Forum Discussion

zztop123's avatar
zztop123
Icon for Nimbostratus rankNimbostratus
Sep 07, 2023
Solved

Remove subnet from NAT pools without any impact

What is the easist way to Remove subnet from NAT pools without any impact
event
  • Mohamed_Ahmed_Kansoh's avatar
    Mohamed_Ahmed_Kansoh
    Sep 07, 2023

    Hi zztop123 , 

    Look , 
    you should first see how this pool of NAT IPs used , see if it's used by huge amount of traffic , or by little or isn't used. 

    if this subnet not used , you can remove it , it will not cause any impact. 

    but if this subnet is used much in NATing you should remove it , as you maybe impacted by port exhausion so at this case you shouldn't remove it. 

    So the impact only is with port exhausion not anything else. 

Mohamed_Ahmed_Kansoh's avatar
Mohamed_Ahmed_Kansoh
Icon for MVP rankMVP
Sep 08, 2023

Hi zztop123 , 

Well , 
Go to ( Local Traffic >> Address translation >> SNAT pool list >> open the SNAT list you need , then select all IPs that you need to remove  ) , you can record these ips in external txt files . 

Click update and monitor the behavior , if there is an impact you can put these Ips from the txt file again and click update. 
by this you did the rollback. 

I want to ask you , maybe I miss understand you , you're speaking about SNAT pools which attached to virtual servers ? or you meant another pools 

Please clarify 

zztop123's avatar
zztop123
Icon for Nimbostratus rankNimbostratus
Sep 08, 2023

Hi Mohammed,

Its not SNAT pool , just a NAT pool. is the procedure the same for it ? Please find the screen shot

 

  • Mohamed_Ahmed_Kansoh's avatar
    Mohamed_Ahmed_Kansoh
    Icon for MVP rankMVP
    Sep 09, 2023

    Hi zztop123 , 
    ohh , this AFM NATing. 

    first you need to see if this subnet is used in transulations or not 
    > look at logging profile.

    > use this command on bash ( #tmsh show sys connection > /var/tmp/AFM_NAT.txt ) 
    This is the Article to view the connections : https://my.f5.com/manage/s/article/K53851362 
    you can use filters 

    I recommended to move these the connections to a text file , because it may impact your device performance if you viewed these connections in bigip cli. 

    then remove this subnet. 

    but I can't measure the impact if there is impact from removing this subnet , it depends on your number of subscribers. 

    Seeing if this subnet is used much or not may help you to detect if this will case a shortage in available ips or not. 

    If this a deterministic NAT you can calculate the estimated number of reserved ips for each subscriber , look at this article : https://techdocs.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/cgn-implementations-11-5-0/13.html