So I'm now using a machine strictly as the gateway for other machines with a LARGE pool of IP Addresses assigned to this machine, and snat set up using:
Code:
sudo iptables -t nat -A POSTROUTING --protocol tcp --dport 80 -j SNAT --to-source 10.1.2.1-10.1.2.100:80
And round-robin'ed snat works....to a point.
The machines that use this machine as its gateway do actually rotate the source ip, but only from a selection of four ips each machine.
Example:
Machine1 goes to whatismyip.com
Whatismyip.com returns
10.1.2.12 first time.
10.1.2.30 second time.
10.1.2.29 third time.
10.1.2.11 fourth time.
It then rotates randomly through that same set, .12, .30, .29, and .11 over and over, never touching the other 96 ips available.
Machine1 goes to whatismyip.com
Whatismyip.com returns
10.1.2.15 first time.
10.1.2.66 second time.
10.1.2.34 third time.
10.1.2.9 fourth time.
Again, the same behavior is exhibited.
I have several machines, with many ips, and it only rotates through 4 per physical machine, no matter how many are in the iptables --to-source range.
Why does it not round-robin among the ENTIRE range of ips available for snat?
Thanks,
Michael