NimbostratusThe our configuration of Source Address Translation as Auto MAP. So can we use Source Address Persistence? due to Auto MAP is using same source IP addresses
NoctilucentI believe, we can use source based persistent in What auto map.
Nimbostratusthank you for replay. But as per my knowledge, the Source Address Translation as Auto MAP is using only one IP address (floating IP) to reach the members of pool and the Source address persistence tracks sessions based on the source IP address. Once i configured persistence on the virtual server as Source Address. So my question is what is the mechanism of Source Address Persistence with Auto MAP ( like the mentioned situation)?
MVPHi Adel,
you can use source_ip persistence in combination with Source-NAT. The persistence check and the pool/node selection will be performed before Source-NAT is getting applied. Its a no brainer to use both techniques at the same time and does not require any further considerations and/or configuration.
Cheers, Kai
AltostratusSure. Understand that SNAT Automap changes the source of packets between F5 and ORIGIN servers. Source persistence creates a table of CLIENT IP / Pool member and uses the source IP of packets from the CLIENT system.
So CLIENT--->(F5 / persistence table) ----> Origin server.
If you were to cascade F5 devices (SNAT and THEN go to a vs with source persistence) THEN the persistence model would fail, since there would only ever be 1 entry in the persistence table.
So SNAT does not affect persistence tables on most deployments.
Personally, I prefer finding something else in the client request that is unique per session (cookies, usernames within the payload etc) and then doing a deterministic hash calc as to where to send the request. This way, no tables, and you can fail over between F5's with zero impact.. If you want (and to stop me rambling) I can submit a sample?
BR
Jan