When NSX Advanced Load Balancer is configured to provide application delivery services in Microsoft Azure, the NSX Advanced Load Balancer cloud configuration process requires an Azure Virtual Network (VNet) and subnet to be specified. The NSX Advanced Load Balancer Service Engines created by the NSX Advanced Load Balancer Controller obtains a NIC and an IP address in the specified subnet of the VNet.
Use Case
In some Azure deployment use cases, customers would like to use a different subnet for some Service Engines. This is particularly useful in a topology where the same VNet has an external subnet, followed by traffic going through a firewall and then to an internal subnet. In these cases, there is a requirement to use the external subnet to host a virtual service to decrypt SSL and load balance traffic to the firewalls. The firewalls then route the traffic to a second virtual service, which could provide additional services, including SSL re-encryption if required.
To allow such use cases on Microsoft Azure, NSX Advanced Load Balancer allows overriding the Service Engine management network at a per Service Engine Group level.
This feature can be configured using NSX Advanced Load Balancer CLI or the REST APIs.
The SE network should be a subnet within the VNet set at the cloud level.
Any modification to this option will take effect only on the new SEs created after the change, and it will not affect the existing SEs.
Configuring SE Network through NSX Advanced Load Balancer CLI
Log into the NSX Advanced Load Balancer CLI and use the configure serviceenginegroup <group name> command to set or override the subnet for a SE in a Service Engine group.
[admin:10-10-1-1]: > configure serviceenginegroup segrp1 [admin:10-10-1-1]: serviceenginegroup> data_network_id azure-subnet [admin:10-10-1-1]: serviceenginegroup> save
azure-subnet is the name of the subnet from which the IP address for the specified Service Engine group will be allocated. azure-subnet must be within the VNet configured earlier as part of the Azure cloud.
