Forum Discussion

yoggit's avatar
yoggit
Icon for Nimbostratus rankNimbostratus
Nov 22, 2013

How to SNAT a monitor

Hi Guys,

 

I have the same requirement as this previous devcentral question - https://devcentral.f5.com/questions/how-to-make-a-health-monitor-use-snat-pool-addresses

 

I have configured as per the suggestion in the above - "anyway, it should be possilbe (even it is not ideal) to change monitor source ip to snatpool using intermediate virtual server (i.e. sending monitor traffic to intermediate virtual server and then pool member)."

 

But the monitor traffic exits the BIG-IP rather than targeting the intermediate VIP.

 

Just to be clear, the issue I have is that I have a local VIP as the only member of a pool, which I then monitor. I see the monitor traffic leaving the BIG-IP, even when the VIP is enabled on all (or none!) VLANs.

 

Thanks, JH

 

2 Replies

  • yoggit's avatar
    yoggit
    Icon for Nimbostratus rankNimbostratus

    I believe I have the answer...

     

    My monitor is UDP, and it was using the same source IP and port for each connection, so this meant each monitor connection was re-using an existing connection table entry, so changes to my VIP were making no difference.

     

    Ultimately I enabled the VIP only on the vlans that had a default route and then cleared the connection table entries for the monitor. If I enabled the VIP for no vlans, then the monitor traffic gets sent out the default route vlans. Not sure why this is the case, but hopefully this will help someone in the future.

     

    Cheers, JH