per VLAN default gateway config

Can you draw a diagram? Are you saying traffic from vlan 20 will go out via different route/ISP link than vlan 30?

 

 

Is it inbound or outbound connections? Inbound connections require nothing more than auto-lasthop. Outbound you can create two differerent network VS's and route via load balancing different port 0 pools. I've done it both ways.

 

 

H

Hello Daniele,

 

 

You can use virtual servers with (destination) address translation disabled pointing to a pool of the gateway(s) to perform per service/per destination IP or network load balancing. The VIPs can be enabled on specific VLANs to allow you to specify different gateways based on the ingress VLAN.

 

 

Aaron

It's an outbound connection ... We use SNAT to map a private address to public routable address, then we need to route outboud traffic to a specific gateway! How can we configure specific default gateway ??

 

 

Regards

 

 

Daniele

You could replace the functionality of the SNAT with a virtual server. The VIP could have SNAT enabled if it's required for routing. What destination IP the VIP is configured on depends on what outbound traffic you want to match. If you want to match all addresses and ports, configure the VIP with a destination IP of 0.0.0.0/0.0.0.0 on port 0. Disable address translation, set SNAT to automap and set the pool to a pool containing your default gateway(s). If you want to traffic originating from one VLAN, enable the VIP only on that VLAN. If you run into problems troubleshooting the new VIP, you can add an iRule to log new connections.

 
 when CLIENT_ACCEPTED { 
    log local0. "[IP::client_addr]:[TCP::client_port]: New connection from client to VIP.  Requested IP:port: [IP::local_addr]:[TCP::local_port]" 
 } 
 

Aaron

Click here for a thread with a lot of information about doing this using separate "transit" VLANs for each internal VLAN.

 

 

Denny