On Fri, Apr 22, 2005 at 05:12:41PM -0500, Taylor, Grant wrote: > Are there any merits to using REDIRECT over (or under) DNAT when > redirecting traffic back to the box that is doing the redirecting? > Reference Alejandro Villarroel's post (and thread) at > https://lists.netfilter.org/pipermail/netfilter/2005-April/059942.html. > > I responded with an email stating to REDIRECT the traffic only moments > after Jason Opperisano responded stating to DNAT the traffic. I'm just > curious if any one knows of any performance benefits / penalties for using > REDIRECT vs. DNAT. REDIRECT is a special case of DNAT, where the dst IP is rewritten to the IP address of the interface the packet is received on (optionally re-writing the dst port as well). i used DNAT in my response, as it wasn't clear from the OP what local IP the translated packets needed to be sent to. -j -- "Peter: I'd sell my soul to be famous. Satan: We've got a live one. Peter. Assistant: No good, sir. It seems he already sold his soul once in 1977 for Bee Gees tickets and then again in 1983 for half a mallomar." --Family Guy
