Forum Discussion

dennypayne's avatar
dennypayne
Icon for Employee rankEmployee
Jun 26, 2006

Migration question

Hi all,

I'm migrating from v4 BIG-IP to v9 and have translated the following iRule:

OLD:


rule IntranetApps {
   if (client_addr == 172.23.64.0 netmask 255.255.254.0) {
      use pool IntranetApps_SNAT
   }
   else {
      use pool IntranetApps
   }
}

NEW:


when CLIENT_ACCEPTED {
  if { [IP::addr [IP::client_addr] equals 172.23.64.0/255.255.254.0] } {
    pool IntranetApps_SNAT
  }
   else {
    pool IntranetApps
  }
}

My question is this: this configuration is using some globally mapped SNAT's, and the difference between the 2 pools called by the rule is that the _SNAT one has SNAT enabled, and the other has it disabled.

Would it help or hurt performance to do something like this?


when CLIENT_ACCEPTED {
  if { [IP::addr [IP::client_addr] equals 172.23.64.0/255.255.254.0] } {
    snat 172.23.64.45
    pool IntranetApps
  }
   else {
    pool IntranetApps
  }
}

Or more efficient to continue to have the pool definition determine whether to SNAT or not? (It seems it would be better to not have double the pools to manage but maybe I'm missing something).

Also is CLIENT_ACCEPTED the appropriate event to key off of?

Denny
No RepliesBe the first to reply