Hello, Ingo... [...]
> iptables -t nat -A PREROUTING -p udp --dport 80 -i eth0 -j DNAT --to 192.168.0.11:80 > iptables -t nat -A PREROUTING -p udp --dport 80 -i eth0 -j DNAT --to 192.168.0.11:80 > iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE > > so in case host 192.168.0.11 is not responding the host 192.168.0.11 is tried. [...] maybe i am dead blind, but 192.168.0.11 == 192.168.0.11 .. so if one isnt responding the other wont resond, too.. because its basically the _same_ host .. huh? but even w/ 2 different IPs netfilter wont load balance or cluster your connections.. actually netfilter doesnt care about if a host is reachable or not while routing packets. so if host 1 is unavailable the packets will get sent to its ip anyways.. the 2nd rule would never get a single hit.
