Compare Masquerade and Source NAT in RouterOS. Which statement is true?

NAT behavior in RouterOS hinges on how the translation address is chosen. Masquerade is a dynamic NAT that automatically uses the IP address of the outbound interface for all translated connections. As the public IP on that interface changes (for example, with a dynamic IP from an ISP), the masquerade rule adapts so existing sessions keep working without manual updates. Source NAT, on the other hand, relies on a specific address you configure to be used for translations. You pick a particular public IP (or a pool of IPs) with to-addresses, and internal hosts’ traffic is translated to that chosen address(es) regardless of the interface’s current IP. So, masquerade dynamically uses the outgoing interface’s address, which makes it ideal for dynamic IPs. Source NAT uses a specified address (or pool), which gives you control over exactly which public IPs are presented to the internet. For a dynamic IP situation, masquerade is typically the simpler, auto-updating choice; for a fixed public IP, srcnat with to-addresses provides a stable, predictable translation.