Need load balanced servers to be externally accessible

Sounds to me like you are understanding it pretty well. SNAT just changes the source IP of an incoming packet to an address on the the BIG-IP, so that when the packet is handed to the destination server, that server will respond directly to BIG-IP because it "thinks" BIG-IP is the client.

 

 

SNAT is required in cases like yours, because the default behavior of BIG-IP is to preserve the original client's IP address when the packet is forwarded to the destination server; if it did that in your case, the server would then respond to its' default gateway to get directly back to the client, and the client would then drop the packet because it doesn't know it's talking to that server, it thinks its' talking to the BIG-IP virtual server.

 

 

Automap simply means that BIG-IP will choose its' own Self-IP as the address that it changes the source to (whichever Self-IP is appropriate given the destination). A regular SNAT lets the administrator choose what IP is used for the SNAT, and a SNAT pool allows for multiple SNAT addresses to be chosen (usually only needed in situations where there could potentially be enough traffic to use up all of the 65535 ephemeral ports on one IP address).

 

 

Hope that helps,

 

Denny