Forum Discussion
Nik
Cirrus
CirrusLogging outgoing SNAT List connections
I have a number of servers in snat lists and we're trying to figure out what servers are actually making connections. I haven't found anyplace to do this.. any ideas if it's possible?
I´m not sure, if I got your question right. If you are talking about incoming connections to be balanced to a pool of local servers and SNAT is applied somehow, you can use an iRule as this one (second log):
when SERVER_CONNECTED {
log clientside connection details to /var/log/ltm
log local0. "Clientside connection: [clientside {IP::remote_addr}]:[clientside {TCP::remote_port}] to [clientside {IP::local_addr}]:[clientside {TCP::local_port}]"
log serverside connection details to /var/log/ltm
log local0. "Serverside connection: [IP::local_addr]:[TCP::local_port] to [IP::remote_addr]:[TCP::remote_port]"
}
Or are you talking about so called default SNATs?
In this case the "clientside" part of the iRule above provides the requested information. Btw, I´m always trying to avoid them. Using a SNATpool in the context of a virtual server or applying SNAT via iRule provides much better control.