On Tue, 2004-03-16 at 06:57, John A. Sullivan III wrote: > On Tue, 2004-03-16 at 06:15, AFShin wrote: > > Dear Friends, > > Can iptables do the real Round-Robin SNAT --to ? > > Is there any patch or it is available ? > > Thank you all in advance, > > AFShin A. > I do not know the actual code but somewhere in the back of my mind I > recall something about iptables using a rudimentary load balancing > algorithm, i.e., rather than strict round robin, it distributes the next > NAT to the least used address. Can anyone confirm that? - John Hello Try this... iptables -t nat -A POSTROUTING -s 10.0.0.0/8 -m nth --counter 4 --every 4 --packet 0 -j SNAT --to xxx.xxx.xxx.xx1 iptables -t nat -A POSTROUTING -s 10.0.0.0/8 -m nth --counter 4 --every 4 --packet 1 -j SNAT --to xxx.xxx.xxx.xx2 iptables -t nat -A POSTROUTING -s 10.0.0.0/8 -m nth --counter 4 --every 4 --packet 2 -j SNAT --to xxx.xxx.xxx.xx3 iptables -t nat -A POSTROUTING -s 10.0.0.0/8 -m nth --counter 4 --every 4 --packet 3 -j SNAT --to xxx.xxx.xxx.xx4 that is good round-robin nat, but some services may not work (like https or other where is "smart" firewall (anti spoof))
