Forum Discussion

Nimbostratus

12 years ago

Routing Traffic via Self-IP/SNAT based on provided/allowed source subnet

Hi Team, After a long gap, again coming back to the same topic(Dividing or routing traffic through SNAT or Self-IP) where I got the concept: when CLIENT_ACCEPTED { if { [class match [IP::cl...

Admin

12 years ago

I don't think you need three different datagroups, instead, use the key/value pairing options in datagroups (just a swag on your 64.x networks):

ltm data-group internal ipdg {
    records {
        10.25.128.0/24 {
            data snatpool-prod
        }
        10.25.129.0/24 {
            data snatpool-prep
        }
        10.25.130.0/24 {
            data snatpool-edi
        }
        64.0.128.0/24 {
            data snatpool-prod
        }
        64.0.129.0/24 {
            data snatpool-prep
        }
        64.0.130.0/24 {
            data snatpool-edi
        }
    }
    type ip
}

each snatpool would be your 10.25.x.109 address. then in the iRule, if there is a match on the class, snat on the class value, otherwise, use snat automap, which could be your default condition on the virtual to simply the configuration. The datagroup will be a first match, so for your final question, you should order on best case, or put logic in the rule above your class matching to look at source and destination before making a determination

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)