Can we have multiple SNAT pools configured under a single VIP?

f5-big-ip

I have a little situation here, we have a VIP that contains 4 nodes present at two different locations (2 nodes in A location and other 2 nodes in B location), having different subnets (we have separate routes to reach each location). What we want to achieve here is to have two different SNAT pools under a single VIP, each dedicated for each subnet.

let us say, I have 2 nodes under subnet 10.0.0.0/24 and 2 nodes under 20.0.0.0/24 such that traffic uses SNAT POOLs used: SNAT-1-->members--> 11.1.1.1 & 11.1.1.2 to reach nodes 10.0.0.0/24. SNAT-2-->members--> 12.1.1.1 & 12.1.1.2 to reach nodes 20.0.0.0/24.

How can we have irule modified for this particular case? Any help would be appreciated. Thanks!


This is pretty straightforward with an iRule:

when LB_SELECTED {
  if { [IP::addr [LB::server addr] equals 10.0.0.0/24] } {
    snatpool snat-1
  } else if { [IP::addr [LB::server addr] equals 10.0.0.0/24] } {
      snatpool snat-2
  }
}

Once the load balancing algorithm has determined the pool member, you can access that address with LB::server in the LB_SELECTED event, and once you compare it to your specified subnets, apply the snatpool accordingly.

Related

How to assign multiple pools to single virtual server [VIP] in F5
Cannot install deb command in Debian Docker image
Wireguard Site2Site with mobile office
How do I set a postgresql password in pgpass.conf for the Administrator account on Windows Server 2008?
How to remove git from a specific folder?
Cannot start wildfly with systemd
Ideas for a Linux solution to use as much of 95th percentile bandwidth as possible?
Cloud run over reverse proxy throws 404
How can I replace my on-premise server with something on Azure?
How to do mysql_secure_installation via ansible playbook?
How to use the output of a command inside ansible ini_file value
Only able to connect to Wireguard peer after I ping the server