Forum Discussion
Kai_Wilke
Nov 08, 2016MVP
Hi Greatme6,
to selectively forward certain destination IPs to a different external interface you could simply use additional Routing-Table-Entries in combination with AUTO-SNAT.
And to selectively forward certain source IPs or even a combination of source/destination IPs through a different external interface, you could implement an iRule that will look at the ingress source/destination IP combinations and then dynamically overwrite the
nexthop
and snat
configuration of the ongoing TCP connection to match the required settings of the Other-ISP. Using this approach is 100% comparable with PBR configurations...
Example iRule
when CLIENT_ACCEPTED {
if { ( [IP::addr [IP::client_addr] equals 10.0.0.0/8] ) or
( [IP::addr [IP::local_addr] equals 123.123.124.0/24] ) } then {
log local0. " -- Forwarding to Other-ISP with SNAT IP 212.212.212.2 -- "
snat 212.212.212.2
nexthop 212.212.212.1
} elseif { [IP::addr [IP::client_addr] equals 10.10.10.0/24] } then {
log local0. " -- Forwarding to Other-ISP with SNAT IP 212.212.212.3 -- "
snat 212.212.212.3
nexthop 212.212.212.1
} else {
log local0. " -- Forwarding traffic according to local routing table with default AUTO-SNAT / SNAT-Pool settings -- "
}
}
Note:
is the source IP and [IP::client_addr]
is the remote IP.[IP::local_addr]
Cheers, Kai