Network Service Configuration

Overview

This guide explains the configuration process of network service. Network service can be configured per VRF and Service Engine Group. IP routing can be enabled by configuring Network Service of routing_service service type.

You can configure routing functionality per VRF basis. The existing functionality of routing and its associated information such as, enable_routing, floating_interface_ip, enable_vip_on_all_interfaces, and Mac masquerade under SE group are grouped under routing_service service type.

Notes:

  • This feature is supported starting Avi Vantage version 18.2.5.
  • Network Service can be configured only via CLI. The Network Service will be in effect on Active SE only if an interface of the corresponding VRF is present on Service Engine.

Configuring Network Service

The network service configuration is as follows:


configure networkservice NS-Default-Group-Global
    se_group_ref Default-Group
         cloud_ref [cloud name]
    vrf_ref global
    service_type routing_service
    routing_service
       enable_routing
       floating_intf_ip 10.10.10.11
       floating_intf_ip 10.10.40.11
       advertise_backend_networks
       enable_vip_on_all_interfaces
       floating_intf_ip_se_2 10.10.20.11
       floating_intf_ip_se_2 10.10.30.11
       nat_policy_ref nat-policy
   save
save

To disable any feature, use the no-form of the CLI as follows:

configure networkservice NS-Default-Group-Global
    se_group_ref Default-Group
    vrf_ref global
    service_type routing_service
    routing_service
        no enable_routing
    save
save

Migrating Network Service

When upgrading from an older release to 18.2.5, for any legacy Active/Standby SE group that had routing enabled in the originating release, there will be a Network Service automatically created on upgrade to 18.2.5. Any subsequent changes to be done such as changing floating interface IP etc has to be changed in the new Network Service.

Migration routines are added to create Network Service of type routing_service for Service Engine group with Enable-Routing/Floating Interface IP configured.

Above Network Service will be created using the tenancy as Service Engine Group Tenant and Tenant Default VRF.

For instance,

If the Service Engine Group tenant is admin, Network Service will have admin as tenant and the VRF as global.

If the Service Engine Group tenant is non-admin, Network Service will be created only if tenant has tenant_vrf mode enabled. Network Service creates with the VRF as Tenant’s Default-VRF.

Pre-Upgrade

IP routing is enabled in the SE group properties.


admin:10-10-24-165]: > show serviceenginegroup 4-core-SEs
+---------------------------------------+---------------------------------------------------------+
| Field                                 | Value                                                   |
+---------------------------------------+---------------------------------------------------------+
| uuid                                  | serviceenginegroup-a8030858-e586-4d45-99f1-54d9aac62b03 |
| name                                  | 4-core-SEs                                              |
| max_vs_per_se                         | 10                                                      |
| min_scaleout_per_vs                   | 2                                                       |
| max_scaleout_per_vs                   | 2                                                       |
| max_se                                | 2                                                       |
| vcpus_per_se                          | 4                                                       |
| memory_per_se                         | 2048                                                    |
| disk_per_se                           | 10 gb                                                   |
| max_cpu_usage                         | 80 percent                                              |
| min_cpu_usage                         | 30 percent                                              |
| se_deprovision_delay                  | 120 min                                                 |
| auto_rebalance                        | False                                                   |
| se_name_prefix                        | Avi                                                     |
| vs_host_redundancy                    | True                                                    |
| vcenter_folder                        | AviSeFolder                                             |
| vcenter_datastores_include            | False                                                   |
| vcenter_datastore_mode                | VCENTER_DATASTORE_ANY                                   |
| vcenter_hosts                         |                                                         |
| host_refs[1]                          | 10.10.16.94                                             |
| include                               | True                                                    |
| cpu_reserve                           | True                                                    |
| mem_reserve                           | True                                                    |
| ha_mode                               | HA_MODE_LEGACY_ACTIVE_STANDBY                           |
| tenant_ref                            | admin                                                   |
| cloud_ref                             | Default-Cloud                                           |
| enable_routing                        | True                                                    |
| advertise_backend_networks            | False                                                   |
| enable_vip_on_all_interfaces          | True                                                    |
| se_thread_multiplier                  | 1                                                       |
| enable_gratarp_permanent              | False                                                   |
| gratarp_permanent_periodicity         | 10 min                                                  |
| floating_intf_ip[1]                   | 10.10.10.11                                             |
| floating_intf_ip[2]                   | 10.10.40.11                                             |
| floating_intf_ip_se_2[1]              | 10.10.20.11                                             |
| floating_intf_ip_se_2[2]              | 10.10.30.11                                             |
| enable_vmac                           | False                                                   |
+---------------------------------------+---------------------------------------------------------+

Post Upgrade

Network Service automatically created for the SE group and routing configurations moved under Network Service. It will no longer be present under SE group settings.


[admin:10-10-24-165]: > show networkservice NS-4-core-SEs-global-admin
+--------------------------------+-----------------------------------------------------+
| Field                          | Value                                               |
+--------------------------------+-----------------------------------------------------+
| uuid                           | networkservice-e8a9f852-7618-4a57-8ece-2b27a925b764 |
| name                           | NS-4-core-SEs-global-admin                          |
| se_group_ref                   | 4-core-SEs                                          |
| vrf_ref                        | global                                              |
| service_type                   | ROUTING_SERVICE                                     |
| routing_service                |                                                     |
| enable_routing                 | True                                                |
| routing_by_linux_ipstack       | False                                               |
| floating_intf_ip[1]            | 10.10.10.11                                         |
| floating_intf_ip[2]            | 10.10.40.11                                         |
| enable_vmac                    | False                                               |
| enable_vip_on_all_interfaces   | True                                                |
| advertise_backend_networks     | False                                               |
| tenant_ref                     | admin                                               |
| cloud_ref                      | Default-Cloud                                       |
| floating_intf_ip_se_2[1]       | 10.10.20.11                                         |
| floating_intf_ip_se_2[2]       | 10.10.30.11                                         |
+--------------------------------+-----------------------------------------------------+

Suggested Additional Reading

Refer to the following KBs for more details: