I am working on a new setup where I have F5 VM deployed in one arm. The device is currently standalone and configured following:
1- SNAT Pool instead of using Automap
2- Single Self-IP
3- Route to Self-IP gateway
The VIP and nodes is in a separate subnet and currently I have configured two nodes to test and I see health check is happening using a single Self-IP that I have configured. I wanted to know is it okay to use single self ip to monitor all nodes in different subnets without having an issue like port exahustion or any other know issue? In SNAT Pool I have added 20 IPs, can I use SNAT Pool to do health check and data communication instead of using a single self IP? What is the best practice?
Health checks will always come from the self IP, not a SNAT.
SNATS are for traffic.
Yes it's okay to monitor tons of nodes with one self ip.
Hope that helps! If it does please up-vote and select this answer, it'd be greatly appreciated!
Thanks Dylan, How will it work in case of an HA pair. Do i need to create a floating IP or Should SNAT Pool will work same way as floating IP? I am a little bit confused here. Since floating IP floats over to the standby LTM in case of a failover. Will SNAT Pool work the same way? or if I configure both floating IP and SNAT Pool which will F5 use for Data?
Yes a SNAT pool works basically the same as a floating IP.
If you have a VIP set to AUTO-SNAT, it will SNAT to the floating IP.
If you have a VIP set to SNAT, it will use the SNAT pool addresses.