Does IPTable/Netfilter eat up ephemeral ports

iptables linux-networking

I wanted to understand more about Netfilter architecture. Let's say I have a machine with 3 IPs. I configure one IP to SNAT to all 3 IPs in round robin. Can I open more than 64k connections from that IP?


Solution 1:

No, because every outgoing connection gets mapped to a source port on the one public-facing address. And there are only 64K of those.

Related

IneligibleDataPartition - S2D not starting - error 2
Change location where LDAP data is stored
Shared storage between VMs
Equipment required for AWS outpost
Separate color from black-and-white pages for printing
sysctl not sticking after reboot
GRE tunneling using Open vSwitch
Restricting AWS resources to same AZ connections
Is it feasible for a mobile app like a peer to peer torrent app to discover peers via Internet, not just direct Wifi? [closed]
Domain registrar said I need to provide at least two of DNS servers [closed]
How do I specify disk size for new machine instance for Azure?
Can Linux kernel support RSTP (802.1w)?