Build a network topology integration test where peers are behind NATs, and one of the NATs uses destination-dependent mapping.

Some ideas on how to get this done:

iptables

In a netns that does the NAT, create a fixed set of IP rewriting rules for each IP in the test configuration. The rule matches on the destination IP address and assigns a fixed source port (in addition to the source IP shared by all rules).

I'm not sure if Linux will automatically add the right conntrack entries to translate the return packets. If not, we might need to configure the peers to use a fixed source port for the UDP connections, so that we can add a fixed set of rules to translate (de-NAT) the reverse packets.

NAT in userspace

Create a simple NAT in userspace with two TUN devices, and push the device ends of the TUNs into the peer and main router netns. The userspace program reads IP packets and rewrites the source IP and port, with a destination-dependent mapping.