Hi, On Wednesday 26 October 2005 16.02, °° ţăţă ßęrűâńg °° wrote: > recently i read iptables man page, > in the DNAT part : > You can add several --to-destination options. If > you specify more than > one destination address, either via an address range > or multiple --to-des > tination options, a simple round-robin (one after > another in cycle) load > balancing takes place between these adresses. > > in my mind, it sounds like: > iptables -A PREROUTING -s xxx.xxx.xxx.xxx -p tcp > --dport 80 -j DNAT --to-destination aaa.aaa.aaa.aaa > --to-destination bbb.bbb.bbb.bbb > > but it says invalid arguments. > which part was wrong ? Unfortunately that possibility was removed when restructuring the Linux NAT for the 2.6.11 Linux release. Should work with older kernels, or you can work it around by using two DNAT rules and the 'random' match from patch-o-matic-ng. Ugly, but it should work that way. http://www.netfilter.org/documentation/HOWTO//netfilter-extensions-HOWTO-3.html#ss3.14 -- Regards, Krisztian Kovacs
