SNat iRule based on destination address

Question

Hi All,&nbsp;
I would like to create snat iRule based on the destination IP address. I have  VS with 3 pool members. If request hits first 2 pool members then do not SNAT &amp; If destination hits 3rd pool member then SNAT is required.&nbsp;
Could any one please help me to script an iRule for above requirement.&nbsp;
Regards,
Mahantesh&nbsp;

arpydays · Answer

try this,
when LB_SELECTED {
  if { not [IP::addr [LB::server addr] equals 10.0.0.1] } {
    snat none
  }
}

mahantesh_bisur · Answer

Thanks arpdays for the reply. So above iRule has been written assuming that 10.0.0.1 is the 3rd pool member ?
Correct me If I am wrong..
I will check on this &amp; let you know.&nbsp;
Regards,
Mahantesh&nbsp;

arpydays · Answer

Yes, also assumes SNAT is configured on VS&nbsp;
cheers&nbsp;

mahantesh_bisur · Answer

@arpdays,&nbsp;
whether below iRule will work without SNAT on VS ?&nbsp;
when LB_SELECTED {
  if { not [IP::addr [LB::server addr] equals 10.0.0.1] } {
    snat none
    }
else {
   snatpool xyz.com
   }
}&nbsp;

arpydays · Answer

should do, although this may be simpler,
when LB_SELECTED {
  if { [IP::addr [LB::server addr] equals 10.0.0.1] } {
    snatpool xyz.com
  }
}

Forum Discussion

SNat iRule based on destination address

6 Replies

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

UCS Encryption Question

Unblock Request WAF

VIP is not responding on SYN after enabling other modules like ASM, APM and AFM.

VIP in https that redirect to another vip in https

BIG-IP VE: 40G Throughput from 4x10G physical NICs

Related Content

Destination address at F5

Addressing Shadow AI with F5 BIG-IP SSL Orchestrator

Irule SNAT based on destination IP address.

Block destination IP by source IP

Increasing accuracy using Bad Actor and Attacked Destination detection

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS