Hello,
Noman Jamil a écrit :
Is there any alternative of multiple DNAT's which is been droped in
the latest kernels or after 2.6.10.x kernel tree. All i want to do is,
traffic meant for a particular internal IP should be forward to
multiple destinations not as load balacing but as per the connection
tracking. Blow are the desired command of DNAT.
iptables -t nat -A PREROUTING -p udp -s 0/0 -d 10.0.2.107 -j DNAT
--to 202.125.136.60-202.125.136.70
(This command is fine and it works too, but i want to do is not to
load balance between the ips but to pick up the ip for which data is
meant for)
I don't understand what you mean with "load balancing" and "pick up the
ip for which data is meant for". NAT is always based on connection
tracking and applies to a whole connection.
iptables -t nat -A PREROUTING -p udp -s 0/0 -d 10.0.2.107 -j DNAT
--to-destination 202.125.136.60 --to-destination 194.202.94.1
(Any alternative for this command which is depricited after 2.6.10
kernel tree.)
You can replace this rule with multiple rules, each with one --to
option, in combination with the nth, random or statistic match. The nth
and random matches are provided by the patch-o-matic-ng up to
patch-o-matic-ng-20060511. The statistic match is included in kernel
2.6.18 and requires iptables 1.3.6 at least.
|