does IPTABLES as a router always require masquerade / SNAT?

Solution 1:

The DSL router is running it's own NAT on 192.168.1.0, correct? That's the network it's set to hand out.

So the answer would be that it doesn't know anything about any 192.168.2.0 network, and therefore doesn't attempt to NAT it. It may forward that trafficout to the Internet, but the Internet will drop those private IPs right away. It probably also doesn't have routing information to get back through your box to your 2nd network segment, so you would have no return path anyway, unless you set that up as a static route somewhere and didn't point it out.

So you need to give the DSL router something it's expecting. Either find a way to change settings on it to NAT both segments and a static route to your Ubuntu for 192.168.2.0, or set up the NAT on yours like you found.

Solution 2:

This is because the DSL modem doesn't know about the 192.168.2.* network, when the router receives a packet from 192.168.2.x it is presuming it must reply through the default gateway, because it has no specific route to that subnet.

If your DSL router is capable of being configured with a static route, then that will fix it, if not, you'll need to have NAT configured on the router, so that all traffic that the router sees originates from the local network (as far as the DSL router sees)