Hello everyone, I am setting up iptables for natting of multiple hosts in a server cluster. There will be connection bursts from multiple servers usually to a single system. The natting is needed so that the receivers can whitelist the origin of the requests. The configuration is very basic: echo 1 > /proc/sys/net/ipv4/ip_forward iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE Due to the burst of messages, I am worried that the number of open connections (or connections in a very short time) to a single destination will provoke the problem that no more ports on the nat host are available to open connections to the single target system. 1. Is there a way to log messages for when such a case happens? 2. If something like this happens, is there any way to recognise this when setting up logging for the post routing table like this? iptables -t nat -I POSTROUTING -j LOG Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 421K 25M LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 4 603K 36M MASQUERADE all -- * eth0 0.0.0.0/0 0.0.0.0/0 3. Can dropping packages be avoided by adding multiple static IP addresses and using SNAT instead of masquerading as follows? iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to 1.2.3.4,1.2.3.5,9.8.7.6 Any help is highly appreciated. Janosch
