Azure multiple VM-series with UDR and Load balancers

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Azure multiple VM-series with UDR and Load balancers

L1 Bithead

Hello,

 

At this moment I am doing a PoC for a client in Azure with two VM-300 in the so called "Sandwich" mode. So for traffic coming from the internet I have the following path: ELB > VM-300 (x2) > ILB > Webserver (x2). Both VM-300 and Webservers are both in a seperate availabilty set. 

 

I managed to load balance the traffic from the internet on the ELB, over both VM-300s and the via the ILB to both Webservers. So far so good!

 

Now I ask myself the question, how do I load balance the traffic, that initiates from the webservers to the internet? on the UDR I can only point to one VM-300, not both. I cannot use a ILB for anykind of SNAT or put in in routed mode.

 

As far as I can see, they only thing I can do is change the UDR via a script (e.g. zookeeper) in case one of the VM-300s goes down. how do you guys handle this? How do you achieve load balance/HA for outbound server traffic to the internet or other zones in the case of two VM-300s?

 

Many thanks

regards

Michel van KesselKnipsel.PNG

15 REPLIES 15

L4 Transporter

Ive found the symmetric flow to be an issue.  I have an external client coming in through an Azure public load balancer, through my pair of PA firewalls, and into an internal load balancer which delivers the traffic to the servers.  However the reply traffic doesnt work unless i make the firewalls source NAT the inbound traffic.   The default route outbound from the backend servers is an internal load balancer across the two firewalls. sometimes the reply traffic goes back through the other firewall, therefore breaking symmetry.

  • 19862 Views
  • 15 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!