0

We use iptables to implement SNAT for our users with a dozen external IP's in round robin (for load balancing). Our developers require port forwarding to their machines and have each requestded a range of 10 ports on which they can expose their machines directly to the Internet.

In order to prevent exhausting the amount of ports available, we would like to dedicate an IP exclusively for DNAT. However, in this scenario, their outbound connections would often be made from a different address to the one they have been assigned for DNAT. I know this would not normally cause any issues but I'm wondering if there are any applications which require port forwarding that would require that the IP's are the same?

Michelle
  • 913
  • 5
  • 20
  • 30

1 Answers1

0

VOIP might need a static IP, although it could be worked around by having the user re-register every time his IP changes (how the user might be informed of this change I'm not sure), and it will probably cause issues with sessions on websites, those are the two scenarios that come to mind, maybe if you could state a few things the devs use regularly?

NickW
  • 10,183
  • 1
  • 18
  • 26