Forum Discussion
Cristian_Gal
Nimbostratus
NimbostratusSNAT with oneconnect
I have the following scenario, standard HTTPS VS with snat pool (4 ip addresses) that load balance to 4 servers in the back end (ssl offload). Oneconnect profile is applied with 255.255.255.255. All ...
nitass
Employee
Employeeit seems okay here. do you have any special configuration?
configuration
root@(ve11a)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm virtual bar
ltm virtual bar {
destination 172.28.24.10:80
ip-protocol tcp
mask 255.255.255.255
pool foo
profiles {
http { }
myoneconnect { }
tcp { }
}
rules {
qux
}
source 0.0.0.0/0
source-address-translation {
type automap
}
vs-index 3
}
root@(ve11a)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm profile one-connect myoneconnect
ltm profile one-connect myoneconnect {
app-service none
source-mask 255.255.255.255
}
root@(ve11a)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm pool foo
ltm pool foo {
members {
200.200.200.101:80 {
address 200.200.200.101
}
}
}
root@(ve11a)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm rule qux
ltm rule qux {
when CLIENT_ACCEPTED {
log local0. [IP::client_addr]:[TCP::client_port]
}
when SERVER_CONNECTED {
log local0. [IP::local_addr]:[TCP::local_port]
}
}
test by generating 500 requests from 1 client (ab -n 500 -c 1 http://172.28.24.10/)
root@(ve11a)(cfg-sync In Sync)(Active)(/Common)(tmos) show ltm profile one-connect myoneconnect
-------------------------------------
Ltm::OneConnect Profile: myoneconnect
-------------------------------------
Virtual Server Name N/A
Connections
Current Idle 2
Maximum 4
Total Reuses 494
New 6
[root@ve11a:Active:In Sync] config grep -i client_accepted /var/log/ltm | grep 172.28.24.8 | wc -l
500
[root@ve11a:Active:In Sync] config grep -i server_connected /var/log/ltm | wc -l
6
