Exchange 2010 SNAT Persistence iRule on Multiple VLANs
My BIGIP 11000s on V11.2.1 is fronting 16 Exchange 2010 CAS servers for Outlook Anywhere. The virtual server is using SNAT iRule to ensure SNAT IP persistence similar to this:
********
when RULE_INIT {
Use a local array to configure SNAT addresses.
These addresses must be defined in a SNAT pool to ensure TMM
sends gratuitous ARPs during a failover.
In this example, we use three addresses. Replace
these with the IP addresses used in your SNAT Pool.
Follow the pattern of the existing addresses to add more than three.
set static::snat_ips(0) 10.0.0.1
set static::snat_ips(1) 10.0.0.2
set static::snat_ips(2) 10.0.0.3
}
when HTTP_REQUEST {
Calculate the crc32 checksum of the client IP.
Use the modulo of the checksum and the number of SNAT IPs in the array
to select a SNAT IP address.
snat $static::snat_ips([expr {[crc32 [IP::client_addr]] % [array size static::snat_ips]}])
}
********
(These SNAT IPs are also in the SNAT Pool assigned to the VS)
We are now introducing more CAS servers on a different subnet that will be in a different VLAN which will also connect to the BIGIPs. So I will need SNAT IPs for the new subnet to talk to the new CAS servers. The iRule is NOT intelligent enough to choose a SNAT from the same subnet as the chosen pool member. So I edited the above iRule to add new SNATs to a different static variable (NEW_snat_ips) and then an "if" conditional statement to assign a SNAT IP based on the load balanced server's network it belongs to.
Does this look correct? valid? Will it work? (oh, and can the set static commands be consolidated with some type of range command?)
********
when RULE_INIT {
set static::snat_ips(0) 10.1.1.138
set static::snat_ips(1) 10.1.1.139
set static::snat_ips(2) 10.1.1.140
set static::snat_ips(3) 10.1.1.141
set static::snat_ips(4) 10.1.1.142
set static::snat_ips(5) 10.1.1.143
set static::NEW_snat_ips(0) 10.2.2.225
set static::NEW_snat_ips(1) 10.2.2.226
set static::NEW_snat_ips(2) 10.2.2.227
set static::NEW_snat_ips(3) 10.2.2.228
set static::NEW_snat_ips(4) 10.2.2.229
set static::NEW_snat_ips(5) 10.2.2.230
}
when HTTP_REQUEST {
if {
IP::addr [LB::server addr] starts_with "10.1.1" }
{
snat $static::snat_ips([expr {[crc32 [IP::client_addr]] % [array size static::snat_ips]}])
}
else {
snat $static::NEW_snat_ips([expr {[crc32 [IP::client_addr]] % [array size static::snat_ips]}])
}
}
********