MikroTik

Community discussions
https://forum.mikrotik.com/

Default NAT

https://forum.mikrotik.com/viewtopic.php?t=151038

Page 1 of 1

Default NAT

Posted: Sun Aug 11, 2019 1:34 pm
by SpongeB0B
Hi everyone,

is it normal that by default I have two srcnat ?? ->
Code: Select all
 0    ;;; defconf: masquerade
chain=srcnat action=masquerade out-interface-list=WAN ipsec-policy=out,none
1
chain=srcnat action=masquerade out-interface=ether1
Is the rule 1 is not enough by her own ? meaning can I delete the rule 0 ? (I should still have full NAT on my network correct ?)

Re: Default NAT

Posted: Sun Aug 11, 2019 7:28 pm
by Sob
You can have as many srcnats as you want, but it's not default config. If we can trust comments, rule #0 is from default config and someone added #1 manually. Why, that's a question, because rule #0 should be enough.

Default config now uses interface lists, so you can reuse interfaces in several places and only change the list if required, instead of changing several different things. You can use it or not, it's up to you. Default config also excludes traffic in IPSec tunnels from default srcnat, but if you don't use IPSec, you don't need that part (removing it will probably save 0.000nothing% processing power).
All times are UTC+02:00
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/