* dnat to multiple destination
@ 2005-10-26 14:02 =?unknown-8bit?b?sLAg/uP+4yDf6nL74vFnILCw?=
2005-10-26 14:10 ` Mariusz Kruk
` (3 more replies)
0 siblings, 4 replies; 7+ messages in thread
From: =?unknown-8bit?b?sLAg/uP+4yDf6nL74vFnILCw?= @ 2005-10-26 14:02 UTC (permalink / raw)
To: netfilter
hi there,
recently i read iptables man page,
in the DNAT part :
You can add several --to-destination options. If
you specify more than
one destination address, either via an address range
or multiple --to-des
tination options, a simple round-robin (one after
another in cycle) load
balancing takes place between these adresses.
in my mind, it sounds like:
iptables -A PREROUTING -s xxx.xxx.xxx.xxx -p tcp
--dport 80 -j DNAT --to-destination aaa.aaa.aaa.aaa
--to-destination bbb.bbb.bbb.bbb
but it says invalid arguments.
which part was wrong ?
cheers,
Agung
__________________________________
Yahoo! FareChase: Search multiple travel sites in one click.
http://farechase.yahoo.com
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: dnat to multiple destination
2005-10-26 14:02 dnat to multiple destination =?unknown-8bit?b?sLAg/uP+4yDf6nL74vFnILCw?=
@ 2005-10-26 14:10 ` Mariusz Kruk
2005-10-26 14:13 ` Jörg Harmuth
` (2 subsequent siblings)
3 siblings, 0 replies; 7+ messages in thread
From: Mariusz Kruk @ 2005-10-26 14:10 UTC (permalink / raw)
To: netfilter
°° þãþã ßêrûâñg °° napisał(a):
> iptables -A PREROUTING -s xxx.xxx.xxx.xxx -p tcp
> --dport 80 -j DNAT --to-destination aaa.aaa.aaa.aaa
> --to-destination bbb.bbb.bbb.bbb
>
> but it says invalid arguments.
> which part was wrong ?
try [...]-p tcp -m tcp --dport 80[...]
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: dnat to multiple destination
2005-10-26 14:02 dnat to multiple destination =?unknown-8bit?b?sLAg/uP+4yDf6nL74vFnILCw?=
2005-10-26 14:10 ` Mariusz Kruk
@ 2005-10-26 14:13 ` Jörg Harmuth
2005-10-26 14:14 ` dnat to multiple destination *correction* =?unknown-8bit?b?sLAg/uP+4yDf6nL74vFnILCw?=
2005-10-26 14:19 ` dnat to multiple destination KOVACS Krisztian
3 siblings, 0 replies; 7+ messages in thread
From: Jörg Harmuth @ 2005-10-26 14:13 UTC (permalink / raw)
To: netfilter
°° þãþã ßêrûâñg °° wrote:
> hi there,
>
> recently i read iptables man page,
> in the DNAT part :
> You can add several --to-destination options. If
> you specify more than
> one destination address, either via an address range
> or multiple --to-des
> tination options, a simple round-robin (one after
> another in cycle) load
> balancing takes place between these adresses.
>
> in my mind, it sounds like:
> iptables -A PREROUTING -s xxx.xxx.xxx.xxx -p tcp
> --dport 80 -j DNAT --to-destination aaa.aaa.aaa.aaa
> --to-destination bbb.bbb.bbb.bbb
Try adding -t nat
^ permalink raw reply [flat|nested] 7+ messages in thread
* dnat to multiple destination *correction*
2005-10-26 14:02 dnat to multiple destination =?unknown-8bit?b?sLAg/uP+4yDf6nL74vFnILCw?=
2005-10-26 14:10 ` Mariusz Kruk
2005-10-26 14:13 ` Jörg Harmuth
@ 2005-10-26 14:14 ` =?unknown-8bit?b?sLAg/uP+4yDf6nL74vFnILCw?=
2005-10-26 14:19 ` dnat to multiple destination KOVACS Krisztian
3 siblings, 0 replies; 7+ messages in thread
From: =?unknown-8bit?b?sLAg/uP+4yDf6nL74vFnILCw?= @ 2005-10-26 14:14 UTC (permalink / raw)
To: netfilter
hi there,
recently i read iptables man page,
in the DNAT part :
You can add several --to-destination options. If
you specify more than
one destination address, either via an address range
or multiple --to-destination options, a simple
round-robin (one after another in cycle) load
balancing takes place between these adresses.
in my mind, it sounds like:
iptables -t nat -A PREROUTING -s xxx.xxx.xxx.xxx -p
tcp
--dport 80 -j DNAT --to-destination aaa.aaa.aaa.aaa
--to-destination bbb.bbb.bbb.bbb
but it says invalid arguments.
which part was wrong ?
cheers,
Agung
__________________________________
Start your day with Yahoo! - Make it your home page!
http://www.yahoo.com/r/hs
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: dnat to multiple destination
2005-10-26 14:02 dnat to multiple destination =?unknown-8bit?b?sLAg/uP+4yDf6nL74vFnILCw?=
` (2 preceding siblings ...)
2005-10-26 14:14 ` dnat to multiple destination *correction* =?unknown-8bit?b?sLAg/uP+4yDf6nL74vFnILCw?=
@ 2005-10-26 14:19 ` KOVACS Krisztian
2005-10-26 14:22 ` =?unknown-8bit?b?sLAg/uP+4yDf6nL74vFnILCw?=
2005-10-26 17:14 ` Henrik Nordstrom
3 siblings, 2 replies; 7+ messages in thread
From: KOVACS Krisztian @ 2005-10-26 14:19 UTC (permalink / raw)
To: netfilter
Hi,
On Wednesday 26 October 2005 16.02, °° þãþã ßêrûâñg °° wrote:
> recently i read iptables man page,
> in the DNAT part :
> You can add several --to-destination options. If
> you specify more than
> one destination address, either via an address range
> or multiple --to-des
> tination options, a simple round-robin (one after
> another in cycle) load
> balancing takes place between these adresses.
>
> in my mind, it sounds like:
> iptables -A PREROUTING -s xxx.xxx.xxx.xxx -p tcp
> --dport 80 -j DNAT --to-destination aaa.aaa.aaa.aaa
> --to-destination bbb.bbb.bbb.bbb
>
> but it says invalid arguments.
> which part was wrong ?
Unfortunately that possibility was removed when restructuring the
Linux NAT for the 2.6.11 Linux release. Should work with older kernels,
or you can work it around by using two DNAT rules and the 'random'
match from patch-o-matic-ng. Ugly, but it should work that way.
http://www.netfilter.org/documentation/HOWTO//netfilter-extensions-HOWTO-3.html#ss3.14
--
Regards,
Krisztian Kovacs
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: dnat to multiple destination
2005-10-26 14:19 ` dnat to multiple destination KOVACS Krisztian
@ 2005-10-26 14:22 ` =?unknown-8bit?b?sLAg/uP+4yDf6nL74vFnILCw?=
2005-10-26 17:14 ` Henrik Nordstrom
1 sibling, 0 replies; 7+ messages in thread
From: =?unknown-8bit?b?sLAg/uP+4yDf6nL74vFnILCw?= @ 2005-10-26 14:22 UTC (permalink / raw)
To: netfilter
Unfortunately that possibility was removed when
> restructuring the
> Linux NAT for the 2.6.11 Linux release. Should work
> with older kernels,
> or you can work it around by using two DNAT rules
> and the 'random'
> match from patch-o-matic-ng. Ugly, but it should
> work that way.
>
>
http://www.netfilter.org/documentation/HOWTO//netfilter-extensions-HOWTO-3.html#ss3.14
>
> --
> Regards,
> Krisztian Kovacs
>
ok thanks :-)
@Jörg
i've correct my post, i've use -t nat just miss type
when i write my post. thx anyway :-)
__________________________________
Start your day with Yahoo! - Make it your home page!
http://www.yahoo.com/r/hs
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: dnat to multiple destination
2005-10-26 14:19 ` dnat to multiple destination KOVACS Krisztian
2005-10-26 14:22 ` =?unknown-8bit?b?sLAg/uP+4yDf6nL74vFnILCw?=
@ 2005-10-26 17:14 ` Henrik Nordstrom
1 sibling, 0 replies; 7+ messages in thread
From: Henrik Nordstrom @ 2005-10-26 17:14 UTC (permalink / raw)
To: KOVACS Krisztian; +Cc: netfilter
On Wed, 26 Oct 2005, KOVACS Krisztian wrote:
> Unfortunately that possibility was removed when restructuring the
> Linux NAT for the 2.6.11 Linux release. Should work with older kernels,
Was repordedly broken in older kernels...
Regards
Henrik
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2005-10-26 17:14 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2005-10-26 14:02 dnat to multiple destination =?unknown-8bit?b?sLAg/uP+4yDf6nL74vFnILCw?=
2005-10-26 14:10 ` Mariusz Kruk
2005-10-26 14:13 ` Jörg Harmuth
2005-10-26 14:14 ` dnat to multiple destination *correction* =?unknown-8bit?b?sLAg/uP+4yDf6nL74vFnILCw?=
2005-10-26 14:19 ` dnat to multiple destination KOVACS Krisztian
2005-10-26 14:22 ` =?unknown-8bit?b?sLAg/uP+4yDf6nL74vFnILCw?=
2005-10-26 17:14 ` Henrik Nordstrom
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.