DNAT multiple --to-destination gone: why?

Linux Netfilter discussions
 help / color / mirror / Atom feed

From: "David Sparks" <dave@ca.sophos.com>
To: netfilter@vger.kernel.org
Subject: DNAT multiple --to-destination gone: why?
Date: Wed, 09 Jul 2008 17:32:44 -0700	[thread overview]
Message-ID: <487558AC.8080704@ca.sophos.com> (raw)

According to man iptables:

DNAT...
               In Kernels up to 2.6.10 you  can  add  several  --to-destination
               options.  For those kernels, if you specify more than one desti-
               nation address, either via an address range  or  multiple  --to-
               destination  options, a simple round-robin (one after another in
               cycle) load  balancing  takes  place  between  these  addresses.
               Later  Kernels  (>= 2.6.11-rc1) don't have the ability to NAT to
               multiple ranges anymore.

I'm wondering why this feature was removed?

What are the workarounds/alternatives?

The reason I ask is that I'm using the range feature to DNAT packets 
round-robin to 5 machines (.101-.105).  .103 just had a hard drive failure and 
when I went to remove it from the iptables config I find I can't do that 
anymore as the feature was removed!  I've worked around the problem by 
re-IPing a machine but I'm wondering if there is a iptables solution to this 
so I'll be better prepared in future?

Thanks!

ds

next             reply	other threads:[~2008-07-10  0:32 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2008-07-10  0:32 David Sparks [this message]
2008-07-10  5:13 ` DNAT multiple --to-destination gone: why? Josh Cepek
2008-07-10  5:39   ` Grant Taylor
2008-07-10  5:52     ` Josh Cepek
2008-07-10 10:03   ` Jan Engelhardt

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=487558AC.8080704@ca.sophos.com \
    --to=dave@ca.sophos.com \
    --cc=netfilter@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox