round-robin aliases
Jason Opperisano
opie at 817west.com
Fri Sep 17 20:20:45 CEST 2004
On Fri, 2004-09-17 at 13:57, Ryan D wrote:
> Ive been trying to find a way to do this... I have eth0 on the
> 192.168.2.0/24 network (eth0 has ip 192.168.2.10). I also have 5 aliases
> on the same network with these ips:
>
> eth0:1 192.168.2.11
> eth0:2 192.168.2.12
> eth0:3 192.168.2.13
> eth0:4 192.168.2.14
>
>
> Id like to round-robin the source ip on a per connection basis, meaning,
> if I ssh to 192.168.2.100 it may come from eth0:1, if I then ssh to
> 192.168.2.110 it will come from eth0:2, etc. So the destination ssh
> machines will see different source IPs.
>
> Is this possible with netfilter/iproute2? The only potential problem I
> see is with the arp table, but I also dont understand this stuff as well
> as I would like.
>
> -Ryan
this is the default behavior of the SNAT code:
iptables -t nat -A POSTROUTING -o eth0 \
-j SNAT --to-source 192.168.2.11-192.168.2.14
layer 2 devices don't have problems with many IP's being associated with
the same MAC address--they don't particularly like the same MAC address
being associated with multiple ports.
-j
--
Jason Opperisano <opie at 817west.com>
More information about the netfilter
mailing list