Global Services That Define Both HTTP and HTTPS Ports

Special consideration is required when a global service with site persistence (SP=ON) defines both HTTP and HTTPS ports, whether the default ports (80 and 443) or any other port-pair.

Case 1: Same Global Application Exposes HTTP on Port 80 and HTTPS on Port 443

You need to set http_to_https to True in the application profile associated with every virtual service participating in the global service. In the NSX Advanced Load Balancer UI, use the application profile as shown below:

Figure 1. HTTP-to-HTTPS is Enabled with a Single Click

Case 2: Same Global Application Exposes Non-default HTTP and Non-default HTTPS Ports

For example, assume the virtual services participating in the global service with site persistence (SP=ON) are defined with port 91 for HTTP and port 9443 for HTTPS.

In addition to optioning http_to_https ON (using the UI, CLI, or REST API), define an HTTP rule for each participating virtual service such that HTTP port 91 is redirected to HTTPS port 9443, as shown below:

Figure 2. Define an HTTP Request Rule that Defines the Ports

CASE 3: No HTTP-to-HTTPS Redirect is in Place

Whether the port settings are the default ones (80 and 443) or any other values, without the HTTP-to-HTTPS redirect in place, site-persistence flow will not work.

Note:

Site Persistence is only used in HTTP/HTTPS applications.
If you configure the GSLB service with an L4 Application profile or other application profiles and enable Site Persistence, the Member will be in OPER DOWN state as shown below:

[admin:1234-siteA-ctrl1]: > show gslbservice gs-1 runtime filter sp_status
+-------------------------+---------------------------------------------+
| Field                   | Value                                       |                                                       
+-------------------------+---------------------------------------------+
| uuid                    | gslbservice-1c34555a-1e8e-4ed8-bc6b         |
| name                    | gs-1                                        |                                                           
| ldr_state               |                                             |                                                              |   last_changed_time     | Thu Nov  9 08:13:01 2023 ms(14436) UTC      |                                              
| groups[1]               |                                             |                                                               
|   name                  | gs-1-pool                                   |                                                       
|   members[1]            |                                             |                                                                
|     cluster_uuid        | cluster-28020b45-3bff-44ba-8ebd-e23e41fcf07a|                     
|     site_name           | siteA                                       |                                                            
|     vs_uuid             | virtualservice-4b03cc81-ed58-4ab2-a83f-     |       
|     vs_name             | dnsvs1-siteA                                |                                                  
|     ip                  | 100.66.70.51                                |                                                   
|     oper_ips[1]         | 100.66.70.51                                |                                                    
|     vip_type            | AVI_VIP                                     |                                                        
|     services[1]         |                                             |                                                                  
|       port              | 53                                          |                                                             
|       enable_ssl        | False                                       |
|       port_range_end    | 53                                          |
|       enable_http2      | False                                       |
|     app_type            | APPLICATION_PROFILE_TYPE_DNS                |
|     sp_pools[1]         |                                             |
|       uuid              | pool-1c34555a-1e8e-4ed8-bc6b-cfefd413af02   |
|       name              | SP-gs-1-dnsvs1-siteA                        |
|       num_servers       | 0                                           |
|       num_servers_up    | 0                                           |
|       enable_http2      | False                                       |
|     controller_status   |                                             |
|       state             | OPER_UP                                     |
|       last_changed_time | Thu Nov  9 08:13:37 2023 ms(548636) UTC     |
|   oper_status           |                                             |
|     state               | OPER_UP                                     |
|     last_changed_time   | Thu Nov  9 08:13:37 2023 ms(548694) UTC     |
| services_state          | Services-In-Sync                            |
| tenant_name             | admin                                       |
| checksum                |771560f8a9252e41a11f5948ce563d5bd7a          |
| sp_oper_status          |                                             |
|   state                 | OPER_DOWN                                   |
|   reason[1]             | Invalid application profile in              |        |                           GslbPoolMembers                             |
|   reason_code           | 15020                                       |
|   last_changed_time     | Thu Nov  9 08:13:37 2023 ms(548792) UTC     |
|   reason_code_string    | SYSERR_GSLB_SERVICE_INVALID_APPLICATION_PROFILE                         |
| domain_names[1]         | app-1.com                                   |
+-------------------------+---------------------------------------------+
[admin:1234-siteA-ctrl1]: >