Hi i was looking for a solution how to make an hairpin (loopback) through two bridge in the same routerboard.
There are two networks :
first Server’s net
second Client’s net
The client network are isolated with Vlan bridge and the subnet are 192.168.10.0/24 . All clients have separated vlan (client 1 vlan 10, client 2 vlan 11, …) .
The servers are in the network 192.168.1.0/24 without vlan , with dst-nat for services (webserver 192.168.1.202 port 80 443 ,mailserver 192.168.1.201 port 25 587 …).
The connection out are masquerade.
0 chain=srcnat action=masquerade out-interface=wan-ether5 log=no
log-prefix=“”
In the vlan bridge are only one server and is only one hairpin that work .
1 ;;; Hairpin NAT loopback
chain=srcnat action=masquerade protocol=tcp src-address=192.168.10.0/24
dst-address=192.168.10.99 out-interface=VlanVmBridge dst-port=80,21
log=no log-prefix=“”
I have make same rules for hairpin servers side but not work.
2 chain=srcnat action=masquerade protocol=tcp src-address=192.168.10.0/24
dst-address=192.168.1.1 out-interface=switch internal dst-port=25 log=no
log-prefix=“”
3 chain=srcnat action=masquerade protocol=tcp src-address=192.168.10.0/24
dst-address=192.168.1.201 out-interface=switch internal
dst-port=110,995,993,143 log=no log-prefix=“”
4 chain=srcnat action=masquerade protocol=tcp src-address=192.168.10.0/24
dst-address=192.168.1.205 out-interface=switch internal dst-port=53
log=no log-prefix=“”
Any help is welcome.
Thanks in advance.
Stefano.