our campany has two internet links from different isp's. we then use both of these to host the company's webserver. what i want is that the webserver maybe accessible by coming from my isp1 link or my isp2 link. i know that i need to set up my dns to have two ip addresses that points to my linux box and then DNAT that connection towards my webserver. what i don't know is what's the iptables script gonna look like for the SNAT reply. how would i be able to determine that the request that came in to my webserver originated from my isp1 or isp2 link so that the reply would be SNAT'ed to that interface? should i just make two SNAT that replies to the request irregardless of the destination address? ex. iptables -t nat -A POSTROUTING -s 192.168.x.2 --sport 80 -j SNAT --to-ip (ip facing isp1) and iptables -t nat -A POSTROUTING -s 192.168.x.2 --sport 80 -j SNAT --to-ip (ip facing isp2) other suggestions are welcome. -- Sandy T. Santos <sandy@xxxxxxxxxxxxxx> Provincial Information Technology Office Provincial Government of Bulacan Malolos, Philippines
