On Mon, 2013-04-01 at 15:07 +1100, Mark Andrews wrote:
In message <1364787851.2136.7.camel@karl>, Karl Auer writes:
A side effect of NAT is to clamp the source address range of outbound packets to the configured NAT outside address range. It depends on how the nat is configured.
OK - how does one configure NAT so that the source addresses of outbound packets are NOT clamped to a configured range on the outside of the NAT device? Given this general scenario, of course: Inside Outside Nasty spoofing scum ----> NAT ---> helpless victims Outbound ---> Honest question - just 'because I don't see it doesn't mean it isn't possible :-) My NAT configs have generally been pretty plain vanilla. Regards, K. -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Karl Auer (kauer@biplane.com.au) http://www.biplane.com.au/kauer http://twitter.com/kauer389 GPG fingerprint: B862 FB15 FE96 4961 BC62 1A40 6239 1208 9865 5F9A Old fingerprint: AE1D 4868 6420 AD9A A698 5251 1699 7B78 4EEE 6017