Forum Discussion

Brad_Wood_7735's avatar
Brad_Wood_7735
Historic F5 Account
May 31, 2007

NAT Irule

I have a client that wants to do the following… The "had" this functionality in some alteons that we replaced. Not sure of how to write this irule up, looking for some guidance from the experts!! TIA

 

 

From the client....

 

 

 

 

"I want to NAT an entire network one-to-one without setting up each individual IPs.

 

 

 

 

Example, someone types in telnet 11.5.110.x which routes to the F5 BigIP. BigIP NATs that to 10.5.110.x where x can be any valid host on the network."

 

 

application delivery
dev
devops
iRules

2 Replies

Sort By
  • hooleylist's avatar
    hooleylist
    Icon for Cirrostratus rankCirrostratus
    Jun 01, 2007
    You can test how to get the last octet of the destination IP with something like this:

    
when RULE_INIT {
   set ::translated_ip_prefix "1.2.3."
   set destination_ip 10.20.30.40
   set last_octet [getfield $destination_ip "." 4]
   set translated_ip $::translated_ip_prefix$last_octet
   log local0. "\$translated_ip: $translated_ip"
}

    (logs: $translated_ip: 1.2.3.40)

    You could then use a rule like this on a fastL4 network VIP:

    
when RULE_INIT {
   set ::translated_ip_prefix "10.20.30."
}
when CLIENT_ACCEPTED {
   node $::translated_ip_prefix[getfield [IP::local_addr] "." 4] [TCP::local_port]
   log local0. "Translated IP: $::translated_ip_prefix[getfield [IP::local_addr] "." 4] [TCP::local_port]"
}

    I didn't test this, but it passed a syntax check.

    Aaron
  • Brad_Wood_7735's avatar
    Brad_Wood_7735
    Historic F5 Account
    Jun 01, 2007
    Thanks!! I have gotten your suggestions over to the client. Great Idea!!! I'll post up the final irule when we get it complete.

     

     

    Brad