2
Following the question in subject, I guess there is a slight difference between NAT and the others.
Is it that NAT translates a complete private network, as SNAT\DNAT translate per package?
Thanks.
dushkin
Posted 2019-03-03T08:27:02.430
Reputation: 197
5
"NAT" is a collective term for various translations - usually it's actually NAPT (involving the transport-layer port numbers as well).
Source NAT translates the source IP address, usually when connecting from a private IP address to a public one ("LAN to Internet").
Destination NAT translates the destination IP address, usually when connecting from a public IP to a private IP (aka port-forwarding, reverse NAT, expose host, "public server in LAN").
Zac67
Posted 2019-03-03T08:27:02.430
Reputation: 999
2
DNAT: Traffic from address IPs is forwarded to a specific internal IP. or redirects the incoming traffic for some IPs or Port to particular address of your choice.
SNAT: matches for all traffic from a specific network(internal Network) to the output interface (address source used as source for the packets that match, also the output address of your network).
taybinakh
Posted 2019-03-03T08:27:02.430
Reputation: 41
3Also, in the context of Linux and iptables, the reverse translation is handled by the connection tracker - so if you have SNAT rules, you don't need the corresponding explicit DNAT rules. Many people are confused by this and think they need to add the reverse rules, too. – dirkt – 2019-03-03T09:18:46.700