Forum Discussion
rafaelbn_176840
Altocumulus
AltocumulusBIG-IP CGNAT - VLAN CMP Hash
Hello Devs! How is everybody doing?
I'm trying to wrap my head around a requirement for the CGNAT module.
Currently, it's mandatory that, for the CGNAT using PBA LSN pools, that the ingress VLAN uses the VLAN CMP hash as source address and the egress VLAN uses destination as the cmp hash.
I understand what the CMP hash does but on an environment where the BIG-IP is the CGNAT device and routes to the internet, every time a new client connects, it will use ephemeral ports as the source and different destination IPs as the destination, so the default cmp hash would/should do the trick.
But if I don't set the cmp hash correctly, I get some error on /var/lo/ltm.
Feb 6 14:54:01 bigip1 err tmm[31839]: 01670024:3: Unsupported DAG mode for LSN pool(/Common/lsn_pool_rd10) mode PBA on interface /Common/F5_BACKBONE
Feb 6 14:54:53 bigip1 err tmm[31839]: 01670024:3: Unsupported DAG mode for LSN pool(/Common/lsn_pool_rd10) mode PBA on interface /Common/F5_BACKBONE
I just wanted to understand the why of this.
Thanks, Rafael.
rafaelbnCirrostratus
After digging a little deeper, I found an article explaining the reasoning.
https://support.f5.com/csp/article/K54951499
The idea (to my understanding at least) is to optimize the return traffic, kind of pinning the subscriber to the same TMM process. If you don't do that, the returning traffic could be handled by another TMM and both TMM process handling that one subscriber would need to communicate, introducing some delays.
Sorry for asking too early! Cheers! Rafael
NathYou really help me understand the use of SPDAG in CGNAT :)