Forum Discussion

RSchill_194035's avatar
RSchill_194035
Icon for Nimbostratus rankNimbostratus
Mar 26, 2015

Changed behaviour after after supposedly successful migration

We just replaced six older F5s (1500, 1600 and 3400 from 2005 and 2008) with 2 F5 Big IP 4000 using partions to separate the rulesets. Everthing works fine, just a minor inconvenience showed up, as the (http-) traffic forwarded to the servers via firewall shows as source ip the floating ip of the big ips in the vlan instead of the self ip as it was in the past. I tried to compare the configuration (9.4.3 on the 3400, 11.5.1 HF4 on the 1600s, 11.6.0 HF3 on the 4000s) as best as I could but didn't find something obviously different except the changes coming from another version or using a LACP-trunk now. I thought it might be something like SNAT automap on but we never used this.

 

Any suggestions what might cause this change of behaviour?

 

application delivery
LTM
management
security

1 Reply

Sort By
  • StephanManthey's avatar
    StephanManthey
    Icon for MVP rankMVP
    Mar 26, 2015

    Hi,

     

    by default the virtual server will not change the source IP when forwarding the packets to the poolmember.

     

    Exceptions for setups using OneConnect and PerformanceHTTP. In this case source IP may change as existing idle serverside connections are re-used (connection multiplexing).

     

    If you noticed source NAT in the past I assume there is SNAT AutoMap configured for the virtual servers or there is a so called Default SNAT configured (lookup your SNAT List configurations, please).

     

    The self IPs were used, if there was no floating self IP configured.

     

    Since TMOS v11 it´s mandatory to have a floating self IP in the traffic-group used by your your virtual servers for proper SNATing.

     

    I would recommend to grep your bigip.conf (separate files for admin partitions will be found in /config/partitions/ for SNAT entries (may also appear i.e. in iRules).

     

    Thanks, Stephan