VMware Networking Community
Chris-work4
Contributor
Contributor
‎08-31-2022 01:41 AM

AVI Load Balancer routed pools

Do AVI Load Balancers support routing to the pools as per my pic?

avi route to pools.png

 

Labels (3)
0 Kudos
6 Replies
Geogee
Enthusiast
Enthusiast
‎08-31-2022 01:56 AM

As Far As I know, you can use Pools on the different networks, that are available thru routing.

If it is something, that you are asking for?

AVI SE (Service Engines) Are VMs, that can be connected in different L2 network, than Servers in Pool.

Chris-work4
Contributor
Contributor
‎08-31-2022 06:56 AM

Thanks @Geogee 

 

as I understand it AVI uses a spare IP on the network of the pool it balances for.

I assume it needs to be directly connected to that pool network?

Most scenarios show AVI connected to a T1 which also connects to the Pool network, can AVI LB for a network that is beyond a T0?

 

Thanks

0 Kudos
chrisgnoon
Enthusiast
Enthusiast
‎08-31-2022 10:46 AM

TL/DR

I assume it needs to be directly connected to that pool network? If the pool IPs and the VIP are in the same subnet, Yes.

Most scenarios show AVI connected to a T1 which also connects to the Pool network, can AVI LB for a network that is beyond a T0? Yes

-----

As @Geogee states.  The AVI Load Balancers are VMs and can be deployed in a number of different ways.

The AVI SE (VM) can have an arm in the pool subnet if the VIP is in the same subnet.  This is reminiscent of one-armed load balancing.

Another deployment model is for the SE's to be placed in a different segment and then route to the pool members.  In this instance, the SE will use the T1 to route between the VIP and the Pool members.  If the pool members are physical DBs, then the T1 routes outbound towards the T0's and further (unless bridged which causes an issue).  

N.B. In the 2nd example, the SEs would live on a separate subnet (10.10.10.0/24) and the pool members would live on a different subnet (10.10.20.0/24).  Simple routing takes effect here.  Take note, the VIPs can be either in the 10.10.10.0/24 range or a completely different range, 172.16.10.0/24 for example.  The 172.16.10.0/24 is then injected onto the T1.  This is NSX Cloud mode.

 

This might help:

https://vmusketeers.com/2021/12/06/nsx-alb-advanced-load-balancer-design/

Sorry for the self promotion.

Chris Noon | CCDP | CCNP | VCDX 289
Don't forget to mark as solved if your questions are answered.
0 Kudos
Chris-work4
Contributor
Contributor
‎09-16-2022 01:26 AM

the question now is how does one do that?

0 Kudos
dragance
VMware Employee
VMware Employee
‎10-25-2022 05:49 AM

Yes, you can reach pools out of T1/T0 like you draw - static routing is possible inside cloud that you build. There is also BGP support but it's not full featured and it's used for announcing VIP routes from SE to the upstream router.

HTH,

Dragan

salarmehdizadeh
Contributor
Contributor
‎11-26-2022 10:18 AM

I think that the answer is ROUTING.

your SEs must have reachability to your pools. it will be done by selecting the appropriate network on the vCenter cloud inside NSX ALB SEG (Network Tab) and also defining a specific route or default route for SEs.

if you use NSX cloud, T1 has to have a route advertisement to T0, and also T0 must have route to your physical side.

if you use vCenter cloud, under NSX ALB > Infrustracture > cloud resources > routing

select your cloud and define a static route if you do not use Dynamic routing.

salarmehdizadeh_0-1669486618757.png

 

 

0 Kudos