Virtual Appliance Network Interfaces
Article ID: 237724
Updated On:
Products
Issue/Introduction
We are starting to plan for a new Internal API Gateway Virtual VMware Appliance and had a couple of questions.
We are looking to have one network interface that will handle the incoming requests and three network interfaces which will handle the outgoing requests with each one having access to a different VLAN.
Is this possible with the VMware Appliance and how would we direct a policy to use a specific network interface?
Environment
Release : 10.0
Component : API GATEWAY
Resolution
NOTE: This is a customized configuration beyond our docs. This type of configuration would need to be done on the appliance by Linux Network admin at the OS level (customizing iptables, routing….)
First issue inbound and configuration I think the multi interface docs looks like a possibility. Will the three need to share the same listening port (8443) and service? If so can they be defined using an address pattern?
Configure a new interface using Address patterns for selected interfaces in Policy Manager - Manage listening Ports. Can the three be defined by a address patterns
Example Name: “Inbound” with address pattern 10.74.32.0/21
10.74.32.0/21 (Subnet) Range 10.74.32.1 - 10.74.39.254
Outbound
If you created a vlan interface on the Gateway... you can clone the existing interface by adding a Vlan link to it
# ip link add link ssg_eth0 name ssg_eth0.1 type vlan id1
# ip link set ssg_eth0.1 up
First line is to add a link to the existing ssg_eth0 (can be done to any of the configured interface) and to assign to it the VLAN ID tag, second line to bring the interface up, then they can setup the virtual interface with the correct ip
The outbound doesn't matter... tcp packets carrying a vlan tag should be routed to correct subnet/ip
Feedback
