mbrandon32
Jan 16, 2022Cirrus
SNAT Persistence
We have two virtual servers that will need to serve the same SNAT IP from a SNAT pool for the same client IP address. Is there a way to accomplish this?
I think we can create a datagroup that maps client IP to snat IP and apply an iRule to snat.
1. Create SNAT datagroup
ltm data-group internal client_snat_map {
records {
192.168.10.34 {
data 10.1.0.7
}
192.168.10.35 {
data 10.1.0.8
}
}
type string
}
2. Create iRule and apply to the virtual server
when LB_SELECTED {
if { [class match [IP::client_addr] equals client_snat_map] } {
snat [class match -value [IP::client_addr] equals client_snat_map]
}
It I think it can work and by using the same irule on different VIP to have some sort of Persistence. Still if you want see the dynamic way with hashing based on the client source ip address and maybe test it as it also should produce the same match accross Virtual servers :
https://community.f5.com/t5/crowdsrc/snat-pool-persistence/ta-p/284232