To me your "source x.x.x.x" is working anyway from the haproxy sight but you're masquerading all aliases behind the default eth0 interface.
You can still use the haproxy service on your gateway by adding : either source routing : ip route add default @gw@ src @alias@ // but this way you will route all from one alias interface If you have more than one alias : iptables -t nat -A POSTROUTING -o eth0 -s @alias@ -j SNAT --to-source @alias@ This way, you will need to use as much rules as you have different "source ..." used in haproxy conf (if you want to keep a persistence or source route further). If you just want to balance from different IP to load balance on different networks, you can just add one rule but with : "... --to-source a.b.c.d-z" Regards, On Tue, Aug 20, 2013 at 11:07 AM, Nerilaunt <[email protected]> wrote: > Hello, > > Well ... > > The difference between our prod server and the test server was the > running (or not) of our iptables script that enable ip forwarding (the > server is also a gateway). > > From scratch, "source a.b.c.d" works well. > After "/sbin/iptables -A POSTROUTING -t nat -o eth0 -j MASQUERADE", > source is ignored and the fisrt ip of the routing table is taken. > (the new server only have real nic (eth0, eth1, etc), there is no alias > anymore) > > So, new questions ... Is it normal ? Is it bad to have the same server > for haproxy and gateway ? > > Thanks ! > > -- Steven Le Roux Jabber-ID : [email protected] 0x39494CCB <[email protected]> 2FF7 226B 552E 4709 03F0 6281 72D7 A010 3949 4CCB
