Microsoft Azure Gateway Load Balancer Deep Dive

  Рет қаралды 16,399

John Savill's Technical Training

John Savill's Technical Training

Күн бұрын

In this video we explore the Microsoft Azure Gateway Load Balancer to provider a seamless integration with Network Virtual Appliances and remove many of the previous NVA-associated pain points!
🔎 Looking for content on a particular topic? Search the channel. If I have something it will be there!
▬▬▬▬▬▬ C H A P T E R S ⏰ ▬▬▬▬▬▬
0:00 - Intro
0:28 - Offering public services
1:42 - Adding NVA in the flow
4:00 - Gateway load balancer
6:23 - Creating a gateway load balancer
7:14 - Chaining to a gateway load balancer
10:40 - Providers and consumers
11:18 - GW LB separation
12:50 - The flow of traffic
15:20 - Bump in the wire
16:35 - Enter VxLan
19:38 - Two tunnels
24:14 - My setup of the dummy NVA for testing
27:00 - Health probes and NSGs
28:18 - Looking at traffic through NVA
29:40 - Summary and next steps
30:55 - Me whining about a lack of autoexec.bat in Linux
▬▬▬▬▬▬ K E Y L I N K S 🔗 ▬▬▬▬▬▬
► Whiteboard:
🔗 github.com/johnthebrit/Random...
► My setup file in GitHub:
🔗 github.com/johnthebrit/Random...
► Microsoft doc on creating a GW LB:
🔗 docs.microsoft.com/en-us/azur...
▬▬▬▬▬▬ Want to learn more? 🚀 ▬▬▬▬▬▬
📖 Recommended Learning Path for Azure
🔗 learn.onboardtoazure.com
📅 Weekly Azure Update
🔗 • Azure Infrastructure U...
☁ Azure Master Class
🔗 • Microsoft Azure Master...
⚙ DevOps Master Class
🔗 • DevOps Master Class
💻 PowerShell Master Class
🔗 • PowerShell Master Class
🎓 Certification Cram Videos
🔗 • Microsoft Certificatio...
❔ Question about my setup?
🔗 • My Setup
SUBSCRIBE ✅ / @ntfaqguy
#microsoft #azure #johnsavillstechnicaltraining #onboardtoazure #cloud

Пікірлер: 48
@jonathanclyde4725
@jonathanclyde4725 2 жыл бұрын
This could be very nice thing for governance too; azure policy to require chaining to be enabled on public ips and public load balancers, as opposed to just not allowing them to be created
@csande572
@csande572 Жыл бұрын
John, thank you for adding in the underlying GRE used for chaining as well as the VxLAN for GWLB to NVA. As you stated this knowledge may not necessarily be needed but it goes a long way for me, as the more I understand how it functions in the background the clearer it becomes as to how it really all ties together. Another great video. I have enjoyed many and appreciate your skills in presenting the technical details in such a clear and easy to understand manner.
@patricksigrist4831
@patricksigrist4831 2 жыл бұрын
Thank you John. It’s really amazing at what speed you create videos for newly released Azure features. It‘s very much appreciated! And I love your trademark “super quickly” and ‘for a second”
@NTFAQGuy
@NTFAQGuy 2 жыл бұрын
hehe, my pleasure :-D
@notoriousft
@notoriousft 2 жыл бұрын
I was just studying load balancers, firewalls today. Thanks John.
@NTFAQGuy
@NTFAQGuy 2 жыл бұрын
Hey everyone, welcome to this video diving into a really cool load balancer solution related to NVAs. Please make sure to read the description for the chapters and key information about this video and others. ⚠️ P L E A S E N O T E ⚠️ 🔎 If you are looking for content on a particular topic search the channel. If I have something it will be there! 🕰️ I don't discuss future content so please don't ask 😇 Thanks for watching! ☁️🤙💪
@gauravgoel2597
@gauravgoel2597 2 жыл бұрын
Thank you so much for this wonderful video. It really helped me clear the doubts I had for Azure Gateway Load Balancer. I must say you were able to cover everything essential to understand the Azure GLBs in half an hour really effectively. This was my first video of yours and I've loved every bit of it.
@NTFAQGuy
@NTFAQGuy 2 жыл бұрын
Glad it was helpful!
@synthmania7275
@synthmania7275 2 жыл бұрын
As always John! On point. Much appreciated!!
@NTFAQGuy
@NTFAQGuy 2 жыл бұрын
My pleasure!
@ItIsFullyFaltu
@ItIsFullyFaltu 2 жыл бұрын
Thanks a lot.. u explained the packetflow in detail. thats wat we want.. thanks a lot John
@omartin2009
@omartin2009 2 жыл бұрын
man, a lot of things have changed since I've been doing active/active FW designs with VIPs etc... !!! This is great innovation, thanks for sharing your wealth of knowledge!
@NTFAQGuy
@NTFAQGuy 2 жыл бұрын
hehe, yeah, solves some big issues!
@omartin2009
@omartin2009 2 жыл бұрын
@@NTFAQGuy huge! The vxlan business I'd have to dig back but I love the video you've done. Thanks again!
@1chrisandrew1
@1chrisandrew1 2 жыл бұрын
This is awesome - and thank you for sharing your Linux NVA setup
@NTFAQGuy
@NTFAQGuy 2 жыл бұрын
Very welcome 🤙
@ToivoVoll
@ToivoVoll 2 жыл бұрын
Thank you for the video, this is really good stuff, and very relevant to us. The GLB definitely addresses a major pain point.
@NTFAQGuy
@NTFAQGuy 2 жыл бұрын
Glad you enjoyed it!
@cma9br
@cma9br 2 жыл бұрын
Good new network feature. Thank you John!
@NTFAQGuy
@NTFAQGuy 2 жыл бұрын
You're welcome!
@blkh2040
@blkh2040 2 жыл бұрын
Thank you for the deep dive - very helpful.
@NTFAQGuy
@NTFAQGuy 2 жыл бұрын
My pleasure!
@MattRootsTube
@MattRootsTube 2 жыл бұрын
Reminds me of Palo Alto firewall Virtual Wires in the physical world, except the PA firewall is the NVA performing the analysis of the traffic on the vWire. Interesting feature for the SDWAN world; thanks for the overview.
@christianibiri
@christianibiri 2 жыл бұрын
Awesome!!!!!
@z0nerider
@z0nerider 2 жыл бұрын
I was waiting for this video to be released...
@NTFAQGuy
@NTFAQGuy 2 жыл бұрын
Great
@amishel2006
@amishel2006 2 жыл бұрын
How does GWLB fit into existing Virual Wan, where traffic inspection is required for all packets traversing the vhub?
@NTFAQGuy
@NTFAQGuy 2 жыл бұрын
Vwan has its own secured version
@juanpabloguerra9512
@juanpabloguerra9512 2 жыл бұрын
This is great for public traffic. How about hybrid scenarios where incoming traffic to VMs is private? Can I chain the gw lh to a private std lb or instance level private IP? Thanks for the amazing explanation
@NTFAQGuy
@NTFAQGuy 2 жыл бұрын
i talked about its front end can have a private ip
@ryancallan2759
@ryancallan2759 2 жыл бұрын
John, great video as always - Because this is an internal load balancer, can you confirm that this doesn't help when it comes to using those NVAs as VPN device? so if we wanted to establish a site-to-site VPN or point-to-site, then we can not take advantage of this feature?
@NTFAQGuy
@NTFAQGuy 2 жыл бұрын
This is not the initial connection point.
@markkuijper1802
@markkuijper1802 2 жыл бұрын
Hi John. Great video as always. Two questions: 1. How does Azure Firewall relate to this ? (I would like to chain public IP's to Azure Firewall and not use NVA's / IaaS) 2. Can I chain just "any" public Azure IP to this (more specific public IP's of tenant specific PaaS services like Azure SQL, Azure storage account, etc.) ? (If so this would be great to chain "any public IP" in once tenant to a central security device independent of the Azure service and its configuration)
@NTFAQGuy
@NTFAQGuy 2 жыл бұрын
Not aware az fw uses this yet and it’s early preview so interaction with other paas not really known
@Feed2Brain
@Feed2Brain 2 жыл бұрын
Great feature from Azure with Great explanation from #johnsavillstechnicaltraining Thanks you very much :) . Happy Learning
@NTFAQGuy
@NTFAQGuy 2 жыл бұрын
Glad it was helpful!
@felipeccardoso
@felipeccardoso 2 жыл бұрын
Are the consumers can have only private ips and chain to Gateway Load Balancer?
@NTFAQGuy
@NTFAQGuy 2 жыл бұрын
I don't understand your question. The GWLB is chained to a public SLB or instance IP as I cover in the video.
@felipeccardoso
@felipeccardoso 2 жыл бұрын
@@NTFAQGuy Example: If I have a virtual machine without a public ip, can I direct all internet traffic to NVAs that are backends for Gateway Load Balancer? No need for UDR configured, just via Chain between the VM's network card (only private IP configured) and the Gateway Load Balancer?
@NTFAQGuy
@NTFAQGuy 2 жыл бұрын
It seems to let you :-)
@liamobrien1506
@liamobrien1506 2 жыл бұрын
Great video! Will the gateway also chain with Application Gateway?
@NTFAQGuy
@NTFAQGuy 2 жыл бұрын
Not today to my knowledge but not tried
@Marcelk86
@Marcelk86 2 жыл бұрын
@@NTFAQGuy AFAIK it will work as the chaining is configured at the PIP level?
@NTFAQGuy
@NTFAQGuy 2 жыл бұрын
@@Marcelk86 it may, not tried. Sometimes there are funny combinations that break. I may try it at some point.
@hammerinheeb
@hammerinheeb 2 жыл бұрын
Is it required to have the NVA send the packets back? What if I just want a copy here, and that's it? Is there a setting that allows that? Just learning about this, and this was an AWESOME video, thanks John!
@NTFAQGuy
@NTFAQGuy 2 жыл бұрын
its a bump in the wire. Technically does not have to send back providing something else is splitting
@hammerinheeb
@hammerinheeb 2 жыл бұрын
@@NTFAQGuy Thanks John! Still a bit confused though. So I can just have my NVA sit behind this GWLB, and ingest a copy of all packets and not send them back out? It seems there are 2 tunnels here as you explained. I want to just get a copy of every packet and not worry about routing them back to the destination via my NVA, but of course the packets would still need to go their original destination....if that is possible. Again, thanks! I see packet mirroring is one of the features of this as described by the docs in Azure, I just don't see how that works.
@NTFAQGuy
@NTFAQGuy 2 жыл бұрын
@@hammerinheeb it is part of the path. It is not mirroring so if it does not send back packets they are lost. Something would have to mirror before sending or most likely nva need to send the packets on as bump in the wire
Picking the right Azure Load Balancing Solution
42:28
John Savill's Technical Training
Рет қаралды 41 М.
Microsoft Azure Private Link Deep Dive
57:02
John Savill's Technical Training
Рет қаралды 86 М.
Joven bailarín noquea a ladrón de un golpe #nmas #shorts
00:17
Do you have a friend like this? 🤣#shorts
00:12
dednahype
Рет қаралды 43 МЛН
Indian sharing by Secret Vlog #shorts
00:13
Secret Vlog
Рет қаралды 50 МЛН
Bro be careful where you drop the ball  #learnfromkhaby  #comedy
00:19
Khaby. Lame
Рет қаралды 40 МЛН
Azure Load Balancer Deep Dive
49:28
John Savill's Technical Training
Рет қаралды 62 М.
Gateway Load Balancers
13:41
LearnCantrill
Рет қаралды 13 М.
Azure Virtual Network Manager Deep Dive
1:02:56
John Savill's Technical Training
Рет қаралды 23 М.
Microsoft Azure Application Gateway Deep Dive
1:03:29
John Savill's Technical Training
Рет қаралды 104 М.
Azure Load Balancer
2:31:14
Hussein Awad
Рет қаралды 2,7 М.
NAT and NAT Gateway in Azure
21:38
John Savill's Technical Training
Рет қаралды 23 М.
Picking which Azure AD Synchronization Technology! AAD Connect vs Cloud Sync
35:27
John Savill's Technical Training
Рет қаралды 39 М.
Understanding Microsoft Azure Availability Zones!
16:05
John Savill's Technical Training
Рет қаралды 38 М.
A Comprehensive Guide to Using Zoyya Tools for Photo Editing
0:50
3.5.A Solar Mobile 📱 Charger
0:39
Gaming zone
Рет қаралды 315 М.
The power button can never be pressed!!
0:57
Maker Y
Рет қаралды 54 МЛН