j SNAT --to-source secondaryip

But now I've come to a scenario where my partner is also using NAT and I would like to know if it's possible to NAT my secondary IP to the partners NAT IP in the same server after defining my POSTROUTING rules to nat to my secondary IP. something like

sudo iptables -t nat -A POSTROUTING -d partnersip/32 -s secondaryip -j SNAT --to-source partnersnat.ip .

DevopsinAfrica
  • 1
  • 1
  • Have you tried it? NAT on NAT is no problem in itself, addressing might become confusing and some consideration might be needed to not get conflicts. I would also consider using `MASQUERADE` instead of SNAT. If this is only local traffic and not forwarding then `ip route add partnersip/32 ... src secondaryip` might be better. – NiKiZe Aug 19 '21 at 10:38
  • 1
    Likely this is possible. To have a concrete answer please ask more concrete question: clarify the desired packet route and the underline at which points address (and port) translations should take place. I.e. packet enters your system ip1:port1, then it translates to ip2:port2, then it travels to system ip2, where it translates to ip3:port3, like this. – Nikita Kipriyanov Aug 19 '21 at 10:47

0 Answers0