How to choose ip from snat pools

Angel,

 

This is controlled by specifying the SNAT pool from the virtual servers properties page. Under Configuration > Basic, Source Address Translation and SNAT Pool are the last two options (at least in v13.x). If you select "automap" as the Source Address Translation then the F5 will use a self-IP. The "next-hop" would be determined by the available routes on the BIG-IP.

 

https://support.f5.com/csp/article/K7820

 

https://support.f5.com/csp/article/K7336

 

If you need a more specific answer, then please provide a more detailed diagram of the flow you are interested in.

 

Hi,

take the simple case. you have no cluster but only one member (so no floating IP but only an self IP).

On your VS you cans set snat Automap or snat pool (if you have configured one).

• Snat Automap:

this allow to nat the source IP address of the user with the selfIP (from the egress). the output vlan depends on the routes you have configured.

so to summarize the function "Snat Automap" allows to NAT the source IP of the user but not the IP destination.

• Snat Pool:

The "Snat Pool" is identical to the automap. the difference is that you can set multiple IP addresses (this is useful when you have more than 65000 user connection and you exceed the number of connections supported by IP...).

Below point that interest you:

When using a SNAT pool with IP addresses from the egress VLAN (the VLAN for which the packet exits in the BIG-IP system) and non-egress VLAN networks, the egress VLAN network address is given higher priority. For example, egress VLAN external has a self IP of 172.16.0.254/24, and SNAT pool member addresses of 172.16.0.1/24 and 10.1.1.1/24. The BIG-IP system prefers the egress VLAN SNAT pool member address 172.16.0.1, and will continue to use the same address until it becomes unavailable.

For more info: https://support.f5.com/csp/article/K7820

You can also use an Irule depending your destination address in order to select the right SNAT POOL IP.