snat port address overlap on LTM

Question

Using SNAT on http virtual server and 3 nodes. What happens when the source port on a given service is duplicated? For example:&nbsp;
[root@bigip2:Active] config  b conn show all | grep 1922&nbsp;
        (pkts,bits) in = (45, 11922)   out = (58, 27517)&nbsp;
    CLIENTSIDE 10.120.15.27:1922 &lt;-&gt; 10.150.87.33:https&nbsp;
    CLIENTSIDE 10.150.87.207:1922 &lt;-&gt; 10.150.87.33:https&nbsp;
    SERVERSIDE 10.120.114.7:1922 &lt;-&gt; 10.120.114.34:https&nbsp;
 &nbsp;
Two clients are using the same source port accessing a virtual server. On serverside the port is used, but which client? How does the LTM handle the collision? Does it remap to another port on serverside? Or does the client simply have to retry again?&nbsp;

what_lies_bene1 · Answer

Are you using OneConnect? This will make a difference. Also, it's likely that the second client connection isn't using a source port of 1922 but as that's what you grepped on, that's all you're seeing. What do you have set for Source Port Preservation? The default is: "LTM preserves the client source port except where it is in use by an SNAT in which case a different port is used"

mhsnetadmins · Answer

Yes, using OneConnect. 
&nbsp; As far as source port preservation is concerned, I'm currently running 9.4.8, and I thought this was a global setting. 
&nbsp; I will be upgrading to 10.2.4 soon.

Forum Discussion

snat port address overlap on LTM

Recent Discussions

How to implement LTM forward proxy client to determine the diversion pool based on the domain name

irule to enable http/2 acceleration

VS FORWARDING & ROUTE

Statistics ›› Analytics : HTTP : Overview

SNI Sites not taking correct certificate.

Related Content

Overlapped Networks Question

SNAT pool persistence

CSV to Address External Datagroup File

Decoding the IPv4 address from the persistence cookie

The Power of Source Address

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS