BigIP Remove the source address of host

client is 192.168.206.96

 

vip is 172.28.17.66

 

selfip is 172.28.17.60

 

pool member is 172.28.17.80

 

pool member's default gateway is 172.28.17.60

 

 

[root@tulip:Active] config b self 172.28.17.60 list

 

self 172.28.17.60 {

 

netmask 255.255.255.0

 

vlan external

 

allow all

 

}

 

[root@tulip:Active] config b virtual bar list

 

virtual bar {

 

pool foo

 

destination 172.28.17.66:ssh

 

ip protocol tcp

 

}

 

[root@tulip:Active] config b pool foo list

 

pool foo {

 

members 172.28.17.80:ssh {}

 

}

 

 

[root@tulip:Active] config tcpdump -nni 0.0 \(host 192.168.206.96 and host 172.28.17.66 and port 22\) or \(host 192.168.206.96 and host 172.28.17.80 and port 22\)

 

tcpdump: verbose output suppressed, use -v or -vv for full protocol decode

 

listening on 0.0, link-type EN10MB (Ethernet), capture size 108 bytes

 

(1) 03:33:22.083798 IP 192.168.206.96.63959 > 172.28.17.66.22: S 376152562:376152562(0) win 8192

 

(2) 03:33:22.083847 IP 172.28.17.66.22 > 192.168.206.96.63959: S 3250302098:3250302098(0) ack 376152563 win 4380

 

(3) 03:33:22.084122 IP 192.168.206.96.63959 > 172.28.17.66.22: . ack 1 win 256

 

(4) 03:33:22.084168 IP 192.168.206.96.63959 > 172.28.17.80.22: S 4066958068:4066958068(0) win 4380

 

(5) 03:33:22.085213 IP 172.28.17.80.22 > 192.168.206.96.63959: S 1806241468:1806241468(0) ack 4066958069 win 5840

 

(6) 03:33:22.085225 IP 192.168.206.96.63959 > 172.28.17.80.22: . ack 1 win 4380

 

 

packet no1-3 is syn, syn+ack and ack between client and vip

 

packet no4-6 is syn, syn+ack and ack between bigip and pool member (since snat is none, source ip isn't changed to bigip selfip). i don't show mac address. if u do, u will see even source ip is client ip but mac address is bigip mac address indeed.

 

 

hth