Forum Discussion
Cae_140395
Nimbostratus
NimbostratusApply conditional SNATPOOL
Hello all!
I am with a issue of SNAT.
My pool have pool-members from differents subnets. I need apply SNAT 10.100.2.253 when the choosen pool-members are from network 10.100.2.0/24 and the SNAT 172.26.160.71 to pool-members from network 10.100.6.64/27.
Are there a native configuration on BIG-IP 11.6. to solve this issue or do i need to apply an irule for this ?
I wrote two option of irules, but idon't know if is correct.
Data group with ip address from network 10.100.6.64/27:
ltm data-group internal DGROUP-THS {
records {
10.100.6.64/27 { }
}
type ip
SNATPOOL when poolmember 10.100.6.x are chosen:
ltm snatpool SNAT_THS {
members {
172.26.160.71
}
}
SNATPOOL when poolmember 10.100.2.x are chosen:
ltm snatpool SNAT_DEFAULT {
members {
10.100.2.253
}
}
1° Option irule:
when CLIENT_ACCEPTED {
if { [class match [IP::client_addr] equals DGROUP-THS]} {
snatpool SNAT_THS
} else {
forward
}
}
}
2° Option irule:
when LB_SELECTED {
if { [class match [LB::server addr] equals DGROUP-THS]} {
snatpool SNAT_THS
} else {
forward
}
}
And for two irule the snatpool SNAT_DEFAULT is set on virtual server.
- Kevin_Stewart
Employee
I don't really think you need two separate iRules:
when CLIENT_ACCEPTED { if { [class match [IP::client_addr] equals DGROUP_THS] } { snatpool [class match -value [IP::client_addr] equals DGROUP_THS] } }where your datagroup includes two different entries:
ltm data-group internal DGROUP-THS { records { 10.100.6.64/27 { data SNAT_THS } 172.26.160.0.24 { data SNAT_DEFAULT } } type ip }Or if you just have a default SNAT for anything that's not in the 10.100.6.64/27 subnet:
when CLIENT_ACCEPTED { if { [IP::addr [IP:client_addr] equals 10.100.6.64/27] } { snatpool SNAT_THS } else { snatpool SNAT_DEFAULT } }
