SNAT round-robin broken?
Khoa Nguyen
khoa.coffee at gmail.com
Fri Feb 10 16:22:08 CET 2006
I have the following on a box acting as a router between a client and
a web server:
iptables -t nat -A POSTROUTING --source 10.1.1.1 --destination
10.2.1.1 --protocol tcp --dport 80 -j SNAT --to-source
192.168.20.1-192.168.20.100
I open several http connections from the client to the server, the
gateway for some reason SNAT to a single random address only and
doesn't do round-robin for every socket from the client. Is something
broken? How I force it to perform round-robin SNAT'ing?
My kernel: 2.6.12-1.1381_FC3
iptables version: 1.3.4
Thanks,
Khoa
More information about the netfilter
mailing list