Forum Discussion

rajesh1's avatar
rajesh1
Icon for Nimbostratus rankNimbostratus
May 02, 2012

IRULE - Using a differnt snatpool based on the client ip address

Hello All,

 

 

I need to perform SNAT in the current setup to route the return traffic via the F5.

 

 

I am looking for an Irule on a virtual server to use a different snatpool based on the actual client ip address and this has to scale up to 100 differnt clients using the same virtual server.

 

 

If client ip matches X -->Use SNATPOOL Y

 

X1 --> Use SNATPOOL Y1

 

X100 --> Use SNATPOOL Y100.

 

 

 

Thanks

 

Raj

 

 

 

  • You have a few options, but the best two will to either use a switch statement, or use a data group.

     

     

    By using the switch command, you can do something like:

     

     

    switch [IP::client_addr] {

    "1.1.1.1" { snatpool Y }

     

    "2.2.2.2" { snatpool Y2 }

     

    etc...

     

    }

     

     

    You can add a default statement at the end to catch anything that is not matched.

     

     

    If you want to create a data group, you can create one with a type of string, with a name := value pair of client IP := snatpool name.

     

     

    Then, an iRule with something like:

     

     

    if { [set snatpoolname [class lookup [IP::client_addr] ] ne "" } {

     

    snat $snatpoolname

     

    } else {

     

     

    }

     

     

     

  • Thanks for the suggestion ...tested and the logic works .

     

     

    Is there any limitation on adding number of entries in the data group ?