Selective SNAT problem

Question

I have a node in a pool trying to reach a virtual server that references the same pool. Using the code below does work with one caveat: the node in the pool can only reach itself.&nbsp;If the service on the node is disabled, the connection wont get made.&nbsp;Basically I need it to load balance between the other nodes in the pool in case the service on the node gets compromised. Here is where I pulled the general code.&nbsp;Specifically, this portion:&nbsp;" And another option for using SNAT only if the client IP is a node in the pool:&nbsp;when CLIENT_ACCEPTED { Check if the client IP address is a node in the VIP's default pool if {[matchclass [IP::client_addr] equals [active_nodes -list [LB::server pool]]]}{&nbsp;  log local0. "SNAT'ing for [IP::client_addr], member of pool [LB::server pool]"
  snat automap} }"&nbsp;Thanks!&nbsp;

blahblahdab1ah_ · Accepted Answer

This is the version that worked in this scenario: &nbsp;
when LB_SELECTED {&nbsp;
   if {[IP::addr "[IP::client_addr]/24" equals "[LB::server addr]/24"]} {&nbsp;
      snat automap 
   }
}&nbsp;
Thanks for the help!&nbsp;

Forum Discussion

Selective SNAT problem

Recent Discussions

Fastl4 vs for non ePVA devices

High CPU utilization (100%).

Install F5os

DEVICE-0202 Error while adding rSeries as a provider in CM

SSL Offload and remove FQDN

Related Content

Selective SNAT with iRules

Source_Addr Persistence Problems

SNAT statistics and iRule for selecting SNAT IP

Problem about Export imformation to Excel

Kill SNAT AutoMap!

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS