Hello, I would like to use iptables SNAT/DNAT to provide load balancing for an inbound web service. The service is sticky, that is to say, users must be redirected to the same machine during a user session, which can span several TCP sessions. One simple way to do this would be by redirecting incoming connections based on their source IP address. Since addresses might not be evenly distributed through the address space, and many customers might be concentrated in particular regions, I would like to specify a filter using the last octet, ie. *.*.*.0-127 redirects to server A, and *.*.*.128-255 redirects to server B. I would also be happy creating 255 rules if a last - octet range is not possible. Does anyone have any suggestions on how to do this, or other, more sensible approaches to sticky load balancling? Thanks, Gavin
