VMware NSX

 View Only
  • 1.  NLB in transparent mode

    Posted Sep 28, 2018 01:27 PM

    I'm doing some NLB tests and I've discovered that It's possible to use the tranparent mode (putting the flag in the EDIT POOL GUI), with both the toplogies; in-line and harmed.

    So, why I always read in the docs that the transparent feature requires an  in-line topology.



  • 2.  RE: NLB in transparent mode
    Best Answer

    Broadcom Employee
    Posted Sep 28, 2018 01:36 PM

    The issue with a one armed topology in transparent mode is that direct server return (DSR), where return traffic from the pool member to client is sent directly to the client and bypasses the LB, is unsupported (even if it might work in some scenarios).  You can still have a design where the transparent LB is on the same subnet as the pool member similar to a one armed topology, but the pool member in that scenario must have the LB configured as its default gateway to ensure that it remains in the traffic path.  See Configure a One-Armed Load Balancer​ for additional reference.



  • 3.  RE: NLB in transparent mode

    Posted Sep 28, 2018 02:44 PM

    Thanks!

    And..how many nat rules I wil find in the edge NAT tab with the different topologies?



  • 4.  RE: NLB in transparent mode

    Broadcom Employee
    Posted Sep 28, 2018 02:57 PM

    Transparent mode only performs DNAT so that's all you'll ever see in that scenario.  For one armed mode, both SNAT and DNAT are performed, however, if you're looking at the NAT config on the edge, you'll still only see the DNAT rule that the LB creates unless your virtual server has acceleration enabled (otherwise the L7 LB engine is actually establishing a separate backend connection to the pool member so not utilizing the L4 NAT functionality and the DNAT rule you see in the UI is effectively a placeholder to prevent users from configuring a conflicting rule).