Forum Discussion

Jack_young_1068's avatar
Jack_young_1068
Historic F5 Account
Mar 06, 2008

bulk NAT iRule

hi,

 

 

I am trying to have an iRule converting internal network hosts (10.0.0.0/8) to external ip (11.0.0.0/8). This needs to be an 1-1 NAT.

 

 

First, setup a virtual server handles inbound connections from outside to a server.

 

 

Virtual Server 11.0.0.0/8, performance L4, address translation enabled, enabled on outside VLAN

 

 

using this iRule

 

when CLIENT_ACCEPTED {

 

SNAT 10.X.Y.Z to 11.X.Y.Z

 

set xyz [findstr [IP::remote_addr] ???.??? 1]

 

snat 11.$xyz

 

}

 

 

Next, setup this virtual server handles outbound connections from inside out

 

 

Virtual Server 0.0.0.0, forwarding (IP), enabled on inside vlan

 

 

when CLIENT_ACCEPTED {

 

Send 11.X.Y.Z to 10.X.Y.Z (i.e. NAT)

 

set xyz [findstr [IP::local_addr] ???.??? 1]

 

node 10.$xyz

 

}

 

 

well, I am not having success with this. Could you suggest something to try?
application delivery
dev
devops
iRules

1 Reply

Sort By
  • The_Bhattman's avatar
    The_Bhattman
    Icon for Nimbostratus rankNimbostratus
    Mar 17, 2008
    I suppose you could write the 2 irules in the following that can be used 

    
when CLIENT_ACCEPTED {
 SNAT 10.X.Y.Z to 11.X.Y.Z
  set xyz [findstr [IP::client_addr] 4 ]
  snat 11.$xyz
}
and 
when CLIENT_ACCEPTED {
 SNAT 10.X.Y.Z to 11.X.Y.Z
  set xyz [findstr [IP::client_addr] 4 ]
  snat 10.$xyz
}

    or you could bundle it up in one irule

    
when CLIENT_ACCEPTED { 
     if {[IP::addr "[IP::client_addr]/8" equals 10.0.0.0/8"]} {
       set xyz "eleven"
     } else if {[IP::addr "[IP::client_addr]/8" equals 11.0.0.0/8"]} {
       set xyz "ten"
     }
 switch $xyz {
   "eleven" { snat 11.$xyz }
   "ten" { snat 10.$xyz }
 }
}

    Hope that helps

    CB