A client on the internet sends a TCP SYN packet to 10.0.1.10:8080. The router receives it on eth0. According to the exhibit, what will happen to the packet?
Trap 1: The packet is dropped because the destination IP is not directly…
DNAT changes the destination to a directly connected network (10.0.2.0/24).
Trap 2: The packet is forwarded to 10.0.1.1 because it is the default…
After DNAT, the destination is 10.0.2.5, so routing will send it to that network, not the default gateway.
Trap 3: The packet is forwarded to 10.0.2.5:80 via eth1, with source IP…
MASQUERADE would only change source if the packet originated from 10.0.2.0/24.
- A
The packet is dropped because the destination IP is not directly connected.
Why wrong: DNAT changes the destination to a directly connected network (10.0.2.0/24).
- B
The packet is forwarded to 10.0.1.1 because it is the default gateway.
Why wrong: After DNAT, the destination is 10.0.2.5, so routing will send it to that network, not the default gateway.
- C
The packet is forwarded to 10.0.2.5:80 via eth1, with source IP changed to 10.0.2.20.
Why wrong: MASQUERADE would only change source if the packet originated from 10.0.2.0/24.
- D
The packet is forwarded to 10.0.2.5:80 via eth1, with source IP unchanged.
As described, DNAT changes destination, routing sends it to eth1, and no SNAT is applied.