Showing results for 
Search instead for 
Did you mean: 
Login & Join the DevCentral Connects Group to watch the Recorded LiveStream (May 12) on Basic iControl Security - show notes included.

SNAT vs Automap


Could you please explain in easy to understand manner the difference between SNAT and Auto-map with examples? Also, how to decide which one to use?




As far as I know, using automap is the same as using a SNAT pool with the floatt IP from BIG-IP (or self when float are not set).

The automap option tells to BIG-IP to decide what source IP to use to reach the destination on network.

With SNAT pool, you tell to BIG-IP what source IP list to use to reach destination on network.

Since a IP origin have a port limit (~60k) to use, you set a SNAT pool with two and more to avoid that port exhaustion.

How to decide to use it?

My understand, think about port exhaustion or when need to use an source IP that differs from float IP.

For sure, SNAT is a BIG-IP address on behalf of client origin address. It's useful and needed to ensure that response traffic is returned through the BIG-IP when servers and/or routers don't have route back to BIG-IP, so preventing the server from responding directly to the client


See a complete doc:


I hope it helps.