Forum Discussion
Gbps_31870
Aug 05, 2012Nimbostratus
Application issue with SNAT pool
Hi,
We have one VS configured with a SNAT pool, but server team complain that there is an issue accessing the application.
Giving that everything is working fine when they are acce...
Michael_Yates
Aug 07, 2012Nimbostratus
Hi Gbps,
Question: Is there a way through iRule to translate Client IP address to a single IP from the snat-pool for all connections during the same session?
The simple answer is yes, by specifying the SNAT Address like you are doing above but there are limitations.
If you use SNAT Automap the BIG-IP will use one of its Self IP Addresses as the SNAT Address, but each Self IP Address can only snat 65,536 connections before the next Self IP Address is used (any SNAT Address you specify will have the same limitation). Note that these are per connection and most browsers open up anywhere from 3 to 6 connections at a time to download a site faster. So depending upon the usage of the site you may need to have multiple SNAT IP Addresses (use a SNAT Pool).
Do you know if the application is capable of using an X-Forwarded-For HTTP Header? This would deliver the True Client IP Address to the application and might help your situation as well.
X Forwarded For Single Header Insert
Using "X-Forwarded-For" in Apache or PHP
X-Forwarded-For
Hope this helps.
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects