I was experimenting with round-robin capabilities of iptables and ended up crashing my firewall server. The original rule was set to:
iptables -A PREROUTING --destination x.x.x.x -i eth0 -p tcp --dport 25 -j DNAT --to-destination 10.10.10.1-10.10.10.5
All I’m doing is routing a single external IP SMTP traffic to multiple hosts within my internal network for load balancing purposes. What killed the server and caused a kernel panic was this change:
iptables -A PREROUTING --destination x.x.x.x -i eth0 -p tcp --dport 25 -j DNAT --to-destination 10.10.10.5-10.10.10.1
Error was reproduced on another FC6 machine with the same kernel.
Kernel version: Linux version 2.6.20-1.2962.fc6
About Nasim Mansurov
