Hi, On 3/15/24 7:22 AM, Jan Wasilewski wrote:
Hi everyone,
I'd like to inquire about SNAT settings for non-private addresses. I've created a network with the subnet 100.70.0.0/24 <http://100.70.0.0/24> (please note, it starts with 100, not 10). I'm wondering why all hosts attached to such a network cannot establish an internet connection when the network is connected to a router with an external gateway that has internet access. However, I found documentation here: https://docs.openstack.org/neutron/zed/admin/intro-nat.html <https://docs.openstack.org/neutron/zed/admin/intro-nat.html>, which states that SNAT works only for private addresses (so mine are not included). Is there a way to enable SNAT for my subnet as well, but in a different way than manually configuring iptables settings on top of Neutron nodes? If so, could anyone share it?
The guide you linked is really only an intro guide on NAT, it shouldn't have any affect on whether a neutron router decides to do SNAT. Does your router have "enable_snat" set to True? -Brian