Forum Discussion

Dave_88944's avatar
Dave_88944
Icon for Nimbostratus rankNimbostratus
May 06, 2009

Different route out based on internal IP

I have what appears to be an odd situation. My BIGIP has a default gateway of say 9.8.7.6 and everything is functioning properly. I now have 2 servers behind the BIGIP which need to SNAT out an IP of 1.2.3.99 to a router 1.2.3.4.

 

 

Questions:

 

1) Will the iRule below work to accomplish this?

 

2) Where is the appropriate location to apply the iRule? On the SNAT?

 

 

Internal Mail Server 1 = 172.31.10.162

 

Internal Mail Server 2 = 172.31.10.163

 

 

Desired Route Destination = 1.2.3.4

 

Default Route = 9.8.7.6

 

 

when CLIENT_ACCEPTED {

 

if {[IP::addr [IP::client_addr] equals "172.31.10.162]} {

 

node 1.2.3.4

 

}

 

if {[IP::addr [IP::client_addr] equals "172.31.10.163]} {

 

node 1.2.3.4

 

}

 

}

2 Replies

  • Hi,

     

     

    Well you can only apply iRules to virtual servers. So you need some sort of virtual server that would be handling outbound traffic in order to apply an iRule.

     

     

    So then the question becomes, do you have an outbound wildcard forwarding virtual server (0.0.0.0:0 or 0.0.0.0:25) enabled on the internal VLAN? Probably not if you are using global SNAT.

     

     

    I would think that if you want to be specific to mail traffic, you could just create 0.0.0.0:25 as a Performance L4 type virtual, map that virtual to a SNAT pool containing your 1.2.3.99 SNAT address, and point it at a pool containing 1.2.3.4 as the member, and then you don't have to do a rule at all, unless you have other mail servers that you do want to use the default gateway. If that's the case, then a rule similar to what you have there should work if you apply it to the 0.0.0.0:25 virtual.

     

     

    Hope that helps,

     

    Denny