Forum Discussion
Chris_Miller
Altostratus
AltostratusiRule dependent on Link Availability
I'm currently using Link Controller to load balance ISPs. Due to the complications of IPSEC, I've had to do a config like this.
1. Pool containing IPSEC device with ip 1.1.1.1
2. VS created for IPSEC ports/protocols with public ip 2.2.2.2
3. ISP Routers are 2.2.2.1 and 3.3.3.1
4. SNAT pool created containing 2.2.2.2
5. Since IPSEC initiates some traffic, iRule created with following logic:
if client ip is 1.1.1.1, use snat pool 2.2.2.2 and use pool with 2.2.2.1 link
To make this redundant, I'd like to do the following.
1. Create VS for IPSEC ports/protocols with public ip 3.3.3.2
2. Create SNAT pool containing 3.3.3.2
3. Configure inbound wideIP which currently contains VS 2.2.2.2 to use 3.3.3.2 as a fallback IP.
4. Create an iRule that basically says, if link 2.2.2.1 is down, snat to 3.3.3.2 and use outbound link 3.3.3.1
What are my options here?
5 Replies
- Chris_MillerAnyone?
- Try the Advacned config forum, you're in the iRules forum.....
http://devcentral.f5.com/Default.aspx?tabid=53&view=topics&forumid=31 
hoolioCirrostratus
I think cript might be looking for an iRule solution for this?
cript, can you provide a sample config for what you've configured currently? Are you using an iRule to select the snat pool and load balancing pool?
Thanks,
Aaron- my bad.. yes post your current link controller config.
- Chris_Miller
Posted By hoolio on 03/24/2010 6:37 AM
I think cript might be looking for an iRule solution for this?
cript, can you provide a sample config for what you've configured currently? Are you using an iRule to select the snat pool and load balancing pool?
Thanks,
Aaron
Yes,
I'm using an iRule to select the snat pool and the outbound link.
iRule basically says, if client IP is X, SNAT to SNATpool and use pool_outbound_X
