Highly Available NVAs in Microsoft Azure

Показать описание

In this video we go super deep on things like symmetric routing, SNAT, hashing to support highly available NVAs in Azure.

00:00 Introduction
01:38 Load Balancer functionality review
06:48 Floating IP
08:52 Next hop behavior
10:55 SDN L3 differences from a L2 physical world and numbers of NICs
14:37 Stateful HA NVAs
16:12 Internal facing NVAs
26:15 External and internal NVAs. No SNAT
32:38 With SNAT!
36:15 x-forwarded-for with SNAT
37:14 Using Floating IP
39:30 Using Route Server
44:00 Summary

Рекомендации по теме

Комментарии

this kind of video goes beyond Azure / cloud knowledge, you learn about principals. John is the man!

MrSelecta

Most of the times I'm really surprised how this kind of content is so underrated. To allow John continue his job it is very simple that he has to get fair payment for this. Please share this content with your colleagues! Cloud is the future and your future is tomorrow! :)

et

No one goes into that level of details! Thank you very much 🙏

emptywords

Like everyone else in the comments is saying, great video! Clear, thorough, easy to follow. It has it all. It blows my mind that a video like this can have over 16k views and only 482 (as of now) likes. Wake up, people. Hit that thumb. There isn't better Azure content out there that I can find.

jasonharris

Hey John, your videos are turning out to be one stop shop for all queries on complex issues on Azure environment... Thanks a ton for posting such informative videos

maheshadate

Detailed, direct to the point, touching different real world scenarios and awesome, like always!
Thanks John 🤟

erichosseini

Whoa... this was...'Brainfull'! I am overloaded, need to go back and rewatch this. Thanks a bunch John!
You are like the Tech whisperer, a couple of days back we were configuring the Palo Alto Firewall Appliance in Azure, and now it's slowly making sense why the configuration needed to be a certain way! Woohoo. You are amazing.

iamdedlok

Excellent content! Am looking forward to your next video on Azure Route Server especially NVA’s and routing to Azure Private Link IP’s.

jakehardluck

Brilliant video. You often cover something I've thought about but haven't made time to research. I love all the whiteboard sessions but in particular I'd really like to see a "putting/seeing it in practice session"

TomWhi

I know just saying thanks won't be enough to all your hard work which you had done and are doing continuously to teach azure Cloud to all those who are interested. It's really amazing and you are one the best Tutor on Azure. Thank you John for all your efforts. By the way what inspire you most & how you looks so fit. It's really Crazyyyy

MayankSingh-ywkc

Thanks for sharing your knowledge. Looking forward to the ARS video

juanpabloguerra

The best explanation of these concepts period.

origamicaptain

Thanks a ton for breaking all of this down. Definitely helped me understand the concepts of HA NVA's!

devops-kinda

Thanks a lot for this incredible explanation. This just saved me 6hours from a presentation on the subject. I appreciate. Keep up the excellent work

neespion

John, very informative training, you are the KING of Azure.Thank you so much.

mentat

Excellent! Thanks John for the teaching! One thing about the ARS and BGP demo, I got what you meant for the ECMP. But what you wrote down on the whiteboard "CIDR2 => NVA1" does not match what you said. Most likely it's just a typo. I guess it should be "CIDR1 => NVA 2".

cedarlee

Great content as always John. Wondering if the route server will break statefulness if the NVAs are Firewalls, with two ECMPs in the route table with both NVAs as the next hop.

karachikings

Hi John, as always, thanks for the hard work, bring us another amazing episode. Quick question, @35:03 the response seems bypassing the Internal LB, so in this case, is the Internal LB being used at all? do we still need it in this case? thanks

shengsheng

MASSIVE CAVEAT FOR ROUTE SERVER: It doesn't work to route between subnets in a vnet, every vnet can only have 1 subnet if you want it to regulate traffic between subnets, due to how the BGP tables are built between vnets and how there's no escape hatch with a user-defined route that works that doesn't end up bouncng the traffic back to the host or the route server in a loop.

However it is awesome for an edge NVA and SD-WAN as John showed, just don't try to use it for an NVA firewall that you want to monitor inter-subnet traffic with.

jgrote

Hi John, great vid as always :) Got one question: a third-party firewall from the Azure Marketplace is essentially a NVA?

ivanbravomunoz

Highly Available NVAs in Microsoft Azure

Highly Available NVAs in Microsoft Azure

MNA 01/18/2019 - High Availability for Network Virtual Appliances in Azure

(Part 8) NVA High Availability options in Azure

Highly Available Azure Functions Web APIs | Azure Functions Next Steps

Deploy and scale appliances with ease using Azure Gateway Load Balancer

Azure and F5: BIG-IP High Availability using Azure LB

F5 BIG-IP Integration with Azure Gateway Load Balancer (GWLB)

Microsoft Azure Gateway Load Balancer Deep Dive

Azure Load Balancer Deep Dive

Azure Availability Sets vs Availability Zones: What are the Difference? SLA

Load balance non-HTTP(S) traffic in Azure AZ-700

High-Availability Architectures in Azure

Deploying & Configuring HA NVA Devices on Azure

AZ-700 | Microsoft | Azure Networking | Azure | Internal Load Balancer | Layer 4

Azure Gateway Load Balancer

Getting Started with Public Load Balancers in Azure

Enable Dynamic Routing using Azure Route Server

NVA Integration with Azure Virtual WAN Hub (Managed NVA Overview)

Azure Hangout 05 - Azure Standard Load Balancer Deep Dive

La haute disponibilité dans AKS

Azure Cloud -- Real-time issues -6

Deploy PALO ALTO Virtual Appliance on Azure with HA Using Azure Load Balancer | Part 1

Azure Route Server Overview

Active/Active NVA on Azure with HaPorts (Palo Alto and SAP RISE)