Mutliple IP Nat on one NIC

[Schnafi]

Hi guys,

I got another problem today.

I got a proxmox node (running version 6.1-8) that has got one public IP (lets say A.A.A.A) and one secondary IP (lets say B.B.B.B).
I also got a bridge with the internal network 192.16.8.0/24 where every VM gets an IP. Currently my setup is working and I can portforward to my containers/VMs without a problem

But what I would like to do is to forward the port 2020 to one of two VMs depending on the destination IP
For instance:

A.A.A.A:2020 gets forwarded to 192.16.8.100:2020 B.B.B.B:2020 gets forwarded to 192.16.8.200:2020
Is this possible and how could I do this? I read on the forum (here) that something like SNAT could work but I am not sure how the iptables command should look like. Is the following example code somehow working for my needs?

iptables -t nat -A PREROUTING -p tcp --dport 8188 -j DNAT --to-destination 192.168.1.10:80 iptables -t nat -A POSTROUTING -p tcp --sport 80 -s 192.168.1.10 -j SNAT --to-source 213.214.215.216:8188



Thanks in advance

 

[Alwin]

You possibly want to use masquerading with port forwarding.

See our docs for some network configuration examples.
https://pve.proxmox.com/pve-docs/chapter-sysadmin.html#sysadmin_network_configuration

 

[Schnafi]

Thank you for your response.
I fixed it by using the -d flag instead of the interface flag -i vmbr0
post-up iptables -t nat -A PREROUTING -d A.A.A.A -p tcp --dport 2020 -j DNAT --to 192.168.8.100:2020
post-up iptables -t nat -A PREROUTING -d B.B.B.B -p tcp --dport 2020 -j DNAT --to 192.168.8.200:2020

What I would like to do now is to rewrite the source ip 192.168.8.200 to B.B.B.B instead of A.A.A.A
I tried it with iptables -t nat -A POSTROUTING -s 192.168.8.200 -j SNAT --to--source B.B.B.B
But this doesn't work.. Any quick ideas?