Forum Discussion
EvgeniV
Nimbostratus
NimbostratusDifferent SNAT for each member in the pool
I'm looking for possibility to define different SNAT for each member in the Pool. May be by iRule. But I'm not sure. Because any Selective SNAT iRules that I find based on some switching difference...
EvgeniVNimbostratus
NimbostratusThank You so much Stefan,
The proposed iRule looks right and good but I cannot approve it as working solution,
I really sorry for that but in our case we use exactly similar iRule:
when LB_SELECTED {
if { [IP::addr [LB::server addr] equals 193.142.151.1] } {
snat 172.16.50.1
}
if { [IP::addr [LB::server addr] equals 193.142.151.2] } {
snat 172.16.50.5
}
if { [IP::addr [LB::server addr] equals 193.142.151.3] } {
snat 172.16.50.6
}
}(SNAT Pool includes these three Nodes: 172.16.50.1, 172.16.50.5, 172.16.50.6)
And in the FW LOG catched just after F5 we still see Requests from Src:172.16.50.5(6) to Dst:193.142.151.1 , and I can't understand this.
According the iRule such packets are impossible - When Dst:193.142.151.1 the only source IP must be 172.16.50.1
Respectfully,
Evgeni V.
zamroni777
MVP
MVPcan you ensure those tcp sessions were created after the irules were applied?
if needed, you can delete existing tcp sessions to ensure
https://my.f5.com/manage/s/article/K53851362#Delete
