If both 192.168.1.5 and 192.168.1.6 clients starts (“simultaneously”) communication to identical service (e.g. DST IP/port 8.8.8.8:53) … AND both generate the same source port (like 43586 for example) … will
action=src-nat to-addresses=1.1.1.1
change one of the source ports?
If not - there will be a problem with returning right answer to right client.
I hope it will change source port of “little later” communication … but I haven’t found it nowhere explicitly written
Yes it will. It has to, otherwise it wouldn’t work. It tries to keep original port if the mapping (newsrcaddr:srcport<->dstaddr:dstport) is free, but if not, it will change srcport.
Very cool, didnt know or think about that edge case…
Make sense because how would the router know where to send the return traffic, once it arrives back at the router???
Source IPs were changed to WANIP ( so those are the same )
Both destination port and destination IP are identical as indicated…
This leaves the source port as the only remaining identifying item for connection tracking to glom onto upon return…
Thanks - Ithought it but I had no proof. I tried to simulate that case (there I saw it keeps original port - as written), but it’s hard to force two clients to use same srcport
