NimbostratusSNAT/NAT and Outbound ISP Load Balancing
We are running short on public IPs, and it looks as if our current configuration could be tweaked to free up an address. Our configuration was setup by an F5 partner, and I have been reading and trying to understand how it could be adjusted. We have 2 ISPs and are using the Big-IP to load balance the connections. It was our desire to have outbound traffic come from a single address under each ISP, as we have some partners that want to filter us that way. We also needed for some specific devices to go out through one ISP or the other using a specific address.
The F5 partner set us up using an "intelligent SNAT", as I understand it described in the documentation. There is an LTM pool that contains the gateways for the 2 ISPs. There are 2 SNAT pools, one for each ISP, that contains the desired outbound address. There are 3 virtual servers (1 HTTP, 1 FTP, 1 all ports) that utilize this pool as a resource and have an iRule associated. The iRule does some evaluation of the source ISP and then chooses a SNAT pool to use.
I basically understand how this is all working, but based on the documentation I have read, it looks like I could maybe recover an address and simplify things. To that end, I am wondering if anyone could advise if the following is feasible. There is a floating address for each ISP. It is my understanding that, as a default, this is the IP that would be used if SNAT'ing was set to automap. If I changed that and got rid of the iRule, it seems that outbound traffic would go out using the desired address(es). I would still have a couple of things that need to go out over a different IP (for example, outbound SMTP). I was thinking I could setup a NAT for each one of those things. Would that work?
