There is a Linux server with 3 network interfaces, eth0, eth1, eth2
. IP forwarding has been turn on in this server.
- eth0 is connected to 10.0.1.0/24. Its IP is
10.0.1.1
. - eth1 is connected to 172.16.1.0/24. Its IP is
172.16.1.1
. Server A can ping router C at 172.16.1.2. - eth2 is connected to 192.168.1.0/24. Its IP is
192.168.1.1
. Server A can ping server B at 192.168.1.2. - Router C is able to route to 172.16.2.0/24 and 172.16.3.0/24.
[10.0.1.0/24] | 172.16.2.0/24------| | [C]------172.16.1.0/24------[A]------192.168.1.0/24------[B] 172.16.3.0/24------|
We have set MASQUERADE at eth0. When server B (192.168.1.2) connect to 10.0.1.0/24, IP MASQUERADE will happen at eth0.
Can we set MASQUERADE at eth1? Is it okay to set MASQUERADE at more than 1 network interfaces in Linux?
Yes, it's fine to have multiple
MASQUERADE
rules. Typically, each rule will match packets going out a specific interface, for example:The first rule matches packets going out
eth0
, while the second one matches packets going outeth1
.