Initially it seemed like a good idea to use iptables rules for mgmt traffic steering instead of multiple socat rules.
Like a single rule could forward all traffic from a source to the dest.
But after running this for a year we've seen many issues with iptables/nftables support on rhel-based derivatives specifically.
Either nftables is not installed, or dnat kernel module is not present.
This kinda makes me steer more to socat again, and let iptables/nftables another 10 years to settle =)
hellt
commented
1 month ago
Initially it seemed like a good idea to use iptables rules for mgmt traffic steering instead of multiple socat rules. Like a single rule could forward all traffic from a source to the dest.
But after running this for a year we've seen many issues with iptables/nftables support on rhel-based derivatives specifically. Either nftables is not installed, or dnat kernel module is not present.
This kinda makes me steer more to socat again, and let iptables/nftables another 10 years to settle =)