Kashif_Rana_493
Feb 12, 2013Nimbostratus
F5 LTM off path design (with SNAT) and client IP logging
Hi Experts
I have one deployment for F5 LTM 6900. We want to load balance below applications on different servers.
- Exchange (OWA, MAPI, RPC OVER HTTP, OUTLOOK ANY WHERE)
- VDI (VIRTUAL DESKTOP INFRASTRUCTURE)
- LDAP
- SMTP GATEWAYS (INCOMING AND OUTGOING)
- WEBDEV (FILE SHARING OVER HTTP)
- COUPLE OF WEB APPLICATION (IIS, APACHE)
We do not want servers gateway to be F5. So we need to use SNAT on F5 (off path design). The problem is that how to get the client IP logs on application. For HTTP, I know we can use X-FORWARDER but what about other applications like SMTP Gateways, some TCP applications. Is there any IRULE for this OR any other method to used.
Also is there any harm if I make servers gateway F5? I believe this is not recommended
Looking forward for the reply
Thanks