This section covers the information on the geolocation (Geo-DB) database which is used in the geolocation algorithm.
The data are placed into NSX Advanced Load Balancer geo-DB format (specified below) for downloading into all NSX Advanced Load Balancer DNS SEs in the SE group. As a reminder, this group is dedicated to DNS; no application virtual services are allowed in it. The NSX Advanced Load Balancer geo-DB is subsequently replicated to all follower NSX Advanced Load Balancer DNS instantiations so that any one of them (DNS-1 and DNS-2 in the above example) can reply to client-local DNSs with the same optimally located VIP.
NSX Advanced Load Balancer includes a geolocation database for identifying the origin of clients. This is a fixed database based on the MaxMind IP-Country and IP-ASN data. The database is maintained on the Controllers and incorporates database updates when the Controllers are upgraded.
Fields in an NSX Advanced Load Balancer geo-DB record are sufficient to accommodate information defined in popular third-party geolocation databases. A single record contains six comma-delimited fields. The first four are mandatory. A hyphen in the fifth or sixth position indicates the field is unspecified. The fields are as follows:
IP address range start
IP address range end
Full name of a city, e.g., USA/California/San Francisco
Tag is reserved for special uses, e.g., to store a customer-defined value for the region, say “West”
The ‘name’ and ‘tag fields are used for two purposes:
They appear in logs
They can be used to merge location entries, to make the memory usage less and lookups faster, by making the lookups coarser
File Format and Grammar Rules
Any line starting with a leading ‘#’ is ignored as a comment. Location record lines may not contain leading or embedded spaces. The first line must contain V.XX, where XX is the version of the NSX Advanced Load Balancer DB. At the time of this writing, the only supported value is V.01. The optional name field is comprised of three parts, and the parts are delimited by two slashes. Any line with a parsing error is dropped. If there are more than 95% errors, the geo-DB loading operation fails. If there are lines with duplicate or overlapping addresses, the line last specified in the file dominates and overwrites the other entries. The following example illustrates a proper syntax for the IPv4 format.
V.01 # start_ip,end_ip,latitude,longitude,country/region/city,tag # Hyphens denote an unspecified region and city within Australia 18.104.22.168,22.214.171.124,-33.4940,143.2104,Australia/-/-,- 126.96.36.199,188.8.131.52,26.0614,119.3061,China/Fujian/Fuzhou,- 184.108.40.206,220.127.116.11,26.0614,119.3061,China/Fujian/Fuzhou,- # Neither the name nor the tag fields are specified for the IP range 18.104.22.168 to 22.214.171.124 126.96.36.199,188.8.131.52,26.0614,119.3061,-,-
Multiple files can be specified as input for source-IP-address-to-location mapping. As described later in this guide, a priority mechanism determines which data should dominate if and when multiple sources stipulate a distance for a given IP address.
Conversion from other formats to the NSX Advanced Load Balancer format is possible. Such data are merged into one, static, composite geo-DB file in NSX Advanced Load Balancer format. In the first release, the MaxMind format will be importable. Over time, the design may support the import of data from other sources.
Clients of multi-site applications are assumed to have public or private addresses. From the perspective of NSX Advanced Load Balancer GSLB, they have direct network access to either public or private VIPs, but not both simultaneously. In public networks, network address translation may engage private sites, but such private IPs are transparent to the geolocation algorithm that governs public-client access. Accordingly, the geo-DB is responsible to contain one or the other kind of address, not both simultaneously.
The following fields are available for an NSX Advanced Load Balancer geo-DB v6 record.
Full name of a city, e.g., USA/California/San Francisco
Tag — is reserved for special uses, e.g., to store a customer-defined value for the region, say “West”
The first four fields are mandatory. A hyphen in the fifth or sixth position indicates the field is unspecified.
IPv6 File Format
The following example illustrates a proper syntax for the IPv6 database format.
V.01 # IPv6 address, prefix length,latitude,longitude,country/region/city,tag # Hyphens denote an unspecified region and city within United States 1::3,128,1,1,United States/-/-,testing 2::2,128,5,5,United States/-/-,testing 1::1,128,3,3,United States/-/-,testing 3::3,128,8,7,United States/-/-,testing 4::4,128,9,9,United States/-/-,testing
Impact on NSX Advanced Load Balancer Controller and NSX Advanced Load Balancer SE Configuration
To support the geolocation algorithm, special consideration must be given when configuring Controllers and the SEs implementingNSX Advanced Load Balancer DNS for GSLB.
Memory Allocation – An NSX Advanced Load Balancer geo-DB can be very large (e.g., can easily contain 3 million entries). Accordingly, the minimum recommendation for an NSX Advanced Load Balancer DNS SE is 8 GB. The additional knob Host Geo Profile stipulates that some of that memory (2GB recommended) is to be exclusively devoted to the geo-DB. The geo profile permits a portion of SE memory to be reserved for geoDB.
Disk Allocation – An NSX Advanced Load Balancer geo-DB can be very large (for instance, can easily contain 3 million entries). Accordingly, an extra 2 GB is recommended for disk size. Controller disk size likewise needs to increase beyond the norm, since it is the first place the data are assembled.
When the NSX Advanced Load Balancer geo-DB is large, the DNS SE needs some time to load the entries into memory.
The CLI commands for these are discussed in the CLI section.
Overriding the Database
The geolocation data may be overwritten or augmented by creating a custom IP group.
For example, create a new IP group called “Internal” and add 10.0.0.0/8 and 192.168.0.0/16. Alternately, create a new IP group with Select by Country Code. In the example, the group is named North America and includes the US, MX, and CA.
A custom IP group will override only the geolocation database for the tenant in which the IP group was created.