I have a question when i use the NAT. I have two LAN A and B , A is 202.115.60.0/24 and B is 202.115.70.0/24 . LAN A have a server C which ip is 202.115.60.2, and LAN B have a server D which ip is 202.115.70.3 , normal, the server C provide the service, when the server D shutdown, I want use server B provide the service intead of the server C. I think the NAT maybe solve the question . So, I use the DNAT and SNAT: at the netgate of LAN A,do this: #iptables -t nat -A PREROUTING -s ! 202.115.70.0/24 -d 202.115.60.2 -j DNAT --to 202.115.70.3 #iptables -A FORWARD -d 202.115.70.0/24 -j ACCEPT at the netgate of LAN B , do this: #iptables -t nat -A POSTROUTING -s 202.115.70.3 -d ! 202.115.60.0/24 -j SNAT --to 202.115.60.2 but when I check the ip package use tcpdump , I find the SNAT did not work, the source address of the package from the server D is 202.115.70.3 , not 202.115.60.2. then I do a test. when i send a ping package from the server D, the source address of the ping package change the 202.115.60.2, here the SNAT work well. so, I do not understand why the SNAT can work when send the require package and not work when reply the repuire .... Thank you VERY much! ============================================================= 元旦、情人节不再做孤独人!你还不快来约会? http://dating.163.com/ 网易俱乐部为你建造一个超级的私人社区! http://our.163.com 新年有礼! VIP邮箱也可以免费用! http://vip.163.com/payment/MobilePayment.shtml
