I have the following on a box acting as a router between a client and a web server: iptables -t nat -A POSTROUTING --source 10.1.1.1 --destination 10.2.1.1 --protocol tcp --dport 80 -j SNAT --to-source 192.168.20.1-192.168.20.100 I open several http connections from the client to the server, the gateway for some reason SNAT to a single random address only and doesn't do round-robin for every socket from the client. Is something broken? How I force it to perform round-robin SNAT'ing? My kernel: 2.6.12-1.1381_FC3 iptables version: 1.3.4 Thanks, Khoa
