I wasn’t sure ipv4.nat.address would do what I wanted, but figured I would test with one of my public IPs as the value and sure enough I ended up getting lucky!
Being specified on the bridge works fine for me, just as long as the outbound egress SNAT IP shows as the IP that I need it to for mail server rDNS checks.
The multi outbound IP selection that I was also looking into, I’m not sure I’ll be able to get that working.
My specific use case for that is using IP Pools with the Postal email server ( IP Pools - Postal - the open source mail delivery platform ). Basically what that would do for me is enable me to run a single instance of the Postal email server rather than several instances, one for each IP I need to use for a mail server.
With 5 public IPs on my server, one thing I tried was to setup 5 profiles with each profile using a different bridge. Each bridge had it’s own 10.0.#.1/24 network and each bridge also had one of my public IPs specified for ipv4.nat.address.
Then, with each profile individually added to a container, I get the egress SNAT IP for the associated bridge just fine.
I tried adding all 5 profiles to a container, but seems I could only get access to the 1 primary server IP that way.
Also tried adding 5 NICs to a single profile with each NIC using a different bridge so that each of the 5 public IPs are covered. That, still, resulted in just the main server IP being used (maybe because I added that one first, not sure).
However, I did manage to end up with 5 different (pingable) private ipv6 addresses on a container. Not quite what I was aiming for, but maybe a step closer.
+------------------------+---------+----------------------+-------------------------------------------------+-----------------+-----------+
| z-testing | RUNNING | 10.0.98.230 (eth98) | fd42:d903:28f:9fce:216:3eff:fe28:809d (eth101) | CONTAINER | 0 |
| | | | fd42:66c7:a1b4:f2ef:216:3eff:fede:47e1 (eth102) | | |
| | | | fd42:6352:981b:2d6c:216:3eff:feaa:4bc7 (eth100) | | |
| | | | fd42:288a:2300:53d4:216:3eff:fe43:8e6f (eth99) | | |
| | | | fd42:1748:8760:4c4e:216:3eff:fe28:21a6 (eth98) | | |
+------------------------+---------+----------------------+-------------------------------------------------+-----------------+-----------+
I’m not an expert in networking, so maybe it was pointless to try these things, maybe no chance for it to work. But sometimes it does work out as with ipv4.nat.address
If anyone has any other ideas on how to try doing this please let me know. Specifically, looking to be able to use all of my public server IPs as usable egress SNAT outbound IPs for the Postal mail server (with IP Pools): IP Pools - Postal - the open source mail delivery platform