TCP Optimization on outbound (SNAT) traffic

Question

We have a SNAT configured for outbound connections from some internal servers. Question: how do you apply certain tcp optimizations (i.e. tcp-wan-optimization, etc) to that outbound traffic? There is no Virtual Server corresponding to this outbound IP - do I need to create one in order to facilitate this?&nbsp;
Thanks,
-Funkdaddy&nbsp;

kevin_k_51432 · Answer

Hi Funkdaddy,
I believe you are limited to the following attributes:
(tmos) create ltm snat-translation mytest ?
Identifier:
  [object identifier]  Name of the Translation address
Properties:
  "{"                  Optional delimiter
  address              The translation IP address.
  app-service          The application service that the object belongs to.
  arp                  Indicates whether or not the system responds to ARP requests or sends gratuitous ARPs. The default value is enabled.
  connection-limit     Specifies the number of connections a translation address must reach before it no longer initiates a connection. The default value of 0 disables this option.
  description          User defined description.
  disabled             Disables SNAT translation on the system.
  enabled              Enables SNAT translation on the system. This is the default setting.
  ip-idle-timeout      Specifies the number of seconds that IP connections initiated using a SNAT address are allowed to remain idle before being automatically disconnected. The default value is indefinite.
  tcp-idle-timeout     Specifies the number of seconds that TCP connections initiated using a SNAT address are allowed to remain idle before being automatically disconnected. The default value is indefinite.
  traffic-group        Specifies the traffic group of the SNAT. The default is inherited from the containing folder.
  udp-idle-timeout     Specifies the number of seconds that UDP connections initiated using a SNAT address are allowed to remain idle before being automatically disconnected. The default value is indefinite.

There is also a global setting to allow either "udp / tcp" or "all protocols". All will include ICMP.
Hope this is helpful,
Kevin

cdougall_14195 · Answer

It sounds as if you want to apply a TCP profile to the traffic. If that's the case, I don't know of any other way than to use a VIP. A IP forward VIP won't really cut it either, I believe you'll have to go with a Standard VIP built for the destination network.

Forum Discussion

TCP Optimization on outbound (SNAT) traffic

2 Replies

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

2026 is Almost Here

VIP is not responding on SYN after enabling other modules like ASM, APM and AFM.

VIP in https that redirect to another vip in https

2026 301a exam

F5OS login with admin/root failed via console

Related Content

S3 Traffic Optimization with F5 BIG-IP & NetApp StorageGRID

Solution for Citrix Optimal Gateway Routing

Quick Optimizations for F5 BIG-IP Virtual Edition

Performance optimalization of message based load balancing.

SSL Orchestrator Advanced Use Cases: Outbound SNAT Persistence

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS