Forum Discussion
CirrusSNAT iRule to stick to same SNAT entry
Hello Forum.
We just configured Lync in LTM with 1 single SNAT pool of 20 IPs (like we did for Exchange2010) for the 3 different Lync VIPs.
I was wondering if it would make sense to configure the following SNAT iRule... Is it useful for troubleshooting in case we have problems?
Basically, if we don’t use this iRule, a Client will use always a different SNAT entry and it would be difficult to track it, right?
E2010_snat_pool_iRule - The irule is for SNAT (which is configured below and associated to the Vserver). The iRule persists based on the client IP address. It looks at the name of the snatpool assign to the Virtual Server (LB::snat) and calculates a crc32 of the client IP address to get an index in the pool and snat's with it. This iRule is used also in the other E2010 Vservers. This irule is used to create a hash between Client_addr and the SNAT entry in order to use all the times the same SNAT_entry for same client.
Thanks
Giulio.
===========================
when CLIENT_ACCEPTED {
set spool [lindex [LB::snat] 1]
snatpool $spool member [lindex [lindex [members -list $spool] [expr {[crc32 [IP::client_addr]] % [members $spool]}]] 0]
unset spool
}
============================
1 Reply
- nitass
Employee
I was wondering if it would make sense to configure the following SNAT iRule... Is it useful for troubleshooting in case we have problems?if port exhaustion is not a problem, i think it is okay to use it. at least, we will know what snat ip to be used when running tcpdump on specific client ip.
