MikroTik Training Center Blog

Masquerade: Taking NAT a Step Further

Smarter than Source NAT

Building upon last MTCNA session's troubleshooting solution, in which we introduced source NAT and its translation of disconnected IP addresses into those already successful and working, session 17 talks about an even more convenient feature: NAT Masquerade.


Check out the video below to see how the masquerade feature works:

How does Masquerade Work?

Masquerade works quite similarly to source NAT. However, unlike source NAT that required the user to input specific addresses, masquerade operates via pre-determined algorithms.

These algorithms enable the masquerade feature to work automatically by referring to a router's routing table, default gateway, and the corresponding interfaces and IP addresses and selecting the required IP addresses for network address translation.

It becomes quite useful when you consider scenarios that can potentially and quite easily change your router's IP addresses and preferred source addresses for different activities. For instance, receiving a dynamic IP address from a DHCP client or having multiple IP addresses/gateways can easily change the preferred source address of an action, and therefore, render your source NAT rule useless.

With masquerade, you needn't worry about these changes anymore as it can adjust itself accordingly.

Don't Forget to Subscribe!

Wait... What is Source NAT?

In case you missed our previous tutorial, you can watch it below. See how what Network Address Translation is nad how source NAT can be used to resolve limited disconnection throughout the network.