snat port address overlap on LTM

Question

Using SNAT on http virtual server and 3 nodes. What happens when the source port on a given service is duplicated? For example:&nbsp;
[root@bigip2:Active] config  b conn show all | grep 1922&nbsp;
        (pkts,bits) in = (45, 11922)   out = (58, 27517)&nbsp;
    CLIENTSIDE 10.120.15.27:1922 &lt;-&gt; 10.150.87.33:https&nbsp;
    CLIENTSIDE 10.150.87.207:1922 &lt;-&gt; 10.150.87.33:https&nbsp;
    SERVERSIDE 10.120.114.7:1922 &lt;-&gt; 10.120.114.34:https&nbsp;
 &nbsp;
Two clients are using the same source port accessing a virtual server. On serverside the port is used, but which client? How does the LTM handle the collision? Does it remap to another port on serverside? Or does the client simply have to retry again?&nbsp;

what_lies_bene1 · Answer

Are you using OneConnect? This will make a difference. Also, it's likely that the second client connection isn't using a source port of 1922 but as that's what you grepped on, that's all you're seeing. What do you have set for Source Port Preservation? The default is: "LTM preserves the client source port except where it is in use by an SNAT in which case a different port is used"

mhsnetadmins · Answer

Yes, using OneConnect. 
&nbsp; As far as source port preservation is concerned, I'm currently running 9.4.8, and I thought this was a global setting. 
&nbsp; I will be upgrading to 10.2.4 soon.

Forum Discussion

snat port address overlap on LTM

2 Replies

Recent Discussions

SMS server with BIGIP

F5 terminal - help to run commands - disk space full

Can iRule be used to perform exception of IPI category based on Geolocation

[ASM] - what is "Browser Challange file" ?

LDAPS and renegotiation

Related Content

SNAT IP address logging

Overlapped Networks Question

How to ensure source address and source port are accepted and traversed properly via F5 SNAT automap

CSV to Address External Datagroup File

Decoding the IPv4 address from the persistence cookie