You may try to use Load balancing features to use both of your rules: https://wiki.nftables.org/wiki-nftables/index.php/Load_balancing 2023-06-27T20:31:32Z Dmitry <onyx@xxxxxxx>: > Hello! > > I have lan network like 10.10.0.0/16 and two sets of external addresses like 1.1.1.0/24 and 2.2.2.0/24. How to perform nat to use all my external addresses? Now i have rules like > > add rule ip nat POSTROUTING oifname "vlan3" ip saddr 10.10.0.0/16 counter snat to 1.1.1.0-1.1.1.255 persistent > > add rule ip nat POSTROUTING oifname "vlan3" ip saddr 10.10.0.0/16 counter snat to 2.2.2.1-2.2.2.255 persistent > > But,as expected, only first rule works. I need something like this: > > add rule ip nat POSTROUTING oifname "vlan3" ip saddr 10.10.0.0/16 counter snat to 1.1.1.0-1.1.1.255,2.2.2.1-2.2.2.255 persistent > > But it is not supported. > > Also, i've tried to use names sets like this: > > add set ip nat ext_addr {type ipv4_addr; flags interval; elements={1.1.1.0-1.1.1.255,2.2.2.1-2.2.2.255} ;} > > But > > nft 'add rule ip nat POSTROUTING oifname "vlan3" ip saddr 10.178.0.0/16 counter snat to @ext_addr persistent' > Error: unknown raw payload base > add rule ip nat POSTROUTING oifname "vlan3" ip saddr 10.178.0.0/16 counter snat to @ext_addr persistent > > > With all respect!
