Hello, > > OK, SNAT and DNAT do not support multiple --to any more in kernels above > 2.6.10. But it is unclear to me whether they still support one IP > address *range* (with round robin) or only one single IP address. The range is still accepted as option for iptables 1.3.6, but it has no effect with 2.6.17.3 (so I assume that it is indeed the "NAT+round robin" capability which has gone in Kernels > 2.6.10/11). It doesn't matter if I use the SAME or the DNAT target in PREROUTING - > > The SAME target won't do round robin for the same source address. It > will only do round robin for separate source addresses. > > What about the BALANCE target ? It's in the man page, but I had never > heard of it. In iptables 1.3.6 BALANCE is not available (nor is it available in the 2.6.17.3 source). Obsolete? And I fear that it would not help, because the problem is the missing round robin/load balancing in the Kernel. Maybe LVS is a solution - Thanks and Best Regards, Stefan Friedel -- Zentrale Dienste - Interdisziplinäres Zentrum für Wissenschaftliches Rechnen der Universität Heidelberg - IWR - INF 368, 69120 Heidelberg stefan.friedel@xxxxxxxxxxxxxxxxxxxxx Tel +49 6221 54-8240 Fax -5224 IWR: www.iwr.uni-heidelberg.de HELICS: www.helics.uni-hd.de
Attachment:
signature.asc
Description: Digital signature
