This topic we would lile to provide information and step how to setup F5 iRules

that check source client ip and translate client ip addtess before send traffic to servers


In this diagram above, We have client IP a.a.a.a, b.b.b.b and c.c.c.c send traffic to virtual server on F5, We would like to create iRules that match condition source IP address and translate IP before send traffic to servers, We using to function on F5, First iRules and second is source nat pool, We recommend source nat pool becuase it can scale IP address in the features

Step1: Create iRules data-group for group client IP address that using same source NAT IP for translate to servers, GUI > Local Traffic > iRules > Data-Group

iRules Data-Group
iRules Data-Group Group-A
iRules Data-Group
iRules Data-Group Group-B

Step2: Create SNAT Pool for add IP for translate client IP address, in this case we create 2 SNAT pool for iRules Data-Group client group-a and group-b, GUI > Address Translation > SNAT Pools

SNAT Pools A
SNAT Pools B

Step3: Create iRules check client IP and translate before send traffic to servers, GUI > Local Traffic > iRules

if { [class match [IP::client_addr] equals “group-a”] } {
snatpool snat-pool-a
} elseif { [class match [IP::client_addr] equals “group-b”] } {
snatpool snat-pool-b

F5 iRules
F5 iRules

 929 total views,  1 views today

Related Posts

  • In this topic about solution F5 using iRules to check source client IP address from HTTP header x-forward-for and f5 query IP address from x-forward-for to geo-database for check country name, In case match with blacklist country, F5 action drop packet from client Step1: Diagram Traffic flow for this case…
    Tags: step, client, ip, irules, check, data-group, source, match, traffic, networks
  • In this topic we would like to provide solution iRules check condition that match with HTTP referrer and redirect traffic, in case not match any thing F5 will action forward traffic to specific pool Example Diagram F5 iRules check HTTP referrer and redirect traffic iRules code when HTTP_REQUEST {if {…
    Tags: traffic, pool, match, irules, check, client, send, networks
  • Step1: Go to menu Networks > VLANS > Create Step2: Fill in VLAN information (VLAN Name, VLAN ID, Tagging Type, Interface mapping with VLAN) Step3: Go to menu Networks > Self IPs > Create Step4: Fill in Self IPs information (Self IPs Name, IP Address, Netmask, Mapping with VLAN)
    Tags: step, create, networks, ip, address
  • We would like to share step how to check IP addrsss on your computer 1. Search cmd on window search task bar and click icon Command Prompt 2. Run command "ipconfig" and check your adapter network like LAN or Wireless Network Your IP is
    Tags: check, ip, step, address