SNAT Persistence

mbrandon32 · ‎16-Jan-2022

We have two virtual servers that will need to serve the same SNAT IP from a SNAT pool for the same client IP address.

Is there a way to accomplish this?

Nikoolayy1 · ‎26-Jan-2022

I don't know if it is possible but maybe test if match across option does help.

https://support.f5.com/csp/article/K5837

Also maybe see if you can use two pools on one Virtual server or have one primary virtual server that redirects to the two other virtual servers:

https://clouddocs.f5.com/api/irules/virtual.html

You may also test this irule:

https://community.f5.com/t5/crowdsrc/snat-pool-persistence/ta-p/284232

DevBabu · ‎28-Jan-2022

I think we can create a datagroup that maps client IP to snat IP and apply an iRule to snat.

1. Create SNAT datagroup

ltm data-group internal client_snat_map {
records {
192.168.10.34 {
data 10.1.0.7
}
192.168.10.35 {
data 10.1.0.8
}

}
type string
}

2. Create iRule and apply to the virtual server

when LB_SELECTED {
if { [class match [IP::client_addr] equals client_snat_map] } {
snat [class match -value [IP::client_addr] equals client_snat_map]
}

Nikoolayy1 · ‎29-Jan-2022

It I think it can work and by using the same irule on different VIP to have some sort of Persistence. Still if you want see the dynamic way with hashing based on the client source ip address and maybe test it as it also should produce the same match accross Virtual servers :

https://community.f5.com/t5/crowdsrc/snat-pool-persistence/ta-p/284232

DevCentral

SNAT Persistence

Register For AppWorld 2024

F5 Receives Six Trust Radius
Best of 2023 Awards

F5 XC WAF

F5 BIG-IP

DevCentral

SNAT Persistence

Register For AppWorld 2024

F5 Receives Six Trust Radius Best of 2023 Awards

F5 XC WAF

F5 BIG-IP

F5 Receives Six Trust Radius
Best of 2023 Awards