SNAT pool persistence
Published Mar 18, 2015
Version 1.0Was this article helpful?
To mitigate initialization issue a solution could be to use a datagroup instead of Array/snatpool (tested on v11.5.4) :
when RULE_INIT {
The only configuration needed is to set the name of the Datagroup(type string) that lists SNAT addresses as $static::snatpool_name_DG
Configure the name of the Datagroup
set static::snatpool_name_DG "my_snat_pool_DG"
Datagroup size
set static::snatpool_size [class size "static::snatpool_name_DG"]
}
when CLIENT_ACCEPTED {
Calculate the crc32 checksum of the client IP - Use the modulo of the checksum and the number of SNAT IPs to choose from to select a SNAT IP
snat [class element -name [expr {[crc32 [IP::client_addr]] % $static::snatpool_size}] $static::snatpool_name_DG]
}
Datagroup exemple (keep the same list as snatpool to be declared as failover object):
ltm data-group internal my_snatpool_DG {
records {
10.0.0.1 { }
10.0.0.2 { }
10.0.0.3 { }
}
type string
}