Forum Discussion

chris_connell_1's avatar
Icon for Nimbostratus rankNimbostratus
Dec 16, 2010

change nat source address for a healthcheck



I have configured an http transparent healthcheck, and the healthchecks to the nodes are sent from the F5 self IP's but I would like to know if its possible to apply snat/nat for just these healthcheck requests so the F5 selfip source address is natted to another one.



I tried putting in nat with origin address with the f5 self ip and the nat address, but i guess its not working as this generally works on traffic that is traversing the f5 rather than initiated from the F5.



Is this possible?





















4 Replies

  • Hi Chris,



    If you want to specify a source IP address for a monitor, you'd need to use an external monitor. Here's a basic example we came up with for ICMP:





    I'm not sure what client utility you could use that would allow specifying the source IP address though. curl doesn't seem to support it:




    5.12 Can I make libcurl fake or hide my real IP address?



    netcat does seem to support it:





    Some of netcat's major features are:



    Outbound or inbound connections, TCP or UDP, to or from any ports


    Full DNS forward/reverse checking, with appropriate warnings


    Ability to use any local source port


    Ability to use any locally-configured network source address





    Thanks for the reply Aaron, the base example was useful I will try and modify it using netcat.
  • Create a healthcheck VS per pool member (1 pool member) and apply a SNAT pool to it. Create a monitor for each pool member that points to its healthcheck VS. Apply a member specific monitor to each pool member with its individual monitor.


  • JG's avatar
    Icon for Cumulonimbus rankCumulonimbus

    If your objective is to test the health of the application service as if from the end-user, you may want to try a passive/inband health monitor.