Forum Discussion
OttimoMassimo_1
Mar 06, 2013Nimbostratus
Hi Nitass,
Thanks for sending on that link. It's very helpful.
To answer your questions - yes, I am talking about outbound traffic from (server) pool members which require a SNAT. So, in this scenario an IP address that has been assigned to an existing VIP will act as that SNAT IP like so:
snatpool public-1-snatpool {
members LTM-public-SNAT-IP-1_ip_addrss
}
Looking at another one of Deb's documents, it seems that "mask none" is the preferred configuration option:
https://devcentral.f5.com/tech-tips/articles/ltm-configuring-ip-forwarding
virtual forward_vs {
ip forward
destination any:any
mask none
}
I guess I'll have to test it.
To answer WLB's question about the default route. it was put in place when a single project was assigned to the LTM pair before it went into production. We did not want to use a routing protocol, so we went with a default route. However, the introduction of separate router and server VLANs meant that the default route would only be relevant to it's broadcast domain and not the new ones if that makes sense.