On Wed, Feb 06, 2002 at 04:03:44PM -0800, James Webster wrote:
> Is there anyway to Network balance behind NAT such that you have one IP mapped to multiple machines behind the firewall?
> 
> i.e.
> 
> rdr 207.202.145.120/32 port 80 -> 10.10.10.1 port 80 tcp
> rdr 207.202.145.120/32 port 80 -> 10.10.10.2 port 80 tcp
> 
> I haven't tried this but my first guess is that it wouldnt work.

With -current (which has the latest ip-filter) you can use the round-robin
feature to do this.  Combined with the 'l4check' utility, you _should_
be able to set it up such that a failed server is removed.
I have zero experience with this feature, just have read about it and want
to experiment eventually.
Here is a link with an example:
	http://www.muine.org/~hoang/freenat.html

On the other hand if you want to try running two different websites on
the same ip address, check out the latest issue of DaemonNews.
	http://ezine.daemonnews.org/200202/
	http://ezine.daemonnews.org/200202/multiweb.html

I have actually tested this with Squid about 6-7 months ago.  It worked
pretty well for what I was doing.  I only tested it with simple static
content though.

-Andrew