Technical Forum
Ask questions. Discover Answers.
cancel
Showing results for 
Search instead for 
Did you mean: 

BIG-IP CGNAT - VLAN CMP Hash

rafaelbn_176840
Altostratus
Altostratus

Hello Devs! How is everybody doing?

 

I'm trying to wrap my head around a requirement for the CGNAT module.

 

Currently, it's mandatory that, for the CGNAT using PBA LSN pools, that the ingress VLAN uses the VLAN CMP hash as source address and the egress VLAN uses destination as the cmp hash.

 

I understand what the CMP hash does but on an environment where the BIG-IP is the CGNAT device and routes to the internet, every time a new client connects, it will use ephemeral ports as the source and different destination IPs as the destination, so the default cmp hash would/should do the trick.

 

But if I don't set the cmp hash correctly, I get some error on /var/lo/ltm.

 

Feb 6 14:54:01 bigip1 err tmm[31839]: 01670024:3: Unsupported DAG mode for LSN pool(/Common/lsn_pool_rd10) mode PBA on interface /Common/F5_BACKBONE Feb 6 14:54:53 bigip1 err tmm[31839]: 01670024:3: Unsupported DAG mode for LSN pool(/Common/lsn_pool_rd10) mode PBA on interface /Common/F5_BACKBONE

I just wanted to understand the why of this.

 

Thanks, Rafael.

 

2 REPLIES 2

rafaelbn
Cirrostratus
Cirrostratus

After digging a little deeper, I found an article explaining the reasoning.

 

https://support.f5.com/csp/article/K54951499

 

The idea (to my understanding at least) is to optimize the return traffic, kind of pinning the subscriber to the same TMM process. If you don't do that, the returning traffic could be handled by another TMM and both TMM process handling that one subscriber would need to communicate, introducing some delays.

 

Sorry for asking too early! Cheers! Rafael

 

Nath
Cirrostratus
Cirrostratus

You really help me understand the use of SPDAG in CGNAT 🙂