Forum Discussion
Mike_Blue_30573
Nimbostratus
NimbostratusBypass Automap Snat on single VIP
Good Afternoon. I seemed to have backed myslelf into a corner. We have been migrating applications to a new set of 9.0.4 Bigips'. During this migration I have been using the Automap Snat so that I could hide layer 3 source. Basically with this I did not have to change the gateway of about 300 servers. Since migration 1 of the app owners has come to me and informed me that there app uses layer 3 source for trending internal and external users.
I am trying to figure out an Irule to bypass the Autosnat at the VIP level so that I can pass the layer 3 source.
Any help would be appreciated. I have tried several different configurations to no avail.
Thany You for your time.
3 Replies
- First, try disallow snat on the pool in question. That might disable the snat automap. To be honest, I'm not sure.
Alternatively, you could create a snat pool with the translation addresses that you want. A snat automap behaves similarly to a default snat with a snat pool containing the self ips. Then, simply associate this snat pool with each vip that requires the snat. Hope this helps... 
Brian_Gupta_115You will need to have the backend server in question route to the BigIP. (Or in the case of an HA pair the floating IP). To do this the server will need to sit on a VLAN that the has a connection to.
If it not already on the same segment as the BigIP you will need to move the server to the VLAN the BigIP is connected to or add a link from the BigIP to the server segment in question
Once you have done this you will need to disable SNAT for the pool in question, and diasble autosnat for the VIP.
Let me know if you have further questions.
Thanks,
Brian
P.S. - There may be other ways to do this, if the BigIP is already in the path.- Brian_Gupta_115Do you have multiple pools backing a single vip? Or is it a one to one mapping VIP -> pool? IE: Are you using an iRule already?
-Brian
