# Load balancing

From nftables wiki

Since nftables v0.7, there is support in place to perform NAT load balancing.

Don't forget the special NAT chain semantics: Only the first packet evaluates the rule, follow up packets rely on conntrack to apply the NAT information.

## round robin

This method uses the nftables internal number generator.

The example below is distributing new connections in a round-robin fashion between 192.168.10.100 and 192.168.20.200.

```
% nft add rule nat prerouting dnat to numgen inc mod 2 map { \
0 : 192.168.10.100, \
1 : 192.168.20.200 }
```

You can also emulate flow distribution with different backend weights using intervals:

```
% nft add rule nat prerouting dnat to numgen inc mod 10 map { \
0-5 : 192.168.10.100, \
6-9 : 192.168.20.200 }
```

The distribution can be based on ports as well:

```
% nft add rule nat prerouting ip protocol tcp dnat to 192.168.1.100 : numgen inc mod 2 map {\
0 : 4040 ,\
1 : 4050 }
```

## consistent distribution

Using the nftables internal hashing mechanisms.

```
% nft add rule x y dnat to jhash ip saddr . tcp dport mod 2 map { \
0 : 192.168.20.100, \
1 : 192.168.30.100 }
```