Hi List,
I am running into a problem where I have 2 interfaces bridged with and ip address assigned.
I have another interface in which traffic has ingress traffic that needs to go out the bridged interface.
I am trying unsuccessfully to SNAT the traffic leaving the bridge interface to its assigned address.
# brctl show xbrdg0
bridge name bridge id STP enabled interfaces
xbrdg0 8000.000c297aa55f no eth0
eth1
# ip a s xbrdg0
11: xbrdg0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN
link/ether 00:0c:29:7a:a5:5f brd ff:ff:ff:ff:ff:ff
inet 192.168.100.3/24 scope global xbrdg0
# ip a s eth5
7: eth5: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
link/ether 00:0c:29:7a:a5:7d brd ff:ff:ff:ff:ff:ff
inet 10.10.0.1/29 scope global eth5
default via 192.168.100.1 dev xbrdg0
So I want traffic coming in eth5 with 10.10.0.x addresses to be source natted to 192.168.100.3.
But my iptables nat statement never gets hit.
Chain POSTROUTING (policy ACCEPT 172 packets, 31384 bytes)
pkts bytes target prot opt in out source destination
0 0 SNAT all -- * xbrdg0 0.0.0.0/0 0.0.0.0 to:192.168.100.3
29 1933 MASQUERADE all -- * tun+ 0.0.0.0/0 0.0.0.0/0
# ping -I 10.10.0.1 8.8.8.8
# tcpdump -nli xbrdg0 icmp or arp
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on xbrdg0, link-type EN10MB (Ethernet), capture size 65535 bytes
12:52:06.914295 IP 10.10.0.1 > 8.8.8.8: ICMP echo request, id 38932, seq 1, length 64
12:52:07.914592 IP 10.10.0.1 > 8.8.8.8: ICMP echo request, id 38932, seq 2, length 64
12:52:08.914579 IP 10.10.0.1 > 8.8.8.8: ICMP echo request, id 38932, seq 3, length 64
Any ideas?
Thanks,
Steve
--
Stephen Clark
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
