Forum Discussion
NimbostratusSelf-IP & SNAT
We are in the process of replacing our F5's with new ones. One question that came up was self-ip vs SNAT.
Can we not use self-ip and use only snat pool for the pool members and can the VIP and pool members belong to the same IP of the snat without using a self-ip or do we need the self-ip?
Example=
VIP=10.2.2.254
SNAT Pool=10.2.2.250
Pool Members=10.2.2.10 & 10.2.2.20
--------------------------------------------
Current topology:
VIP=10.10.10.20
Pool Members: 10.20.20.10 - 10.20.20.30
Self-IP:10.20.30.10
Can we just use the SNAT pool instead of the self-ip scenario? or we need the self-ip?
Thanks and hope this can be answer!
2 Replies
- Aswin_mk
MVP
If the self ip and pool members are different vlan you may require a L3 rule in between to allow the traffic. Create a vlan and self ip in device in range of 10.20.20.0/24 and use automap n the configuration.
- Paulius
When using SNAT I always recommend using a SNAT Pool that uses the virtual server IP so you have a way of tracking what SNAT connections go where and you don't run the risk of exhausting the self-IP ephemeral ports that are used for things such as health monitors because with automap uses the self-IP closer to the destination pool member. You can absolutely use a SNAT IP that exists within the same subnet as the pool members as long as the F5 has a self-IP within that subnet.
