Chapter 6. Masquerading and Source Network Address Translation

Table of Contents

6.1. Concepts of Source NAT
6.1.1. Differences Between SNAT and Masquerading
6.1.2. Double SNAT/Masquerading
6.2. Issues with SNAT/Masquerading and Inbound Traffic
6.3. Where Masquerading and SNAT Break

Commonly known under a variety of names, SNAT, masquerading or Many-To-One NAT can be part of a solution to protect

Masquerading for connections or traffic initiated from inside a network. Consider reading Chapter 5, Network Address Translation (NAT) for details on handling inbound traffic or connections.

Masquerading has been supported under the linux kernel since before kernel 2.0. The technique of masquerading