1

I have a little situation here, we have a VIP that contains 4 nodes present at two different locations (2 nodes in A location and other 2 nodes in B location), having different subnets (we have separate routes to reach each location). What we want to achieve here is to have two different SNAT pools under a single VIP, each dedicated for each subnet.

let us say, I have 2 nodes under subnet 10.0.0.0/24 and 2 nodes under 20.0.0.0/24 such that traffic uses SNAT POOLs used: SNAT-1-->members--> 11.1.1.1 & 11.1.1.2 to reach nodes 10.0.0.0/24. SNAT-2-->members--> 12.1.1.1 & 12.1.1.2 to reach nodes 20.0.0.0/24.

How can we have irule modified for this particular case? Any help would be appreciated. Thanks!

Alefiya
  • 11
  • 1

2 Answers2

1

This is pretty straightforward with an iRule:

when LB_SELECTED {
  if { [IP::addr [LB::server addr] equals 10.0.0.0/24] } {
    snatpool snat-1
  } else if { [IP::addr [LB::server addr] equals 10.0.0.0/24] } {
      snatpool snat-2
  }
}

Once the load balancing algorithm has determined the pool member, you can access that address with LB::server in the LB_SELECTED event, and once you compare it to your specified subnets, apply the snatpool accordingly.

Jason Rahm
  • 396
  • 1
  • 6
0

If the SNAT is in the same network as one of your SELF-IPS - it will autochoose the SNAT address correctly. Create a group of SNAT addresses one snat in the network for each SELF-IP - and put that in a SNAT group - assign that group to the VIP. The F5 will autoselect the SNAT based on the self-ip used to get to your pool member (which means you have to have a route to each destination which you said you do have)

JStryker
  • 46
  • 1
  • didn't tell the user that they shall do something, SHOW the way how they can resolve that, in a complete one – djdomi Aug 03 '21 at 13:55