LB Pipeline Support for Post DNAT using FW Tuples
search cancel

LB Pipeline Support for Post DNAT using FW Tuples

book

Article ID: 321145

calendar_today

Updated On:

Products

VMware NSX

Issue/Introduction

This article provides information onĀ Datapath Pipeline support which is DNAT > FW > LB or FW > LBĀ  and not (FW > DNAT > LB).

Symptoms:
LB rule fails to match if the pipeline is FW > DNAT > LB.

Environment

VMware NSX-T Data Center 2.x
VMware NSX-T Data Center

Cause

This issue occurs because as VMware does LB lookup using the tuple used for FW. If the Rule is not written using those tuples, the LB rule will not be found. As DNAT changes the the addresses, the FW and LB tuples have to match.

Resolution

To resolve this issue, write rules which follow the following Pipeline DNAT > FW > LB.

Powered by Wolken Software