This section discusses the steps to configure wildcard VIP in a virtual service.
Configuring wildcard VIP is currently supported through the CLI only. Configuring wildcard VIP is through the NSX Advanced Load Balancer Controller CLI is as follows:
Enabling Wildcard VIP in Virtual Service Configuration
To enable wildcard VIP, the placement subnet is mandatory for the virtual service that is referring the inline virtual service VIP.
configure vsvip <vsvip_name>
vip index 0
ip_address 10.0.0.0
prefix_length 8
save
vrf_context_ref <vrf>
tenant_ref <tenant>
cloud_ref <cloud>
save
The placement subnet is configured as shown below:
[admin:abc-ctrl-wildcard]: > show vsvip vsvip-wc-Default-Cloud +---------------------------+-------------------------------------------+ | Field | Value | +---------------------------+-------------------------------------------+ | uuid |vsvip-7524a40f-33d0-4e4e-8d20-193f31b8b39 | | name | vsvip-wc-Default-Cloud | | vip[1] | | | vip_id | | | ip_address | 10.0.0.0 | | enabled | True | | auto_allocate_ip | False | | auto_allocate_floating_ip | False | | avi_allocated_vip | False | | avi_allocated_fip | False | | auto_allocate_ip_type | V4_ONLY | | placement_networks[1] | | | network_ref | vxw-dvs-26-virtualwire-9-sid-2210008-wdc-| | |02-vc21-avi-dev001 | | subnet | 100.64.1.0/24 | | prefix_length | 8 | | vrf_context_ref | global | | east_west_placement | False | | tenant_ref | admin | | cloud_ref | Default-Cloud | +---------------------------+-------------------------------------------+ [admin:abc-ctrl-wildcard]: >
Configuring the Port Range
Port ranges can be configured as part of the service object of the virtual service. You can configure port 0 that accepts the complete port-range of 1-65535.
configure virtualservice <vs-name>
services
port 0
save
save
Configuring the Application Profile
In the application profile, a new field, preserve_dest_ip_port has been introduced to enable the no-DNAT functionality.
As firewalls expect the client traffic unchanged for validation, configure the application profile of the wildcard virtual service with preserve_client_ip, preserve_client_port, and preserve_destination_ip_port.
Configure preserve_destination_ip_port in the application profile.
configure applicationprofile <app_profile_name>
preserve_dest_ip_port
save
The application profile is configured as shown below:
[admin:abc-ctrl-wildcard]: > show applicationprofile test1 | grep preserve| | preserve_client_ip | True || preserve_client_port | True || preserve_dest_ip_port | True |
Configuring Routing Pool
To configure the routing pool,
configure pool <pool_name>
routing_pool
save
The configured routing pools appear as shown below:
[admin:abc-ctrl-wildcard]: > show pool test1 | grep routing_pool| | routing_pool| True | [admin:abc-ctrl-wildcard]: >
