VMware Networking Community
networlddsg
Enthusiast
Enthusiast
‎04-23-2018 11:00 PM

About session information from NSX Edge's Active to Standby

hello.

When NSX Edge's HA is switched, do you want to recreate a new session without holding load balance session information?

Or keep it holding?

Which one is correct?

About High Availability

https://docs.vmware.com/en/VMware-NSX-for-vSphere/6.4/com.vmware.nsx.admin.doc/GUID-6C4F0C33-C6DD-43...

For example, NSX Edge HA synchronizes the connection tracker of the statefull firewall, or the statefull information held by the load balancer.

Load balancer and VPN services need to re-establish TCP connection with NSX Edge, so service is disrupted for a short while.

0 Kudos
2 Replies
Sreec
VMware Employee
VMware Employee
‎04-24-2018 01:18 AM

If there is a switch over due to whatever reason, TCP session will get reestablished  for VPN&LB . Don't get confused between LB TCP session(Not Retained) and firewall session(Retained)

Cheers,
Sree | VCIX-5X| VCAP-5X| VExpert 7x|Cisco Certified Specialist
Please KUDO helpful posts and mark the thread as solved if answered
0 Kudos
networlddsg
Enthusiast
Enthusiast
‎04-24-2018 01:44 AM

Thanks for your comment.

Let me check it.

When NSX Edge is Failover Do the following session information be maintained in NSX Edge of Secandary?

show service loadbalancer session

nsxedge1-0> show service loadbalancer session

L7 Loadbalancer: stopped

-------------------------------------------------------------------- ---------------------

L4 Loadbalancer Statistics:

MAX_CONN ACT_CONN INACT_CONN TOTAL_ CONN

65536 2 32 34

L4 Loadbalancer Current Sessions:

pro expire state source virtual destination

TCP 00:19 TIME_WAIT 10.9.0.161: 64341 10.10.160.75: 80 10.10.160.63: 80

TCP 00:21 TIME_WAIT 10.9.0.161: 64372 10.10.160.75: 80 10.10.160.65: 80

TCP 00:23 TIME_WAIT 10.9.0.161: 64383 10.10.160.75: 80 10.10.160.66: 80

TCP 00:20 TIME_WAIT 10.9.0.161: 64356 10.10.160.75: 80 10.10.160.65: 80

TCP 00:21 TIME_WAIT 10.9.0.161: 64354 10.10.160.75: 80 10.10.160.64: ​​80

TCP 00:21 TIME_WAIT 10.9.0.161: 64360 10.10.160.75: 80 10.10.160.65: 80

TCP 00:24 TIME_WAIT 10.9.0.161: 64399 10.10.160.75: 80 10.10.160.66: 80

TCP 00:21 TIME_WAIT 10.9.0.161: 64364 10.10.160.75: 80 10.10.160.63: 80

TCP 00: 00 CLOSE 10.9.0.161: 64350 10.10.160.75: 80 10.10.160.66: 80

TCP 00:21 TIME_WAIT 10.9.0.161: 64377 10.10.160.75: 80 10.10.160.63: 80

TCP 360: 59 ESTABLISHED 10.9.0.161: 64411 10.10.160.75: 80 10.10.160.66: 80

0 Kudos