Forum Discussion

Nimbostratus

Nov 20, 2008

external IP for member of a pool?

I think I already know the answer to this question but: My boss wants me to configure this if possible. We have a virtual server set up to loadbalance to 3 internal webservers. He want...

config

design

dennypayne

Employee

Nov 20, 2008

You will have to SNAT if you do this. Since the external host doesn't use LTM as it's default gateway, if you don't SNAT (meaning LTM preserves the client's source IP), the connection will make it to the external server but then be sent directly back to the client. The client will drop the packet because it made a connection to the virtual server, not the external host. By using SNAT you ensure that the external host sends the connection back to LTM before it goes back to the client.

The caveat with using SNAT is that you lose visibility to the original client's source IP in your server logs unless you add an X-Forwarded-For header or some other custom method of logging the original client IP. Some people care about this and some don't.

Denny

Forum Discussion

external IP for member of a pool?

Recent Discussions

F5 ASM logging profile to specify source IP

Portal Access to HTTPS resources slow

Cannot login to Avaya wanx using f5 apm network access

Hi All, We have viprion 4300 with 4450 blades with 6 blades all blades having same configuration

Can iRule be used to perform exception of IPI category based on Geolocation

Related Content

Collect all partition pool member stats with tmsh

adding pool members in cli

Interrogate Pool Member Priority Group from iRule

Pool Member Status HTML5 Page

Pool Members with multiple ports