Forum Discussion
robert_blair_75
Nimbostratus
NimbostratusSNAT Auto-map
My knowledge is in version 4.5 and we are implementing new 9.4 LTMs. My questions is:
In version 4.5, I defined SNAT-Automap under a non-floating self IP for the external links.
Under version 9.4, I have a “default gateway” virtual server defined with SNAT-Automap enabled.
With outbound traffic (http, http, ftp, etc..), it appears that the source ip address is being translated to the floating self ip address (10.10.10.100) for the link.
Shouldn't the source ip address be translated to the non-floating ip address (10.10.10.200) for the link ?
- Virtual server: default_gateway
- Address: 0.0.0.0/0.0.0.0
- Pool: default_gateway_pl (members: 10.10.10.1)
- Service: 0
- SNAT Pool: Auto Map
- Link - router ip: 10.10.10.1
- Floating Self ip: 10.10.10.100
- Self ip: 10.10.10.200
Thanks ….
- The_BhattmanAccording to the documentation on ask.f5.com I believe it uses the floating self-address.
The SNAT Automap feature selects a translation address from the available self IP address in the following order of preference:
* Floating self IP addresses on the egress VLAN
* Floating self IP addresses on different VLANs
* Non-floating self IP addresses on the egress VLAN
* Non-floating self IP addresses on different VLANs
(Click here) to see the article.
I hope this helps
CB 
robert_blair_75This help, so with this being said if I failover to our backup device the traffic will have the same source ip.
Thanks ….- Steven_Le_Roux_Hi,
I'm reviving this thread because I have a question relating those elements.
Is the SNAT Automap algorithm traffic group aware ?
I explain,
If I have two devices, dev0, dev1 with two traffic groups tg0, tg1.
10.0.0.10 is the virtual address on tg0.
10.0.1.1 is the floating on tg1 and 10.0.1.2 is a floating on tg0.
Connection will be "snated" with 10.0.1.2 in a normal situation.
If fail over occurs with dev0 and dev1 now handles tg0 and tg1, existing connections will continue on dev1 as expected, but what about new connections ? Is it possible that the snat automap on dev1 attribute some of the floating from tg1 for connections to 10.0.0.10 ?
If so, this is problematic when you fail back because you will have 10.0.0.10 failing back to dev0, through tg0, but establised connections with 10.0.1.1 through tg1 will be lost, remaining on dev1.
Any information about this ?
Bernhard_Mold question but still unanswered :) Yes, automap is traffic-group aware. It uses only floating-self-ips in the same traffic-group. If non is available it falls back to the non-floating-self-ip.
