We will first enable the load balancer service on NSX Edge Services Gateway.
|Enable Load Balancer Service|
- Communication between the management station and the virtual server 172.16.20.101, tcp port 443
Communication between NSX Edge Load Balancer and the pool members.
Comm. between Mgmt. Station & Virtual Server Comm. between load balancer & pool members
It is worth noting that in the case when a secondary IP address 172.16.20.101 is assigned to single vnic of NSX Edge Load Balancer & the secondary IP address is used to create virtual server, the load balancer uses the primary IP address 172.16.20.100 to establish a connection between itself and the pool members.
Both the above packet captures are done at the same time while trying to access the web page at https://172.16.20.101
NSX Edge Load Balancer is working as a reverse proxy and from the packet captures, it is evident that there are two different TCP connections –
- One between initiator and load balancer
- The other between load balancer and pool member
NSX Edge Load Balancer supports below features:
1. SSL Offload
2. SSL Bridging
3. HTTP Profile with ‘insert X-Forwarded-For’
4. Cookie based persistence as well as source IP based persistence is supported.
5. Redirection from http to https
6. Multiple ciphers can be used.
7. Load balancing algorithms which are supported are:
- Round robin
- IP Hash
- Least connection
Some very useful resources:
NSX Admin Guide
NSX Reference Design Guide