source based routing and NAT avoidance with link controller

Question

Hi all,&nbsp;
&nbsp;Can the link controller do source based routing and avoid autoSNAT based on source IP address?&nbsp;
&nbsp;As we plan to allow LAN clients access to the internet via the wildcard forwarder 0.0.0.0, which will automatically SNAT and select an ISP link based on default GW load balancing.  We do not want public IP firewall interfaces (such as IPSec endpoints) to be loadbalanced and SNATTED in the same fashion.&nbsp;
&nbsp;We would like to ensure that public address’ on the firewall are able to initiate connections through the load balancers without NAT via a single static ISP gateway.  What we need is a source based routing mechanism which also decides which traffic to NAT. &nbsp;
&nbsp;Is this possible on the Link controller and how is the best way to do it?

chris_miller · Answer

You can indeed do this with iRules. 
&nbsp;  
&nbsp; Here's the iRules forum: 
&nbsp;  
&nbsp; http://devcentral.f5.com/Community/GroupDetails/tabid/1082223/asg/50/aff/5/afv/topicsview/showtab/groupforums/Default.aspx 
&nbsp;  
&nbsp; If you can post your exact scenario, one of us should be able to write something up.

Forum Discussion

source based routing and NAT avoidance with link controller

1 Reply

Recent Discussions

Import PKCS 12 SSL to Device Certificate via API/Script or CLI on BIG-IP

Help with URL Masking

F5 iRule to replace host to path

Chrome V 124+ on MacOS - Virtual Server Access Issue

F5 Rseries R2600 Tenant sizing

Related Content

Avoiding Common iRules Security Pitfalls

JWT authorization with NGINX Ingress Controller

Distributed caching of authentication requests with NGINX Ingress Controller

F5 Distributed Cloud - Customer Edge Site - Deployment & Routing Options

Use F5 Distributed Cloud to control Primary and Secondary DNS