VMware Networking Community
sguadamu1
Enthusiast
Enthusiast

NSX-V FTP Load Balancer

Hi NSX experts,

I am trying to get some help since I am not able to set up an LB using NSX-V for my FTP service. 

I am following a TOI presentation however I am seeing the following outouts:

 

Loadbalancer Pool Statistics:

POOL ftp-test
| LB METHOD round-robin
| LB PROTOCOL L7  <---------------------- even when acceleration is enabled.
| Transparent disabled
| SESSION (cur, max, total) = (0, 0, 0)
| BYTES in = (0), out = (0)
+->POOL MEMBER: ftp-test/member-1, STATUS: UP
| | HEALTH MONITOR = BUILT-IN, default_tcp_monitor:L4OK
| | | LAST STATE CHANGE: 2022-03-14 20:23:45
| | SESSION (cur, max, total) = (0, 0, 0)
| | BYTES in = (0), out = (0)

Also I have the ALG configures as 

allow any any and in service I selected FTP.

I took some packet captures at the pool member level and I can see when I bypass the LB the communication working fine, but when I use the LB the request does not even reach the pool, seems like it is not passing the ESG.

Best Regards.

Reply
0 Kudos
2 Replies
McDonald43452
Contributor
Contributor

Configuring NSX Advanced Load Balancer
To configure NSX Advanced Load Balancer for load balancing passive FTP, follow the steps below:

Configuring health monitor for FTP

Configuring pool with the required FTP servers

Configuring Layer 4 response DataScript for FTP

Configuring Layer 4 virtual service with port configuration for the data channel

Configuring Health Monitor
To configure an external health monitor for FTP, on NSX Advanced Load Balancer UI navigate to Templates > Profiles > Health Monitors and click Create.

Enter a name for the health monitor.

Click the dropdown for Type and select External.

Enter a relevant value in the Send Interval field.

Under External Settings,

Enter port number 21 in the Health Monitor Port field.

Paste the below bash script for the FTP health monitor in the Script Code section.
#!/bin/bash
curl -s ftp://$IP/$path --ftp-pasv -u $user:$pass

Enter the Username, Password, and the Filepath in the Script Variables section. MyTHDHR Schedule

Reply
0 Kudos
Catyssun
Contributor
Contributor

Here are some steps you can take to troubleshoot and resolve the issue:

  1. Check Network Configuration:

    • Ensure the Edge Services Gateway (ESG) is properly configured and reachable.
    • Verify that the load balancer is associated with the correct ESG and that the routing is configured appropriately.
  2. Verify Load Balancer Configuration:

    • Double-check your load balancer configuration, including the pool settings, LB method (round-robin), LB protocol (L7), and transparency settings.
    • Confirm that the pool members are correctly configured, and their health monitors are passing.
  3. Check A.L.G. (Application Layer Gateway) Configuration:

    • Review your A.L.G. settings for FTP. Ensure that the A.L.G. is allowed for FTP traffic and that the service is correctly selected.
  4. Packet Capture Analysis:

    • Since you mentioned that the communication works fine when bypassing the LB, analyze the packet captures taken at the pool member level when using the L.B. Look for any anomalies or differences in the packet flow.
  5. Logs and Events:

    • Check NSX-V logs and events for any error messages or warnings related to the load balancer configuration or traffic processing. This can provide valuable insights into what might be going wrong.
  6. Firewall Rules:

    • Review the firewall rules on the E.S.G. and ensure they permit the necessary traffic for FTP through the load balancer.
  7. E.S.G. Connectivity:

    • Confirm that the E.S.G. has proper connectivity to the backend FTP servers. Ensure there are no network issues affecting communication.
  8. Update or Patch:

    • Check if any updates or patches are available for NSX-V, and consider applying them if needed. Sometimes, issues can be resolved by updating to the latest software version.  PayByPlate Ma
Reply
0 Kudos