Note:
- This tutorial requires access to Oracle Cloud. To sign up for a free account, see Get started with Oracle Cloud Infrastructure Free Tier.
- It uses example values for Oracle Cloud Infrastructure credentials, tenancy, and compartments. When completing your lab, substitute these values with ones specific to your cloud environment.
Configure DNS Virtual Service on NSX Advanced Load Balancer in Oracle Cloud VMware Solution SDDC
Introduction
In this series, we have covered the deployment and configuration of NSX Advanced Load Balancer (formerly known as Avi Networks) controllers.
This is the third tutorial which describes how to configure Domain Name System (DNS) virtual service on VMware NSX Advanced Load Balancer (NSX ALB) controller hosted on an Oracle Cloud VMware Solution Software-Defined Data Center (SDDC).
Objectives
-
Configure DNS virtual service on VMware NSX Advanced Load Balancer (Avi) controller hosted in Oracle Cloud VMware Solution SDDC. Administrators will be able to:
-
Define the IP address range.
-
Create a custom DNS application profile.
-
Deploy DNS virtual service and configure it to host DNS records for the upcoming websites or applications hosted via NSX ALB.
-
Prerequisites
- NSX ALB (Avi) controller has been deployed and configured on the Oracle Cloud VMware Solution SDDC, see Tutorial 1: Deploy VMware NSX Advanced Load Balancer on Oracle Cloud VMware Solution SDDC and Tutorial 2: Configure VMware NSX Advanced Load Balancer on Oracle Cloud VMware Solution.
Task 1: Define IP Range on the NSX-T Cloud Connector Network Profile
After adding NSX-T Cloud connector on Oracle Cloud VMware Solution SDDC, we need to define the network IP ranges that will be assigned to Service Engines (SE) and virtual services. To define the IP range, follow these steps:
-
Log in to the NSX ALB (Avi) controller portal, under Infrastructure tab, expand Cloud Resources, click Networks, and then select OCVS NSX-T Cloud connector from the drop-down menu.
We should see the networks that we select during the NSX-T Cloud connector wizard. The
avi-mgmt
overlay segment will provide management IP addresses to the NSX ALB (Avi) Service Engine. We will carve out a portion of IP address from this range that will be used by Service Engines. -
Click Edit for the
avi-mgmt
network and enter IP Address Management information.- Enable DHCP: Deselect enable DHCP.
- Enable IPv6 Auto Configuration: Deselect enable IPv6 auto configuration.
- Routing Context:
global
.
-
In the Subnets section, click Add and enter the following information.
- Subnet Prefix: Enter the CIDR for the
avi-mgmt
overlay segment. - Deselect the Use Static IP Address for VIPs and SE.
- Subnet Prefix: Enter the CIDR for the
-
In Static IP Ranges, click Add and enter the IP Address Range for the virtual service virtual IP (VIP), IP address range used for Service Engine (SE) vNIC, and then save the configuration.
-
Click Save to save the configuration again in the Edit Network Settings window.
-
We also need to define IP address range for the
avi-vs
segment as it is required by Service Engines to connect to the backend servers. Click Edit link for theavi-vs
overlay segment and enter IP Address Management information.- Enable DHCP: Deselect enable DHCP.
- Enable IPv6 Auto Configuration: Deselect enable IPv6 auto configuration.
- Routing Context:
Tier-1
.
-
In the Subnets section, click Add and enter the following information.
- Subnet Prefix: Enter the CIDR for the
avi-vs
overlay segment. - Deselect the Use Static IP Address for VIPs and SE.
- Subnet Prefix: Enter the CIDR for the
-
In Static IP Ranges, click Add and enter the IP Address Range for the virtual service virtual IP (VIP) and IP address range use for Service Engine (SE) vNIC, and then save the configuration.
-
Click Save to save the configuration again in the Edit Network Settings page.
The configuration is shown in the following image.
Task 2: Add a Default Route on the Tier-1 Virtual Routing and Forwarding (VRF)
We need to define static route for the virtual service overlay segment.
-
Under the Infrastructure tab, click Cloud Resources and VRF Context.
-
Click on the Select Cloud drop-down list and select OCVS NSX-T as Cloud connector.
-
Click Edit to edit the Tier-1 VRF context. Under Static Route, click Add.
-
Enter the following information and click Save.
- Gateway Subnet: Default route
0.0.0.0/0
. - Next Hop: Pointing it to the
avi-vs
default gateway which is172.28.11.1
.
- Gateway Subnet: Default route
Task 3: Deploy a DNS Virtual Service
NSX ALB has an inbuilt DNS server functionality to offer dynamic name resolution for the virtual services that are created. In most cases, we define NSX ALB as an authoritative DNS server. We can create a DNS delegation and forwarder from the corporate networks and point the domain demoocvs.xyz
to DNS virtual service for name resolution. To deploy DNS virtual service, follow these steps:
-
Log in to the NSX ALB (Avi) controller portal, navigate to Applications, Virtual Services, Create Virtual Service and click Advanced Setup.
-
In the Select Cloud window, select OCVS NSX-T and click Next.
-
In the VRF Context, select Tier-1.
-
Enter the Virtual Service Name and select the Application Profile as
System-DNS
. -
Click on the VS VIP drop-down list, Create VS VIP and select Tier1 Logical Router as
Tier-1
. -
In the VIP window, click Add. Keep the default options and enter
avi-vs
as VIP Address Allocation Network, specify the associated CIDR block as IPv4 Subnet, and then click Save. -
In the DNS section, click Add, keep the default configuration, and then click Save.
-
We are not adding any backend pool. Click Next and keep the default options under the Policies section.
-
In the Analytics section, update non-significant log duration to
0
to keep all the non-significant logs and click Next to finish the wizard.
NSX ALB (Avi) controller will initiate deployment of the SE on Oracle Cloud VMware Solution vCenter. It will take few minutes and the DNS virtual service will change to green or available state.
NSX ALB (Avi) would have deployed two Service Engines as per the default configuration and the SE virtual machines (VM’s) will get an IP from the range we defined in the above step.
Task 4: Configure a DNS Virtual Service to host DNS Records
We have deployed the base DNS service which will host DNS records for all upcoming applications or websites that we host via NSX ALB.
-
Log in to the NSX ALB (Avi) controller portal, navigate to Administration, System Settings and click Edit.
-
In the DNS Service section, click Add. In the Virtual Service drop-down list, select the DNS virtual service that we deployed in Task 3 and click Save.
Next Steps
To configure HTTP virtual service on NSX Advanced Load Balancer in Oracle Cloud VMware Solution SDDC for internal users, see Tutorial 4: Configure HTTP Virtual Service on NSX Advanced Load Balancer in OCVS SDDC for Internal Users.
Acknowledgments
- Author - Vaibhav Tiwari (Cloud VMware Solutions Specialist)
More Learning Resources
Explore other labs on docs.oracle.com/learn or access more free learning content on the Oracle Learning YouTube channel. Additionally, visit education.oracle.com/learning-explorer to become an Oracle Learning Explorer.
For product documentation, visit Oracle Help Center.
Configure DNS Virtual Service on NSX Advanced Load Balancer in Oracle Cloud VMware Solution SDDC
F93336-01
February 2024
Copyright © 2024, Oracle and/or its affiliates.