Does anyone have an example of this type of setup?
same - gives a particular client the same source/destination IP address from supplied range for each connection. This is most frequently used for services that expect the same client address for multiple connections from the same client
I do not understand if you are supposed to replace the ‘src-nat masq’ rule with a ‘src-nat same’ - or if it’s in addition to the existing nat rules. Does anyone have or know how to setup a simple usage of this action=same ? Do you place that rule above or below your existing masq rule, or does it replace the masq rule all together?
Do you have an example that shows this in use? I am wondering if 2 gateways, each on different subnets, can use this rule - or is it only used when you have a range of outbound ip addresses that you masq under (using the same gateway)?
I know this is an old post and the OP probably got the answer already, but, this thread got no answer about it and when people search for some explanation, will get nothing.
I guess you can only use this when specifying an IP block on to-address
If routes are pointed to the same router that is doing this kind of “masquerade”, by connection tracking the router will know how to forward.
This is useful when you want to always masquerade (src-nat) to the same IP when an connection is made, like the PCC.