Forum Discussion
NimbostratusSNAT POOL ADDR AS VirtServ IP - Supported Config?
I have setup a VS using a new SNAT POOL with a single IP in the SNAT POOL to LOAD BALANCE a TCP service (DICOM) across several servers (NOT HTTP/HTTPS).
The CLIENT connects to the new VS IP, SNAT's to the single IP in the associated POOL.
The SERVER, in response, then attempts to open a NEW CONNECTION/CONVERSATION to the CLIENT (The SNAT IP).
At first, the SERVER connection was failing because the SNAT IP doesn't LISTEN for CONNECTIONS.
To Rectify, I created another VS using the SNAT POOL address as the VS IP (VIP) to handle the SERVER connection(s) (OUTBOUND CONNECTION) to a new POOL I created consisting of the CLIENT NODE and PORT.
MY QUESTION: While the Big IP F5 12.1.x GUI allowed me to use a SNAT POOL address as a VS IP (VIP), is this going to cause a problem at some point? I have found zero information across many web searches for this solution, specifically, using a SNAT POOL IP as a VS IP as well.
Since it is working, I am under the assumption this is not a problem but if anyone knows for sure, please post up. I am trying to avoid an unforeseen issue later on once this system is live.
youssef1Cumulonimbus
Hello
I have already deployed this kind of architecture for some of my clients without any problem. And as you specified there is no documentation to my knowledge that deals with this subject. most of my clients were forced to set up this type of architecture because they did not have enough IP address.
I do not think this can be a problem (I'm sure). Let me explain: Your VS use one ore more ports (specifics ports: example 80 443 ...), F5 know these ports and therefore will not use them for the SNAT Pool.
Regards
David__PaschAltostratus
I have worked at many organizations that use VIP IP as the SNAT address for the same VIP. While a slightly different application, I think it is the same usage. There should be no issue.
David Pasch