NSX Advanced Load Balancer Service Engine data interfaces can be assigned to multiple VRFs (Virtual Routing and Forwarding Context). Virtual Routing Framework, or VRF, is a method of isolating traffic within a system. This is also referred to as a 'route domain' within the load balancer community.

NSX Advanced Load Balancer supports the assignment of SE data interfaces to multiple VRFs in the following clouds:

  • No Access Cloud

  • Linux server Cloud

  • vCenter Cloud in provider mode

Note:

Multiple VRFs are only supported in Linux server clouds for SEs with DPDK enabled.

Types of Interface Supported

The VRF property for the following types of data interfaces can be modified, via the REST API, UI, or CLI.

  • Physical interfaces

  • Port-channel interfaces

  • VLAN interfaces

The following types of data interfaces do not support modification of the VRF property. If you try to modify them, then the system will display an error message:

  • Port-channel member interfaces

  • Management interface

Dependency on In-band Management

Each deployed Service Engine has in-band management. When enabled, the management interface of the Service Engine (i.e., the interface used to communicate with the Controller cluster) is also used for data plane traffic.

If in-band management is enabled on an SE, that SE will not support multiple VRFs.

To enable multiple VRFs on an SE, it must be deployed with in-band management disabled. The caveat with disabling in-band management is that the management interface will not be used for data plane traffic. Hence, no virtual service will be placed on this interface, and this interface will not be used to communicate with back-end servers.

For more information on enabling or disabling in-band management, see Configuring In-band Management for an NSX Advanced Load Balancer Service Engine.

Modifying SE Data Interface VRF using the UI

You can update SE physical port-channel and VLAN interface VRFs, if there are multiple VRFs configured in the tenant and cloud to which the SE belongs.



Modifying SE Data Interface VRF using the CLI

You can set VRF for physical and VLAN interfaces through CLI as follows: