proper way to NAT private ip/port to public ip/port

hmarsili · March 12, 2013, 2:57pm

Hi,

We have a couple of a set of 10 public ips. Each public IP is NAT on the some ports (80) for example to a internal IP. The thing is, a couple of ‘hands’ went trough our configuration and we have NAT definitions created with dst-nat and another ones created with NETMAP. In both cases, working.

Which is the recommended way and why?

CelticComms · March 12, 2013, 5:05pm

The netmap action is typically used when you want to translate all traffic (i.e. ports) to the target destination IP.

If you only want to map a specific port it is more common and safer to use the more granular destination NAT action.