On Thursday 29 December 2011 03:12 PM, Andrew Stone wrote:
> I now have:
>
> ip address add a.b.c.240/29 dev ppp0 broadcast a.b.c.247
>
> iptables -t nat -I PREROUTING -d a.b.c.241 -j DNAT --to-destination 192.168.1.69
> iptables -t nat -I POSTROUTING -s 192.168.1.69 -j SNAT --to-source a.b.c.241
>
> iptables -t nat -A PREROUTING -d a.b.c.242 -j DNAT --to-destination
> 192.168.1.100-192.168.1.150
> iptables -t nat -A POSTROUTING -s 192.168.1.100-192.168.1.150 -j SNAT
> --to-source a.b.c.242
>
>
> The .69 machine correctly has .241 ... however the machines located in
> the range do not have .242 ?
>
> Is this is correct way to specify a nat range with iptables?

 From 'man iptables',

"""
In Kernels up to 2.6.10 you can add several --to-destination options. 
For those kernels, if you specify more than one des‐
tination address, either via an address range or multiple 
--to-destination options, a simple round-robin (one after another
in cycle) load balancing takes place between these addresses. Later 
Kernels (>= 2.6.11-rc1) don't have the ability to NAT
to multiple ranges anymore.
"""

Regards,
Vignesh