Skip to content
View in the app

A better way to browse. Learn more.
Gear Crushers

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

SNAT Pool Info

wildweaselmi
in F5

Featured Replies

Here you will find some information about SNATPOOL on a BigIP F5 LTM box.

This is the command I use to list the LTM snatpool 

[user1@usmifntlb03:Active:In Sync] ~ # tmsh show /ltm snatpool

---------------------------------
Ltm::SNAT Pool: DEV_SNAT_POOL
---------------------------------
Traffic                ServerSide
  Bits In                   43.3G
  Bits Out                 143.3G
  Packets In                28.8M
  Packets Out               27.9M
  Current Connections          30
  Maximum Connections        2.7K
  Total Connections          1.8M
  
[user1@usmifntlb03:Active:In Sync] ~ # tmsh list ltm rule /Common/* | egrep 'ltm.*rule|snat' | grep -B 1 'snat '
ltm rule SNAT2VIP {
  snat $virtaulip
--
ltm rule irule.snat.for.my.network {
                snat automap
ltm rule irule.snat.for.sat.networks {
                                snat automap
 

CHANGE TO SNAT POOL (identify what SNAT Pools exist.. GUI: Local Traffic - Address Translation - SNAT Pool List) 

tmsh modify /ltm virtual /Common/vs.djztest.int.thezah.com.https source-address-translation {type snat pool TST_SNAT_POOL}
 

LIST / CONFIRM VIRTUAL SERVER SETTINGS (SNAT & POOL) 

tmsh list /ltm virtual /Common/vs.djztest.int.thezah.com.https | egrep 'ltm.*virtual|type|pool' | grep -B 2 'type '
 
  • 2 months later...

Source Network Address Translation or referenced as Secure Network Address Translation.

“Source” makes it easier to understand, because you are translating the “source” addresses of the client initiating traffic or as the devices references it the “origin”.

“Secure” because you can’t initiate traffic to a SNAT, the “translation” addresses are never known by the host initiating the traffic.

SNAT_example.pngSNAT is made of up three components:

  • Translation – Options: an IP address (single address), a SNAT Pool (multiple addresses), or an Automap(self IP(s) of the Local Traffic Manager). This is what the Source address of the client is translated to.
  • Origin – Options: All addresses (everything coming in on the VLAN you specify, or an Address list (specific addresses you provide). These are indeed the source addresses of the client.
  • VLAN Traffic – Options: All Vlans (every VLAN), Enabled on (only on the vlans specified), or Disabled on (on all vlans except the ones you specify)

Unlike a traditional NAT, you can’t send traffic to a SNAT address.  SNATs are either global (ie traffic coming through a LTM), or they can be associated with a Virtual Server.   The first option is the hardest to get your head around, the second option, associating with a Virtual Server, is a lot easier to grasp and is usually everyone’s first exposure to SNAT, using “SNAT automap” applied to a virtual server.  In both examples SNAT is generally used to solve routing issues and can be used with a variety of mappings but not limited to, one to one, many to one, all to one, etc etc.  

Create an account or sign in to comment
Go to topic listing

Important Information

By using this site, you agree to our Terms of Use.

I accept

Account

Navigation

Search

Search

Configure browser push notifications
Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.