[Jool-list] Question about 'more' netfilter/iptables stuff
Andreas Schulz (Fujitsu)
andreas.schulz at fujitsu.com
Mon May 13 01:05:27 CST 2024
Good morning,
>Sorry for taking so long.
no problem, I had also no time yet to give your proposal a try ....
>> 1. I forgot to mention that the direction S1 -> A1 or B1 is also required. Means that a service in shared environment has to access a client in customer-a-network (there will be defined ipv4 nat-network for every customer).
>Can you assign a different port for each customer? Would B understand
>that? If so, port forwarding: https://nicmx.github.io/Jool/en/bib.html
no, unfortunately not
>> - every customer defines a network that we can use for nat the 10.1.1.1 service eg. customer a is using 10.10.11.1 for 10.1.1.1, customer b is using 10.20.5.1 for 10.1.1.1
>Then what do you need the NATs for?
forgot to mention - because every customer is 'allowed' to bring his own ip space it's possible that customer a and b will have the same source ip-addresses in their network. Our idea is that with the ipv6 prefix per customer we can map this prefix to a (source) nat network in S1 (this network is only controlled by us so we can define all networks required).
.snip.
Thanks for the suggestion, let's see if I can get the appropriate commands together.
Kind regards,
Andreas
More information about the Jool-list
mailing list