Forum Discussion
Glenn_32974
Nimbostratus
NimbostratusDirect traffic to proper pool after being snat'd!
Hello
I have written the following Irule (basic one) with the intention to direct traffic to a proper pool after it has been snat'd on the way out
I need to have host 10.44.17.30 get snat'ed to snatpool E_File (2 members: 190.216.X.Y & 190.145.X.Y) and after it has been snat'd choose a proper pool
According to SnatPool , iRule and tcpdumps statistics I see traffic is actually been snat'd
but I dont see either Pool Global or Pool Telmex being hit! And traffic is going out via pool Default_Gateway_Pool_SMTP instead!
when CLIENT_ACCEPTED {
if { [IP::client_addr] equals "10.44.17.30" } {
snatpool E_File
rateclass Fac_Dig
if {[IP::client_addr] equals "190.216.X.Y" }{
pool Pool_Global
pool of 1 member :201.234.X.Y:25
} elseif {
[IP::client_addr] equals "190.145.X.Y" }{
pool Pool_Telmex
pool of 1 member :190.145.X.Y:25
}
log local0. "Valid client IP: [IP::client_addr] - HostName"
else {
pool Default_Gateway_Pool_SMTP
log local0. "Valid client IP: [IP::client_addr] - HostName"
}
}
Is there something wrong with this irule?
Thansk in advanced!
Glenn
6 Replies
- Chris_Miller
Altostratus
Since you're using "client_accepted", the traffic hasn't been SNATed and therefore LTM will see the original client IP and not the SNAT IP...I'll have to think about options here.
May I ask why you're using a SNAT address from different pools? If these are firewalls/gateways, you could maybe use automap? 
Glenn_32974Hi Chris,
I have defined the following Pool:
SnatPool E_File with 2 members:
1. 190.216.X.Y
2. 201.234.X.Y
The idea behind this is to Translate source address 10.44.17.30 to either 190.216.X.Y or 201.234.X.Y SNAT addresses
Because this is Bulk email traffic and sometimes it gets blacklisted so the customer needs to havethis specific smtp traffic leave the network with the above addresses
Did I explain clearly?
Im working with Link Controller and I need to send traffic over one link (Pool Global) is traffic gets SNAT'ed to 201.234.X.Y or the other link (Pool Telmex) if traffic gets SNAT'ed to 190.216.X.Y
Thanks for your response!- Chris_MillerI see now...why not just make one pool that has the link for 201.234.x.y and 190.216.x.y. Then, SNAT from within the LB_SELECTED event so if the chosen pool member is the 201.234.x.y link, we use that address.
- Glenn_32974Sounds good! sorry for the delay in the response!
Let me see how can I work this irule out... I'm nor really an expert
Thx Chris - Chris_MillerI'd do the following:
1. Define snat pool that contains address 201.234.x.y, let's call it "snatpool_201"
2. Define snat pool that contains address 190.216.x.y, let's call it "snatpool_190"
3. Create pool that contains gateway for "201.234.x.y and 190.216.x.y"
4. Create Virtual Server with the above as default pool.
Use a rule like this:when LB_SELECTED { if { [LB::server addr] eq 190.216.x.y } { snatpool snatpool_190 } elseif { [LB::server addr] eq 201.234.x.y } { snatpool snatpool_201 } }
That should compile...let me know if it doesn't. - Glenn_32974Hi Chris!
Sorry for the late update! Your recommendation worked as expected!
Thx for the support on this one!
G
