Forum Discussion

rolf's avatar
rolf
Icon for Cirrus rankCirrus
Feb 24, 2020
Solved

iRule and BGP

Hi,   I have a customer case, where I need to apply a specific SNAT depending on the routing decision. The Routing contains the following paths: ISP 1 (default GW) ISP 2 (default GW) BGP Clo...
application delivery
BIG-IP
LTM
  • Niels_van_Sluis's avatar
    Niels_van_Sluis
    Mar 05, 2020

    Hi Rolf,

     

    Take a look at the NAT policies you can configure within AFM. These policies are very comprehensive, and if I’m not mistaking you can alter the source address based on the egress interface the packet is leaving the BIG-IP.

     

    Kind regards,

     

    Niels

Simon_Blakely's avatar
Simon_Blakely
Icon for Employee rankEmployee
Feb 24, 2020

You can do this if your outgoing routes are set up using a gateway pool with priority groups, so that an irule like the following can be used:

when CLIENT_ACCEPTED {
  if {[LB::status default_gateway_pool <ISP1 ip> 0] eq "up"}
    { snat pool smtp_outbound member <ISP1 outbound ip> }
  elseif {[LB::status default_gateway_pool <ISP2 ip> 0] eq "up"}
    { snat pool smtp_outbound member <ISP2 outbound ip> }
  elseif {[LB::status default_gateway_pool <BGP Cloud Link ip> 0] eq "up"}
    { snat pool smtp_outbound member <BGP Cloud Link outbound ip> }
}