Wednesday, September 25, 2019

1:1 NAT a VLAN to another network

I might be inventing the wheel here, help me understand if this makes any sense:

  • I've got many networks, all unique except two of which are both 192.168.1.0/24
  • I want to hook all of them up to be routable, using VLANs and a Layer 3 switch

Is it possible to "shift" the public side for the VLAN of the second 192.168.1.0/24 network to a completely different network 192.168.2.0/24 using 1:1 NAT? I'm not wanting to NAT the network to "public" IP on a larger network, but rather to "public" IPs on it's own network. The routing table on the layer 3 switch would need a route that says "go to the gateway i.e. 192.168.2.1 to get to 192.168.2.0/24, and then NAT handles the rest.

The things on these duplicate networks benefit from having the exact same network configuration, but external tools benefit from being able to directly talk to all the devices. I could 1:1 NAT them to some "larger" 10.x.x.x etc. network but I don't think I need that if they are all "public" and routable via the switch as the gateway.

Is this something any Layer 3 switch is capable of, or am I re-inventing the wheel and there is a different more common solution?



No comments:

Post a Comment