According to man iptables:
DNAT...
In Kernels up to 2.6.10 you can add several --to-destination
options. For those kernels, if you specify more than one desti-
nation address, either via an address range or multiple --to-
destination options, a simple round-robin (one after another in
cycle) load balancing takes place between these addresses.
Later Kernels (>= 2.6.11-rc1) don't have the ability to NAT to
multiple ranges anymore.
I'm wondering why this feature was removed?
What are the workarounds/alternatives?
The reason I ask is that I'm using the range feature to DNAT packets
round-robin to 5 machines (.101-.105). .103 just had a hard drive failure and
when I went to remove it from the iptables config I find I can't do that
anymore as the feature was removed! I've worked around the problem by
re-IPing a machine but I'm wondering if there is a iptables solution to this
so I'll be better prepared in future?
Thanks!
ds
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
