Forum Discussion

rajesh1's avatar
Icon for Nimbostratus rankNimbostratus
May 02, 2012

IRULE - Using a differnt snatpool based on the client ip address

Hello All,



I need to perform SNAT in the current setup to route the return traffic via the F5.



I am looking for an Irule on a virtual server to use a different snatpool based on the actual client ip address and this has to scale up to 100 differnt clients using the same virtual server.



If client ip matches X -->Use SNATPOOL Y


X1 --> Use SNATPOOL Y1


X100 --> Use SNATPOOL Y100.










2 Replies

  • You have a few options, but the best two will to either use a switch statement, or use a data group.



    By using the switch command, you can do something like:



    switch [IP::client_addr] {

    "" { snatpool Y }


    "" { snatpool Y2 }







    You can add a default statement at the end to catch anything that is not matched.



    If you want to create a data group, you can create one with a type of string, with a name := value pair of client IP := snatpool name.



    Then, an iRule with something like:



    if { [set snatpoolname [class lookup [IP::client_addr] ] ne "" } {


    snat $snatpoolname


    } else {







  • Thanks for the suggestion ...tested and the logic works .



    Is there any limitation on adding number of entries in the data group ?