e.g. if we want 3 clients to see different webservers, then all we have to do is use the one address for any client and add the following rules;
ipchains -I $INPUTCHAIN -p tcp -y -s $CLIENTA --dport 80 -m 1 ipchains -I $INPUTCHAIN -p tcp -y -s $CLIENTB --dport 80 -m 2 ipchains -I $INPUTCHAIN -p tcp -y -s $CLIENTC --dport 80 -m 3 ipmasqadm mfw -I -m 1 -r $WEBSERVER1 80 ipmasqadm mfw -I -m 2 -r $WEBSERVER2 80 ipmasqadm mfw -I -m 3 -r $WEBSERVER2 8080
Now that's rather creative! I had problems once with access to a web server from particular ISPs, due to the downstream links tending to become very congested. Now I think with this idea, it would be possible to use this to 'bind' clients to a web server address that has the best connectivity to their network. The main servers hosted at Telehouse (the main UK access point), could use this idea to redirect the initial connection onto a IP alias in the backend net, where the Apache virtual host, directs the traffic onto a server connected directly within their AS. I'm not sure how manageble it would be in practice for a consumer rather than B2B subscription based site, there are rather a lot of routes these days, so I'd hoped to solve the problem using a module in Apache to time 'benchmark' downloads to allow some dynamic tuning, remembering which servers gave best response in past. Rob