anyone has a comment when it comes to NFVS vs VS? what is the precedence order for VS, NAT, SNAT, NFVS please?
Please help clarifying the correct statement for these 3 points. Thanks.
I would point out that the second link is an official F5 Solution article, and while they are occasionally wrong, it is very unusual. The first link is someone's best estimate, which is awesome, but not official. The KB article is correct:
Virtual Servers trump NATs.
More specific Virtual Servers trump less specific virtual servers:
10.10.10.1:80 trumps 10.10.10.1:*
NAT trumps SNAT
More specific SNAT trumps less specific SNAT
So from first to last:
Virtual Servers (Specific) -> Virtual Server (General) -> NAT -> SNAT (Specific) -> SNAT (General)
Thanks for replying.
So whould the preference be: VS->NFVS->NAT->SNAT
It's somehow confusing mostly with different documents relating to different technical aspects of how they behave.
Let's say we have a connection with specific NAT and SNAT object ... which one will be preferred? NAT or SNAT?
NAT (Network Address Translation) wins out over SNAT (Source Network Address Translation). So for instance if your client hits the BigIP with a source address of 10.10.10.15 going to 10.10.10.25, and you have a SNAT listener on 10.10.10.0/24 and a NAT configured with an origin address of 10.10.10.15 with a destination of 220.127.116.11, the traffic will be handled by the NAT, rather than the SNAT.
A solid explanation of NAT and SNAT and the configuration of both can be found here: https://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/tmos-routing-administration-13-0-0/7.html