Forum Discussion
NimbostratusNewbie LTM lab setup question
MVPWhat is default gateway configured on DNS servers??
If it is not F5 Ip then in your case, it will cause Assymetric routing issues. This is because DNS servers response will not go through F5 and session will be incomplete. So to avoid this situation, SNAT is the option that you are talking about. By keeping SNAT settings to automap, you can overcome Assymetric routing issues and response from DNS will go via F5.
Please enable SNAT and then check traffic.
Mayur
BrerrThanks for the reply really appreciated, that has helped my understanding a little but not solved my problem. The DNS servers as you guessed do not have a default gateway pointing at the f5s.
The virtual server is 10.0.0.10
The selfip is 10.0.0.100
The VM (linux1) is 192.168.33.20
I'm sending the dns query to 10.0.0.10 and can see it appearing on the vm as follows
Without SNAT
19:01:09.559313 IP 10.0.0.1.64843 > linux1.domain: 10311+ [1au] A? www.pwei.org.uk. (44)
With SNAT automap
19:03:07.364072 IP 10.0.0.101.50310 > linux1.domain: 47897+ [1au] A? www.pwei.org.uk. (44)
As you can see both of these are from 10.x which will not work as the VM will answer this down it's default gateway (Which is on a different interface on the VM)
I think the DNS query would have to come from the 192.168.33.0/24 network for this to work.
Thoughts?
Thanks
Brett
