Forum Discussion
chris_connell_1
Nimbostratus
Nimbostratuschange nat source address for a healthcheck
Hi,
I have configured an http transparent healthcheck, and the healthchecks to the nodes are sent from the F5 self IP's but I would like to know if its possible to apply snat/nat for just these healthcheck requests so the F5 selfip source address is natted to another one.
I tried putting in nat with origin address with the f5 self ip and the nat address, but i guess its not working as this generally works on traffic that is traversing the f5 rather than initiated from the F5.
Is this possible?
Thx
hooleylistCirrostratus
Hi Chris,
If you want to specify a source IP address for a monitor, you'd need to use an external monitor. Here's a basic example we came up with for ICMP:
http://devcentral.f5.com/wiki/default.aspx/AdvDesignConfig/ICMPCustomSourceAddressMonitor.html
I'm not sure what client utility you could use that would allow specifying the source IP address though. curl doesn't seem to support it:
http://curl.haxx.se/docs/faq.html
5.12 Can I make libcurl fake or hide my real IP address?
netcat does seem to support it:
http://nc110.sourceforge.net/
Some of netcat's major features are:
Outbound or inbound connections, TCP or UDP, to or from any ports
Full DNS forward/reverse checking, with appropriate warnings
Ability to use any local source port
Ability to use any locally-configured network source address
Aaron
chris_connell_1
Thanks for the reply Aaron, the base example was useful I will try and modify it using netcat.- Kevin_Davies_40
Nacreous
Create a healthcheck VS per pool member (1 pool member) and apply a SNAT pool to it. Create a monitor for each pool member that points to its healthcheck VS. Apply a member specific monitor to each pool member with its individual monitor.
JGCumulonimbus
If your objective is to test the health of the application service as if from the end-user, you may want to try a passive/inband health monitor.