Forum Discussion

rachitbiyani_21's avatar
rachitbiyani_21
Icon for Nimbostratus rankNimbostratus
Aug 21, 2015

Unable to pass ICMP traffic through a virtual server with a 32 bit subnet IPv4 address

Hello Folks,

 

I have configured a virtual server with a 32 bit subnet IP address e.g. the IP address of the virtual server is 18.18.18.30/32

 

Now, this is a standard virtual server and it has a pool associated with it. The config is as follows:

 

tmsh create ltm pool myPool4 members add { 23.2.2.10:any }

 

tmsh create ltm virtual vServer4 { destination 18.18.18.30:any mask 255.255.255.255 pool myPool4 profiles add { ipother } source-address-translation { type snat pool snatPool3 } }

 

Now, when I pass UDP traffic through the virtual server, it goes through with the destination IP address rewritten to the pool member IP (i.e. 23.2.2.10)

 

However, if I send ICMP traffic to the virtual server, the virtual server directly responds to it. The ICMP traffic does not get through to the pool member with a destination IP re-write.

 

Is this expected behavior? Or is there some configuration that I am missing? For a virtual server IP with a non-32 bit subnet i.e. 18.18.18.0/24, the ICMP goes to the pool member. That behavior is different from the case which I just described above.

 

I can see why it would make sense for a virtual server with a 32 bit subnet IP to directly respond to pings. I just want to be sure that I am not mis-configuring/misunderstanding anything here.

 

Thanks, Rachit

 

PS: (Please ignore the source NAT translation in the config - that should be unrelated to the actual question)

 

2 Replies

  • There is an option for it passing icmp traffic on to the nodes. I don't remember offhand where it is at but its worth researching

     

  • Found it:

     

    Try enabling SNAT Packet Forwarding for all packet types: In the GUI, navigate to: System>>Configuration:Local Traffic:General Change "SNAT Packet Forwarding" from "TCP and UDP Only" to "All Traffic"