Choose SNAT based on URL in HTTP_REQUEST
Hi, Due to lack of external IPs I have two URLs that are resolved to a single IP. This IP is further NATTED to an internal IP in my network (the one of a VS on F5). Based on URL in HTTP_REQUEST an iRule is sending traffic to a node in one of two networks: 10.0.0.32/27 (VLAN 1001) and 10.0.0.64/27 (VLAN 1002)
when HTTP_REQUEST {
switch -glob [string tolower [HTTP::host]] {
"*.url1.com*"{
node 10.0.0.83 80
log local0 "Redirected to live pool [HTTP::host]"
}
"*.url2.com*"{
node 10.0.0.41 80
log local0 "Redirected to live pool [HTTP::host]"
}
}
}
The VS has (now) has VLAN and Tunnel traffic enabled on VLAN 1002 and address 10.0.0.88 in it's SNAT pool list.
Due to my DC design when a VS is in the same subnet as the node everything is perfect. When the subnet is different the traffic needs to go through same firewall couple of times and it makes any future troubleshooting difficult.
What i would like to achieve is to force F5 to use a different SNAT address, depending on which URL it received the traffic. I tried adding VLAN 1001 to enabled VLANS in VS, adding address 10.0.0.60 to SNAT pool and adding a line:
snat 10.0.0.60
to the second part of the iRule. Needles to say no luck, and so far only the works fine, and does not.
I have version 12 if that's relevant.