Automap SNAT and port exhaustion

Question

We are currently using Automap SNAT in our environment and I am trying to design for a large increase in connections. Can we add to the available port space available for automap SNAT simply by adding an additional floating IP to the VLAN? Or will we be forced to create a SNAT pool to use multiple IPs to accommodate >64k connections?

nathe · Answer

Bubbagump... Additional floating self ips on the egress vlan should work. Snat pool is probably better/cleaner though. Just my 2c of course.&nbsp;
N&nbsp;

bubbagump_12531 · Answer

What's the major advantage to SNAT pools? It seems like a 6/half dozen scenario to me.&nbsp;

pete_71470 · Answer

With SNAT pools you decide which virtual uses which pools. With an extra floating self-ip in the egress vlan, the entire vlan is affected. This might not matter in your deployment. Some nodes don't behave well (Exchange, for example) to having their source-ip change during their sessions so in this case having extra floats could causes surprises down the road.

nathe · Answer

Thanks Pete. Been offline for a while. Couldn't have said it any better.

hamish · Answer

With SNAT pools, you can add an iRule to choose the particular SNAT IP your client connection uses. That way the IP doesn't change mid session. &nbsp;
H&nbsp;

Forum Discussion

Automap SNAT and port exhaustion

5 Replies

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

can you help with getting a BigIP virtual edition serial key

VIP in https that redirect to another vip in https

In Using the AST tool am I pointing it to TENANTS or to the F5OS(hardware) I have?

2026 is Almost Here

VIP is not responding on SYN after enabling other modules like ASM, APM and AFM.

Related Content

Kill SNAT AutoMap!

SNAT Automap

How to ensure source address and source port are accepted and traversed properly via F5 SNAT automap

SNAT pool persistence

WILS: Load Balancing and Ephemeral Port Exhaustion

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS