Forum Discussion

BJL_01_139818's avatar
BJL_01_139818
Icon for Nimbostratus rankNimbostratus
Dec 05, 2014

Intelligent SNAT Pool

Hi guys, i have a few questions: i have one VS, i want to do SNAT through different SNAT Pool List upon the client source IP address.

 

I have some questions regarding this :

 

  1. Is the only way to accomplish this through the use of iRule scripts?
  2. If so, for the sake of simplicity, can it be done with iRule + Data Group(s)?

Could any kind souls give an example as to how to accomplish his?

 

Best Regards Brian

 

  • Below is the iRule considering you already have x no of DataGroups already with required Client IP address

     

    when CLIENT_ACCEPTED { if { [ class match [IP::client_addr] equals DataGroup1 ] } { snat snatIP1 } elseif { [ class match [IP::client_addr] equals DataGroup1 ] } { snat snatIP2 } if nothing matches use snat IP configured in virtual server }

     

  • Below is the iRule considering you already have x no of DataGroups already with required Client IP address

     

    when CLIENT_ACCEPTED { if { [ class match [IP::client_addr] equals DataGroup1 ] } { snat snatIP1 } elseif { [ class match [IP::client_addr] equals DataGroup1 ] } { snat snatIP2 } if nothing matches use snat IP configured in virtual server }

     

    • BJL_01_139818's avatar
      BJL_01_139818
      Icon for Nimbostratus rankNimbostratus
      Hi Syed Thank for the answer. Is it possible to do it in a way, where it will not be so code intensive? I have ALOT of source addresses that will have to be SNAT'ed, so my worry is that the code will be pretty unmanageable. Best regards Brian
  • Hi Brian,

    The iRule is fixed whatever I had given there will be some variation based on number of SNAT IP address you want to give. You have to add the Client address in the corresponding DataGroup not in iRule.     
    

    Thanks Syed