SNAT pool persistence

Problem this snippet solves: This example shows how select the same SNAT address from the SNAT pool for a given client IP address over multiple connections without tracking the selection in memory. ...
Published Mar 18, 2015
Version 1.0
application delivery
devops
iRules
utility
wonsoo_41223's avatar
wonsoo_41223
Historic F5 Account
Jul 10, 2017

It looks the iRule execution (RULE_INIT) is earlier than loading SNAT pool, so "members -list $snatpool_name" command execution is failed, and static::snat_ips array not be existed. Try to use this code in HTTP_REQUEST. It checks existence of variable/array and set the data again if the variables are not existed. This setting logic will be run for each tmm process.

 

when HTTP_REQUEST {
    if { ![info exists static::array_size] or ![array exists static::snat_ips] } {
        unset -nocomplain static::snat_ips

        set snatpool_name "/Common/my_snat_pool"
        set members_cmd "members -list $snatpool_name"

        set count 0
        foreach snat_ip [eval $members_cmd] {
            set static::snat_ips($count) [lindex $snat_ip 0]
            incr count
        }
        set static::array_size [array size static::snat_ips]
    }

    snat $static::snat_ips([expr {[crc32 [IP::client_addr]] % $static::array_size}])
}