VMware Networking Community
5mall5nail5
Enthusiast
Enthusiast
Jump to solution

NSX Edge LB as reverse proxy/host header handling?

Hi all -


I am considering replacing an NGINX reverse proxy VM with the NSX Edge LB if possible.  I'll need SSL offloading and SSL end-to-end, but for the time being I'd like to get it working without.  I have two webservers in a pool and a single web server in a pool.  The two webservers load balance (round robin) prod.url.com and the single webserver is serving test.url.com.  I'd like to point internal DNS to the Edge/LB VIP/IP and have it see the incoming host header request for prod.url.com and kick it to the one pool, and test.url.com and send it to the other pool.  Is this possible?  Based on how this will be setup to the outside we do not want to have multiple NATs as the client we're hosting only provides a single public IP.  This currently works fine w/ NGINX but trying to unify solutions.

Thanks all!

Reply
0 Kudos
1 Solution

Accepted Solutions
smitmartijn
VMware Employee
VMware Employee
Jump to solution

It is built into the UI as far as that you can add application rules via the UI (or API, if you want). The above manual link also has the procedure to add them.

But the rules itself are in the format above. There's no wizard or anything, mostly because the possibilities with application rules are pretty immense. They're based on the HAProxy rules: HAProxy version 1.5.18 - Configuration Manual

View solution in original post

8 Replies
tanurkov
Enthusiast
Enthusiast
Jump to solution

HI

Yes it possible to have 2 url in same VIP also you can use Application rules to apply some intellect Smiley Happy

Just to say that NSX use HA proxy ver 1.5 in the implementation of LB if acceleration is not enabled with acceleration is lvs.

Regards Dmitri

Reply
0 Kudos
5mall5nail5
Enthusiast
Enthusiast
Jump to solution

Thanks tanurkov - any chance you know of an example I can reference?  NSX LB is new to me - I am good within NGINX reverse proxy/LB but not well vered in HA_proxy and NSX LB.  If I could see a reverse proxy sample that'd be ultra helpful!

Reply
0 Kudos
tanurkov
Enthusiast
Enthusiast
Jump to solution

If we talking about pure reverse proxy then NSX is not your best choice.

Reply
0 Kudos
smitmartijn
VMware Employee
VMware Employee
Jump to solution

Hi,

There's an example in the documentation which does what you want: Application Rule Examples

Here's the relevant bit:

Select Specific Pool Based on Host

You can redirect requests with a specific host to defined pools. The following sample rule checks for the request for specific hosts app1.xyz.com, app2.xyz.com, and host_any_app3 and redirects these requests respectively to defined pools, pool_app1, or pool_app2, and pool_app3. All other requests are redirected to existing pools defined in the Virtual Server.

acl host_app1 hdr(Host) -i app1.xyz.com 
acl host_app2 hdr(Host) -i app2.xyz.com
acl host_any_app3 hdr_beg(host) -i app3 
use_backend pool_app1 if host_app1
use_backend pool_app2 if host_app2
use_backend pool_app3 if host_any_app3
Reply
0 Kudos
5mall5nail5
Enthusiast
Enthusiast
Jump to solution

I understand NSX LB may not be the best choice for pure reverse proxy, but I was hoping to kill 2 birds with 1 stone if possible.  It'll also ultimately be load balanced, so it'd be nice to be able to reverse proxy and load balance on ESG.

Reply
0 Kudos
5mall5nail5
Enthusiast
Enthusiast
Jump to solution

smitmartijn​ Excellent!  Thanks so much I will toy with that portion.  So, is it safe to assume that this functionality is not built into the UI or is documentation putting it in CLI just for convenience of description?  I'll ultimately have operations employees managing this which means UI is always preferred, but if I have to document it with CLI that's fine too.

Thanks, time to test!

Reply
0 Kudos
smitmartijn
VMware Employee
VMware Employee
Jump to solution

It is built into the UI as far as that you can add application rules via the UI (or API, if you want). The above manual link also has the procedure to add them.

But the rules itself are in the format above. There's no wizard or anything, mostly because the possibilities with application rules are pretty immense. They're based on the HAProxy rules: HAProxy version 1.5.18 - Configuration Manual

5mall5nail5
Enthusiast
Enthusiast
Jump to solution

Thanks smitmartijn​ I'll see if I can't replicate thru UI for doc purposes.  Greatly appreciate it!  Impressed by NSX/ESG everyday!

Sorry one final question smitmartijn​ - if rules are added via CLI, do they display in UI?  I mean this question more universally as well.  Thanks!

Reply
0 Kudos