Outbound IPs for mail and navigation traffic
Hello friends,
Yes, I know it is a basic question, but I need help due to I am new in F5 deployments. Please..! I'd appreciate any help you provide.
I was given two pools of public IPs. One pool for load balancing inbound and outbound mail traffic, but this traffic must leave the F5 (towards the Internet) with one of the IPs which are part of the first pool, each time, in round robin load balancing way (PTR Records will be configured on the DNS). On the other hand, F5 must NAT the outbound Internet navigation traffic of the users. I mean, F5 will give a public IP of the second pool (each time, in a round robin way) to a user who wants to sail in the Internet. In this way, when a user asks for his real IP, Google will give him one of the IPs of the second pool. Are those deployments possible?
I suppose I can do it by using SNAT, but I am not sure about it. I have configured the virtual servers to receive incoming mail traffic. I want to create a SNAT pool to attach it to those virtual servers which are managing incoming traffic, but how BIG IP would differ among incoming and outgoing traffic? What about navigation traffic?
Hope you could give me some guidance. Please, I will really appreciate any help.
Thanks
Omar
You can have a the second SNAT Pool with your three public IP addresses attached to a 0.0.0.0:* Virtual listening on your internal VLAN to handle outgoing traffic.
If you only have on mail server then you will only have one virtual to point to it. Unless you need a mail server endpoint in each ISP VLAN? Then just create three virtual's, each attached to an external ISP's VLAN, using the same mailserver pool. That handles the incoming traffic. For outbound traffic from the mail server use a 0.0.0.0:25 virtual on the inside VLAN with the first SNAT pool.