Remove subnet from NAT pools without any impact

Question

What is the easist way to Remove subnet from NAT pools without any impact

mohamed_ahmed_kansoh · Accepted Answer

Hi&nbsp;zztop123&nbsp;,&nbsp;Look ,&nbsp;you should first see how this pool of NAT IPs used , see if it's used by huge amount of traffic , or by little or isn't used.&nbsp;if this subnet not used , you can remove it , it will not cause any impact.&nbsp;but if this subnet is used much in NATing you should remove it , as you maybe impacted by port exhausion so at this case you shouldn't remove it.&nbsp;So the impact only is with port exhausion not anything else.&nbsp;

zztop123 · Answer

Thats right , thats what i was concerned with.If we monitor the use and if its use, and we&nbsp; disable the pool to see the impact ?You think that would be a better idea

mohamed_ahmed_kansoh · Answer

Hi zztop123&nbsp;,
Take a packet capture in the server side and see how this pool of NAT ips utilized.&nbsp;
If you saw much traffic converted to source ips from the subnet that you want to remove it here you should be careful fron port exhaustion issue.&nbsp;
If you don't much traffic use ips from the subnet you need to remove it you can delete it.&nbsp;
Look at this article , it explains port exhaustion :&nbsp;https://my.f5.com/manage/s/article/K33355231
&nbsp;
So the recommendation is to keep monitor in /var/log/ltm periodically to see if there is port exhaustion or not.&nbsp;
If you found this log even one time , you should rollback and return the removed subnet again in the pool.&nbsp;
&nbsp;

zztop123 · Answer

Thanks&nbsp;&nbsp;MohamedCan you please also see if you can find the procedure for removing the subnet from the Pool List and be able to add back.

mohamed_ahmed_kansoh · Answer

Hi&nbsp;zztop123&nbsp;,&nbsp;Well ,&nbsp;Go to ( Local Traffic &gt;&gt; Address translation &gt;&gt; SNAT pool list &gt;&gt; open the SNAT list you need , then select all IPs that you need to remove&nbsp; ) , you can record these ips in external txt files .&nbsp;Click update and monitor the behavior , if there is an impact you can put these Ips from the txt file again and click update.&nbsp;by this you did the rollback.&nbsp;I want to ask you , maybe I miss understand you , you're speaking about SNAT pools which attached to virtual servers ? or you meant another pools&nbsp;
Please clarify&nbsp;

zztop123 · Answer

Hi Mohammed,Its not SNAT pool , just a NAT pool. is the procedure the same for it ? Please find the screen shot&nbsp;

Forum Discussion

Remove subnet from NAT pools without any impact

9 Replies

Recent Discussions

BIG-IP DNS: Check Status Of Multiple Monitors Against Pool Member

Open Redirection Mitigation

F5Access | MacOS Sonoma

enable tls1.2 on management interface on F5 ltm running version 10.x

[ASM] - what is "Browser Challenge file" ?

Related Content

Using Client Subnet in DNS Requests

Remove Quotation marks

Removal Cookies on Client Browser

Implementing Client Subnet DNS Requests

Implementing Client Subnet in DNS Requests