Hello,
Mahmoud Aghapour a écrit :
I want to use iptables to translate incoming destination port 500 to
10000-10009 with (round robin or any other method) load balancing.
I used the following command in RHEL 3 with iptables 2.11:
Iptables -A PREROUTING -p tcp --dport 500 -j DNAT --to :10000-10009
But always port 10000 are used for translation and other ports never used.
DNAT (and SNAT, I guess) does "load balancing" only with IP addresses,
not with ports. It will use always the first port in the interval unless
the resulting connection collides with an existing connection. Only in
this case it will try the next port in the interval, and so on...
Since your port interval is rather short, you may try to do load
balancing with the 'nth', 'random', or 'statistic' match and one rule
per destination port.
