SNAT on router without gateway ?

asked 2017-01-15 20:22:49 -0500

RyanYMT gravatar image

updated 2017-01-24 14:32:35 -0500

rbowen gravatar image

I'm trying to setup an environment where no tenant instance will have internet. This is only complete internal lab instances with no external network access required. But i have a needs to provide some internal patch repo and dns in the environments. Tenants here are actually internal groups.

Hence i need a network zone which would be accessible by all tenants. I have setup as in the image below.

image description

Tenant router has interface attached to the shared network and their own internal network. But as 'shared network' is not 'external network', it could not be set as 'gateway'. On router, it appears as just two network interfaces.

I need to configure SNAT on the qrouter namespace for Tenant Server to communicate to Patch server in shared network. Unless shared server has no idea about that tenant network (10.0.0.10). But, as there will be many tenants, it's not possible for me to configure SNAT on qrouters.

Is there a way to achieve this requirement ? Does it necessarily need to have gateway on the router for SNAT to be working ? Thanks.

edit retag flag offensive close merge delete