Technical Forum
Ask questions. Discover Answers.
cancel
Showing results for 
Search instead for 
Did you mean: 
Custom Alert Banner

SNAT Persistence

mbrandon32
Cirrus
Cirrus

We have two virtual servers that will need to serve the same SNAT IP from a SNAT pool for the same client IP address.

 

Is there a way to accomplish this?

3 REPLIES 3

I don't know if it is possible but maybe test if match across option does help.

 

https://support.f5.com/csp/article/K5837

 

 

Also maybe see if you can use two pools on one Virtual server or have one primary virtual server that redirects to the two other virtual servers:

https://clouddocs.f5.com/api/irules/virtual.html

 

You may also test this irule:

https://community.f5.com/t5/crowdsrc/snat-pool-persistence/ta-p/284232

DevBabu
Cirrus
Cirrus

I think we can create a datagroup that maps client IP to snat IP and apply an iRule to snat. 

1. Create SNAT datagroup

ltm data-group internal client_snat_map {
records {
192.168.10.34 {
data 10.1.0.7
}
192.168.10.35 {
data 10.1.0.8
}

}
type string
}

2. Create iRule and apply to the virtual server

when LB_SELECTED {
if { [class match [IP::client_addr] equals client_snat_map] } {
snat [class match -value [IP::client_addr] equals client_snat_map]
}

It I think it can work and by using the same irule on different VIP to have some sort of Persistence. Still if you want see the dynamic way with hashing based on the client source ip address and maybe test it as it also should produce the same match accross Virtual servers :

 

https://community.f5.com/t5/crowdsrc/snat-pool-persistence/ta-p/284232