Forum Discussion

Yaniv_99962's avatar
Yaniv_99962
Icon for Nimbostratus rankNimbostratus
Mar 22, 2011

SNAT persistency

Hi F5 experts.

 

 

i want to achieve the following:

 

1) I want the F5 to choose an IP in round-robin manner from a SNAT pool and to persist using the same IP from the SNAT pool in case an HTTP header called "Username" value is the same.

 

2) Every HTTP request which will come in less than 5 minutes with the same "username" header value should receive the same SNAT IP from the pool. additionally that SNAT IP must be marked as "used" so that no other "username" will get this SNAT IP (unless 5 minutes has passed with no HTTP request with the same username value. after the 5 minutes that SNAT IP can be available again in the pool).

 

3) I want the F5 to chop off the username header before forwarding the HTTP request using the SNAT IP.

 

4) I want the F5 to log every NAT action it does to some syslog server (like: = )

 

 

 

Example:

 

SNAT pool is 192.118.0.0/16 and the Username possible values can be any string.

 

HTTP request arrives from source IP 172.16.1.1 with header “Username: aaa”

 

F5 will replace the source IP 172.16.1.1 to be 192.118.0.1

 

After less than 5 minutes another HTTP request arrives from source IP 172.16.1.1 with header “Username: aaa”

 

F5 will replace the source IP 172.16.1.1 to be 192.118.0.1

 

After less than 5 minutes HTTP request arrives from source IP 172.16.1.1 with header “Username: bbb”

 

F5 must not replace the source IP to be 192.118.0.1 as it is taken by username aaa.

 

 

After more than 5 minutes another HTTP request arrives from source IP 172.16.1.1 with header “Username: aaa”

 

F5 can replace the source IP 172.16.1.1 to be other than 192.118.0.1 (for example: 192.118.0.2)

 

 

 

 

Hope it is clear enough, if not please comment.

 

 

 

Thanks in advance,

 

Yaniv

 

11 Replies