Showing results for 
Search instead for 
Did you mean: 



Hi, I am trying to use the irule provided by F5 on link below on using snatpools with ecmp

setup I have copied and pasted the irule below also currently how its set it works with directing

traffic coming from specific load balancer and using specific snatpool. The problem I have having lets

say if SNATPOOL1 lives in traff-group1 for LB01 and SNATPOOL2 lives in traffic-group2 for LB02 also the virtual servers

using these SNATPOOL are not tied to a traffic-group since they using the ECMP setup. If LB01 would fail and move over traffic-group1 to LB02 and that means that it would take SNATPOOL1 to LB02 this would break incoming connections since irule

is still directing traffic coming from LB01 to SNATPOOL1 but the problem is SNTPOOL1 now lives on LB02. I am curious if anyone using this irule has added the logic to make sure to send traffic LBO1 to SNATPOOL1 if traffic-group1 still lives on LB01 if not bypass LB01 and just use LB02 and SNATPOOL2 to send traffic or if anyone has other suggestions with my problem


when RULE_INIT {     #Want to log debug messages to /var/log/ltm? type 1=yes, 0=no     set static::debug_rule 0     set static::local_machine_name $::tcl_platform(machine) } when CLIENT_ACCEPTED {     if { $static::debug_rule } { log "local_machine_name is $static::local_machine_name" }     set cluster_snatpool [ class match -value -- $static::local_machine_name equals ]     #Check to see if there's a match in the datagroup.     if { $cluster_snatpool ne "" } {         if { $static::debug_rule } { log "Attempting to use snatpool $cluster_snatpool" }             #Try to assign snatpool. Make sure snatpool itself exists.             if { [catch {snatpool $cluster_snatpool } result] }{             #Log a message with the snatpool name which failed.             log local0.err "Error: Client: [IP::client_addr]:[TCP::client_port]: Error assigning snatpool \"$cluster_snatpool\": \$result: $result"         }     } }

F5 Employee
F5 Employee

I don't think you should worry about that, when your LB01 goes down, set static::local_machine_name $::tcl_platform(machine) make sure you can't get to LB01 in the first place, you can refer to:


so if the traffic group 1 failover to LB02, this VS in traffic group 1 should be using SNATPOOL2.