From mboxrd@z Thu Jan 1 00:00:00 1970 From: "Alexandre J. Correa - Onda Internet" Date: Mon, 11 Dec 2006 19:27:08 +0000 Subject: Re: [LARTC] load balacing with https home banking Message-Id: <457DB10C.6040908@ondainternet.com.br> List-Id: References: In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable To: lartc@vger.kernel.org you can try static ips of home banking like: $IPTABLES -t nat -A POSTROUTING -s my_ip --protocol tcp -m multiport -d 200= .200.200.1 --dports=20 80,443 -j SNAT --to-source adslB where 200.200.200.1 is ip of homebanking site... and it=B4s going out via a= dslB Marco Berizzi wrote: > Hello everybody. > I'm running linux 2.6.19 with nth match to > alternatively snat outgoing connections to > two different ip addresses for load balancing > between two adsl lines: > Here is: >=20 > $IPTABLES -t nat -A POSTROUTING -s my_ip --protocol tcp -m > multiport --dports 80,443 -m statistic --mode nth --every 2 -j SNAT --to > adslA > $IPTABLES -t nat -A POSTROUTING -s my_ip --protocol tcp -m > multiport --dports 80,443 -j SNAT --to adslB >=20 > Things are working pretty good, but some > applications (https home banking for example), > don't work correctly (because the remote > server see two different ip addresses). Is > there any trick to tell iptables to snat > always with the same source ip for the same > destination host? I have also modified SNAT > with SAME, but no luck. >=20 > TIA >=20 >=20 > _______________________________________________ > LARTC mailing list > LARTC@mailman.ds9a.nl > http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc >=20 --=20 Sds. Alexandre J. Correa Onda Internet www.ondainternet.com.br Linux User ID #142329 _______________________________________________ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc