VRF Support for Service Engine Deployment on Bare-Metal Servers

Starting with Avi Vantage release 16.3, Avi Service Engine data interfaces can be assigned to multiple VRFs (Virtual Routing and Forwarding Context).

Virtual Routing Framework, or VRF, is a method of isolating traffic within a system. This is also referred to as a “route domain” within the load balancer community.

Clouds Types Supported

Avi Vantage supports assignment of Service Engine data interfaces to multiple VRFs only in the cloud types listed below.

Types of Interfaces Supported

The VRF property for the following types of data interfaces can be modified by the user, via the REST API, UI, or CLI.

  • Physical interfaces
  • Port-channel interfaces
  • VLAN interfaces

The types of data interfaces below do not support modification of the VRF property. Any attempt to modify them will result in an error.

  • Port-channel member interfaces
  • Management interface

Dependency on In-band Management

Each deployed Service Engine has a new attribute, “in-band management”. When enabled, the management interface of the Service Engine (i.e., the interface used to communicate with the Avi Controller cluster) is also used for data plane traffic.

  • If in-band management is enabled on an SE, that SE will not support multiple VRFs.
  • To enable multiple VRFs on an SE, it must be deployed with in-band management disabled. The caveat with disabling in-band management is that the management interface will not be used for data plane traffic, and hence no VS will be placed on this interface and this interface will not be used to communicating with back-end servers.

To learn how to disable/enable in-band management read this article.

Creating VRF Contexts

  1. Navigate to Infrastructure > Clouds.
  2. Click on the cloud name.

    Note: If the VMware vCenter cloud is the only one configured, or was the first one configured, the cloud name is "Default-Cloud".

  3. Click VRF Context, then click the Create VRF Context button.vrf1
  4. Enter the name of the VRF context and click Save.vrf2

Modifying SE Data Interface VRF — UI

Service Engine physical, port-channel & VLAN interface VRFs can be updated if there are multiple VRFs configured in the tenant and cloud to which the SE belongs.

Screen Shot 2016-10-17 at 1.56.04 PM Figure. SE editor pulldown menu for updating SE interface VRF

 

Selecting VRF for SE VLAN interface Figure. Selecting VRF for SE VLAN interface

Modifying SE Data Interface VRF CLI

Setting VRF for physical and VLAN interfaces through CLI Figure. Setting VRF for physical and VLAN interfaces through CLI

Creating Virtual Services in a VRF

Note: These steps can be performed from the admin tenant or from another tenant.

  1. Navigate to Applications > Dashboard, and click New Virtual Service.
  2. Select the VRF context from the list, and click Next.vrf5
  3. Enter a name for the virtual service, virtual IP address (VIP) and other properties of the virtual service.
  4. Click Save.

Updated: 2018-01-19 07:12:25 +0000