Virtual Routing Framework (VRF) is a method of isolating traffic within a system. This is also referred to as a routing domain within the load balancer community.
In NSX Advanced Load Balancer deployments with VMware vCenter, all port groups discovered from vCenter are placed into a single VRF context, by default, called Global. VRF contexts simplify virtual service deployment by organizing the port groups discovered from vCenter into subsets.
If multiple VRF contexts are configured, the workflow for creating a virtual service begins with selecting the VRF in which the virtual service is placed. The web interface presents only the networks in the selected VRF context as valid targets for placing that virtual service.
Global VRF and Admin Tenant
When a VMware cloud is created on the NSX Advanced Load Balancer Controller, NSX Advanced Load Balancer adds all of the port groups learned from vCenter into a VRF named Global in the admin tenant.
Additional VRF contexts can be created in the admin tenant, and individual port groups can be moved from the global VRF into the other VRF contexts. The VRF contexts and their port groups remain in the admin tenant but are available for selection by other tenants when they create virtual services, as shown in the following example:
NSX Advanced Load Balancer Provider Mode
When integrated with a vCenter-managed cloud, NSX Advanced Load Balancer operates in Provider mode. This is not the same as a virtual routing context. Provider mode is an NSX Advanced Load Balancer deployment mode wherein all the cloud’s network resources — the packet plumbing — remain in the admin tenant and cannot be moved. To configure VRF contexts and move port groups into them, the NSX Advanced Load Balancer user must have write privileges for the admin tenant.
Configuring VRF
This section gives steps for creating VRF contexts on the Service Engine Group, moving port groups to the VRF contexts, and creating virtual services in those contexts.