Saurabh Bhattacharya

July 17, 2023July 21, 2023

NSX ALB – A conversation about GSLB Basics

CuriousTechie: Hey, I am learning to setup Global Server Load Balancing on AVI. I do not have much experience on GSLB especially with AVI or NSX ALB, can you help me understand the basic concept of GSLB with NSX ALB?

ITGuy: Sure! Are you good with how GSLB works irrespective of the Load Balancer?

CuriousTechie: I know some basics, but a white board refresher will be helpful.

ITGuy: Sure! Let’s see what happens when you type a URL in your favourite web browser. You input a URL lets say “curioustechies.in”and DNS does its magic and run multiple DNS queries to find you the IP of the web site/server that you are looking for. I believe you have a fair understanding of how DNS works so will not go much deep into it. OK?

June 28, 2023

NSX ALB Virtual Service Placement

A conversation about placement of Virtual Services on NSX ALB Service Engines

CuriousTechie: Hey IT Guy, I am starting my starting my journey with NSX ALB and I am little confused with different knobs in the Service Engine Group setting to manage the Virtual Service Placement. Can you show me around the setting to build a better understanding?

ITGuy: Yes, sure! Let’s start with some basic understanding of the knobs and then we can work on few scenarios to see how the placement works.

May 31, 2023

Quick NSX D-IDPS validation

A conversation about basic validation of NSX Distributed Intrusion Detection and Prevention System

CuriousTechie: Hey IT Guy, I am doing a Green filed deployment and have enabled NSX distributed IDPS in the environment. It may take few days to setup a testing environment with Security testing tools to simulate attacks and validate if the NSX D-IDPS is actually working or not. Is there a way to quicky validate the basic intrusion detection and prevention functionality of the solution?

May 15, 2023May 15, 2023

Changing Service Engine Network in NSX ALB

CuriousTechie: Hey ITGuy ! I have a scenario with NSX ALB that I need to work on, can we talk about it?

ITGuy: Sure! Let’s understand the scenario and we can evaluate a feasible solution.

CuriousTechie: I have few Active Virtual Services running in my AVI environment on vCenter Write Access cloud. Frontend VIP and Backend Servers are on different networks and the deployment is on Two Arm mode.

Due to some backend configuration on vCenter, I had to create new DV PortGroups for the same VLAN communication and now I need to make sure that my AVI Services Engines gets connected to the new PortGroups that I have created and not on the old ones.

ITGuy: For normal VM’s running in the environment, this move is as easy as changing the network adapter of a VM but for Service Engines that is not the case. If you change the Network adapter of the SE from vCenter then it would result in mismatch of configuration between AVI and vCenter. For example, in vCenter you will see SE connected to New PortGroup but in AVI console you will see the SE connected to Old PortGroup.(Do not try that!)

The way to perform the activity is by using proper placement networks and during this activity your Virtual Service will not be available for some time thus it will be best done during maintenance window. Let’s see how it can be done!

May 12, 2023May 15, 2023