Forum Discussion

Nimbostratus

Dec 15, 2009

Irules and Internet connections for Servers with non-routable IP addresses

Hi all, I have a situation I'm trying to address via an iRule on the BigIP, and wanted to see what you think. We have an internal vlan routed by an F5 that consists of pr...

Nimbostratus

Dec 16, 2009

The existing VIP is defined as 0.0.0.0:0, so that's what I'm trying at the moment, assuming that IP::remote_addr contains the destination IP address. There's an example from the architectiing class that I'm trying to modify.

     
      when CLIENT_ACCEPTED {      
      check to see if client ip is in the class      
      if { [matchclass [IP::client_addr] equals $:: PrivateOnCampus] } {      
      Check to see if the remote_addr is in the class      
      if { [matchclass [IP::remote_addr] equals $:: OffCampusServers] } {      
      if both of the above are correct, snat it      
      snat 152.xxx.xxx.xxx      
      } else {      
      if no match forward without address rewrite.      
      forward      
      }      
      }      
      }

I've replaced the snat and forward statements above with logging statements, so I can see first what the traffic looks like.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)