NimbostratusUsing the same IP address for a VIP and a SNAT - yay or nay?
Hi,
We've run into a potential issue with response times from a VIP. Said VIP shares an IP address with a unique SNAT for outbound connections from a range of internal hosts. The VIP shares a range of pools, etc. with several other VIPs. We are not seeing the same "lag" in download speeds fom the other VIPs.
One quick way to rule out the shared IP of the VIP and SNAT would be to re-IP either. However, before we go down this route I'd like to ask if anybody has encountered a similar issue in the past and if this is a design no-no from an F5 perspective?
I should also mention, the SNAT is not a standard SNAT with an IP and pool members. Instead we have identified the next hop within our network. So, the configuration looks something like this:
1.
virtual snat-wcard {
snatpool LTM-public-IP
pool nexthop-gw
destination any:any
mask 0.0.0.0
vlans internal-pool-VLAN enable
}
2. The public SNAT IP is as follows:
snatpool LTM-public-IP {
members 192.168.1.2
}
2. The next hop gateway (up-stream routing device) is as follows:
pool nexthop-gw {
monitor all gateway_icmp
members 192.168.1.1:any {}
}
3. internal-pool-VLAN - vlan100 - 10.1.1.0/24
