Forum Discussion

Alb3's avatar
Alb3
Icon for Altostratus rankAltostratus
Jan 14, 2015

Active-Active LTM Snat

Hi community!

 

I've got an active-active configuration on 10.2.4 and i've configured SNAT for one VS.

 

The issue is that when the appliance1 go down (and the SNAT is configured for his UnitID), the appliance2 take the VS but not the SNAT and process the traffic without the SNAT.

 

Can anyone know why? Thanks.

 

-AB

 

  • Alb3's avatar
    Alb3
    Icon for Altostratus rankAltostratus

    Dear Hannes, when the traffico go across the appliance2, the snat is not applyed (at the backend server i see the client address, and not the F5 ip).

     

    The VS is a simply VS on 443, with configured SNAT (a single IP) and SSL configuration. It is configured for be exposed by appliance1, but when it fault, the appliance2 thake the traffic correctly.

     

  • Did you also see a new TCP session being initiated (TCP.srcport change) when appliance 2 started handling the connection?

     

    If you could post the VS configuration, that might help as well. If the SNAT configuration is not "automap", then please provide the relevant SNAT pool or iRule config as well.