Forum Discussion
Xylene_UK_11374
Nimbostratus
NimbostratusLTM9.4.6:- snat pool with 2 ISP links question
I would like to know how to set up the following:-
backend servers are mail relays / servers who make many DNS lookups, so many that the normal snat automap exhausts all ports.
I have2 links (isps available)
So my plan is to create a new virtual server on an internal IP address.
This vip will have a pool with a single member, the external DNS server (reachable via both isp links)
and then create a snat pool on the virtual which will have 2 IP addresses from each of the 2 subnets / links
Now the question is once the client IP has been snatted with one of the pool members, how does it know how to route out to the correct link?????
It will use the default gateway pool, but will it be 50 / 50 on getting the right gateway ???
DNS_VIP_UDP
10.159.144.120:53
protocol: UDP
protocol profile: udp_gtm_dns
SNAT_pool: DNS_SNAT
default pool: DNS_POOL
DNS_VIP_TCP
10.159.144.120:53
protocol: TCP
protocol profile: tcp_gtm_dns
SNAT_pool: DNS_SNAT
default pool: DNS_POOL
DNS_POOL
members: x.y.4.12:53
DNS_SNAT
4.xx.218.220
4.xx.218.221
12.yy.149.20
12.yy.149.21
-------------
My current routes has a default to a pool with the two ISP router IP.
4.xx.21.132 and 12.yy.149.4
Anyone give me a clue how to work around this with a rule or have any other idea's
Thanks
Xyleneuk
11 Replies
- Hello Bobcox,
You're right you can not change the default UDP timeout for autosnat.
For snat pool members (or individual explicitly defined SNATS), you can lower the tcp/udp/ip idle timeout for each address as follows in your bigip.conf
snatpool my_snat_pool {
members 1.1.1.1
}
snat translation 1.1.1.1 {
tcp timeout 300
udp timeout 300
ip timeout 300
}
You can also do this from the GUI by going to:
a) SNATS -> SNAT Translation List page in 9.4.x and clicking on each defined address OR
b) In 10.x going to SNATS -> SNAT Translations dropdown directly and clicking on each defined address.
HTH
