On Tue, Jan 24, 2023 at 2:36 PM Jakub Sitnicki [off-list ref] wrote:

Users who want to share a single public IP address for outgoing connections
between several hosts traditionally reach for SNAT. However, SNAT requires
state keeping on the node(s) performing the NAT.

A stateless alternative exists, where a single IP address used for egress
can be shared between several hosts by partitioning the available ephemeral
port range. In such a setup:

[1] https://github.com/cloudflare/cloudflare-blog/blob/232b432c1d57/2022-02-connectx/connectx.py#L116

Reviewed-by: Marek Majkowski <redacted>
Reviewed-by: Kuniyuki Iwashima <redacted>
Signed-off-by: Jakub Sitnicki <jakub@cloudflare.com>

Reviewed-by: Eric Dumazet <edumazet@google.com>