outbound nat based on IP
I'm trying to configure LLB for ISP links and having some trouble with the outbound NAT.
Basically when it goes out ISP1 it should default to NAT pool ISP_C for most users, but when it comes from one range (using individual IP in my testing) it needs to use NAT pool ISP_CTHSE
Under my 0.0.0.0 VIP this aflex works:
when LB_SELECTED {
switch -glob [LB::server name] {
ISP_CTHSE { snatpool ISP_C }
ISP_ADMIN { snatpool ISP_A }
default {}
}
}
my attempt at doing what I need is below, and breaks the NAT for everyone, not just the one IP. ISP_CTHSE is the only one up, so ISP_ADMIN can't be chosen.
when LB_SELECTED {
switch -glob [LB::server name] {
ISP_CTHSE {
if { [IP::addr [IP::client_addr] equals 10.18.0.105] } {
snatpool ISP_CTHSE
} else { snatpool ISP_C }
}
ISP_ADMIN { snatpool ISP_A }
default { }
}
}
Basically when it goes out ISP1 it should default to NAT pool ISP_C for most users, but when it comes from one range (using individual IP in my testing) it needs to use NAT pool ISP_CTHSE
Under my 0.0.0.0 VIP this aflex works:
when LB_SELECTED {
switch -glob [LB::server name] {
ISP_CTHSE { snatpool ISP_C }
ISP_ADMIN { snatpool ISP_A }
default {}
}
}
my attempt at doing what I need is below, and breaks the NAT for everyone, not just the one IP. ISP_CTHSE is the only one up, so ISP_ADMIN can't be chosen.
when LB_SELECTED {
switch -glob [LB::server name] {
ISP_CTHSE {
if { [IP::addr [IP::client_addr] equals 10.18.0.105] } {
snatpool ISP_CTHSE
} else { snatpool ISP_C }
}
ISP_ADMIN { snatpool ISP_A }
default { }
}
}
0