Forum Discussion

LillyM_9417's avatar
LillyM_9417
Icon for Altostratus rankAltostratus
Apr 27, 2011

avoid changing source port of the connection while using SNAT

Hello,     We are using SNAT in the irule. Lets assume client's Ip address 192.1.1.1 and port 9999, after the SNAT operations   we manage to change the clients IP address to spesific ip addre...
config
design
George_Watkins_'s avatar
George_Watkins_
Historic F5 Account
Apr 27, 2011
Hi LillyM,

 

 

If you are using version 10.x, there is a setting under the virtual server labeled "Source Port." If you set it to "preserve," the client's original source port should be retained. If the source port is already in use by another connection, TMM will select another source port at random. There is also an option called "preserve strict," which you may or may not want to use depending on your situation. In "preserve strict" mode, if the port is already in use, TMM will use the port anyway making the original source of the traffic indistinguishable to the origin server. There are a few cases where this may work, but we don't recommend it unless you have a specific use case for it.

 

 

Hope this helps,

 

 

-George