Forum Discussion
Brandon_12607
Nimbostratus
NimbostratusGTM no Snat
Qustion abt SNAT
I am going to use snat on the Virtual Server VIP on the GTM. I have 2 pools the default pool of DNS servers and a Secondary pool. On the secondary pool inside the IRULE i am going to remove SNAT and send it to a Server. Then on the server i am going to reroute DNS traffic back up to the GTM. Then GTM will send traffic to PC.
So my question is when the GTM sends unsnated traffic to the servers does this session close? Or does it stay open, so the server can send traffic back to the GTM? Is there anything i need to do on the VIP to keep the session open?
2 Replies
IanBEmployee
Can you explain with a bit more detail what you're trying to do ?
BrandonCirrostratus
The PCs in our org point to the GTM for DNS. The Citrix NetScaler needs see the Client source IP. ======================================================================================================================================================================================= When the client reaches the GTM currently has 2 options if client uses a Wide IP, or load balances to DNS servers. we will be adding a 2nd Pool 3rd option VIA a IRULE Citrix NetScaler pool. ======================================================================================================================================================================================== GTM Wide IPs ============================================================================================ Pool 1 Default Pool DNS Severs ======================================================================================== Pool 2 (The only way use this pool use a IRULE ) Will be new NetScaler DNS IP ============================================================================================ This is the IRULE we were looking at when DNS_REQUEST { if { ([IP::addr [IP::client_addr] equals 10.10.10.0/24]) } { switch -glob [string tolower [DNS::rrname]] { "www.domain1.com" - "www.domain2.com" - "www.domain3.com" - "www.domain4.com" - "www.domain5.com" { pool external_dns_pool snat none } default { pool internal_dns_pool } } } ==================================================================================================================================================================================================================================================================================== So all of this to send to NetScaler with the Client IP as the source. My question is when the NetScaler sends the traffic back to the GTM via a policy route, When the GTM receives the packet remember we turned Snat off via the irule for this pool, so will the session be open still for the GTM to send a reply back to the Client with DNS response? Or will it do something else to send the reply back to Client?
