Forum Discussion
Deb_Allen_18
Nov 10, 2007Historic F5 Account
Sounds like you're LB'ing outbound links?
And the flow I think you are describing is:* All HTTP/S traffic for 3 clients will be sent out ISP1 with unique SNATs
* All other HTTP/S traffic will be sent out ISP2 with auto SNAT
* All non-HTTP/S traffic will be load balanced to the default pool (not managed by the rule).
I'd recommend creating a class list (data group list) of type string containing the list of servers you want to send through ISP1 and their SNAT addresses. It's easier to maintain the class than to modify the rule if things change.
class ISP1_server_SNATs {
172.24.95.139 196.29.40.139
172.24.95.135 196.29.40.135
172.24.95.133 196.29.40.133
}
Then this rule would be applied to a forwarding virtual server enabled on the server vlan to direct traffic as you describe (comment out log lines after verifying):
when CLIENT_ACCEPTED {
if { ([TCP::local_port] == 80) || ([TCP::local_port] == 443) } {
set mySNAT [findclass [IP::client_addr] $::ISP1_server_SNATs " "]
if { $mySNAT != "" } {
log local0. "SNATing [IP::client_addr] to $mySNAT over ISP1"
snat $mySNAT
pool Pool_Routeur_ISP1
} else {
log local0. "SNATing [IP::client_addr] to auto SNAT over ISP2"
snat automap
pool Pool_Routeur_ISP2
}
}
HTH
/deb