Leonardo_Yata
Jun 19, 2012Nimbostratus
SNAT with iRules
Hi there!
I have an structure that uses the "firewall sandwich" topology and it provides Internet access to a huge network. This network has 15.000 sites aproximately and I have to assign 1 Public IP address for each site. I'm planning to accomplish this task using iRules because I have to log the SNAT translations for auditing purposes (obviously, I'll point syslog messages to an external syslog server). We're currently using Big-IP 8900 model with 10.2.2 (Build 763.3) software. So, here it goes my questions:
- Is this configuration acceptable by our Big-IP box?
- Can this configuration impact the overall performance of the Big-IP box?
- Does anyone knows if there is a maximum size of an iRule or a maximum number of configurable SNATs?
Regards,
Leonardo Yata