packet-based load-balanced stateless iptables firewall

Alistair Tonner Alistair at
Sat Apr 16 20:09:03 CEST 2005

On April 16, 2005 02:03 pm, Visham Ramsurrun wrote:
> Hi to all,
> I would like to know how to build a packet-based load-balanced
> stateless iptables firewall.

	If your talking about a load-balanced firewall -- there are some odd things 
you need to check out.....

> I came across this:
> In IPtables, load balancing is done by specifying multiple IP
> addresses in a DNAT rule. For example:
> iptables -t nat -A PREROUTING -i eth0 -o eth1 -d -j DNAT
> --to-destination

	This rule 'load balances' per connection from the firewall to the destination 
	Has nowt to do with a load balanced firewall.
> Is the load balancing done in a packet-based manner? Does it use the
> round-robin algorithm for it?

	Per connection round robin.
> Any help will be very much appreciated..
> Regards,
> Visham

More information about the netfilter mailing list