Hi, On Friday 10 February 2006 16:22, Khoa Nguyen wrote: > I have the following on a box acting as a router between a client and > a web server: > > iptables -t nat -A POSTROUTING --source 10.1.1.1 --destination > 10.2.1.1 --protocol tcp --dport 80 -j SNAT --to-source > 192.168.20.1-192.168.20.100 > > I open several http connections from the client to the server, the > gateway for some reason SNAT to a single random address only and > doesn't do round-robin for every socket from the client. Is something > broken? How I force it to perform round-robin SNAT'ing? > > My kernel: 2.6.12-1.1381_FC3 > iptables version: 1.3.4 Have you tried it with more than one internal IP address connecting to multiple destination addresses? Netfilter chooses the translated source IP based on the source and destination address of the original connection. -- KOVACS Krisztian
