On Monday 17 November 2003 2:07 pm, Jeffrey Laramie wrote:
> Antti Korpela wrote:
> >
> > 1. What difference and which is better between: iptables -t nat -j
> > MASQUERADE or SNAT --to IP if im using it for internet gateway
> > NAT-machine in big LAN-parties, over 300 IP:s.
>
> According to Oskar's tutorial SNAT is preferable for static IPs:
My understanding is that SNAT is marginally more efficient than MASQUERADE
because the address to be susbstituted is fixed in the SNAT rule, whereas
with MASQUERADE the rule needs to look up the address of the interface before
it knows what to replace into the packet.
Whether you could measure the difference in efficiency between the two rules
is another matter entirely, however. My recommendation would be to go for
maximum readability of your rules.
Regards,
Antony.
--
90% of network problems are routing problems.
9 of the remaining 10% are routing problems in the other direction.
The remaining 1% might be something else, but check the routing anyway.
Please reply to the list;
please don't CC me.
