Chapter 16. Managing Networks and Traffic
158
The following objects are created on the load balancer:
• A new VLAN that matches the account's provisioned Zone VLAN
• A self IP for the VLAN. This is always the second IP of the account's private subnet (e.g. 10.1.1.2).
16.7.4. Ongoing Configuration of External Firewalls and Load
Balancers
Additional user actions (e.g. setting a port forward) will cause further programming of the firewall and
load balancer. A user may request additional public IP addresses and forward traffic received at these
IPs to specific VMs. This is accomplished by enabling static NAT for a public IP address, assigning
the IP to a VM, and specifying a set of protocols and port ranges to open. When a static NAT rule is
created, CloudPlatform programs the zone's external firewall with the following objects:
• A static NAT rule that maps the public IP address to the private IP address of a VM.
• A security policy that allows traffic within the set of protocols and port ranges that are specified.
• A firewall filter counter that measures the number of bytes of incoming traffic to the public IP.
The number of incoming and outgoing bytes through source NAT, static NAT, and load balancing rules
is measured and saved on each external element. This data is collected on a regular basis and stored
in the CloudPlatform database.
16.8. Load Balancer Rules
A CloudPlatform user or administrator may create rules that balance traffic received at a public IP
address to one or more VMs. A load balancer rule is useful for distributing requests evenly among
a pool of services. A service in this context means an application running on a virtual machine. The
pool of services consists of multiple VMs running the same application. A user or cloud administrator
creates a load balancer rule, specifies an algorithm, and assigns the rule to a set of VMs. Once the
rule is in effect, each incoming request might be forwarded to any one of these redundant application
instances, depending on the load balancing algorithm that has been specified in the rule.
Note
If you create load balancing rules while using a network service offering that includes an external
load balancer device such as NetScaler, and later change the network service offering to one that
uses the CloudPlatform virtual router, you must create a firewall rule on the virtual router for each
of your existing load balancing rules so that they continue to function.
16.8.1. Adding a Load Balancer Rule
1. Log in to the CloudPlatform UI as an administrator or end user.
2. In the left navigation, choose Network.
3. Click the name of the network where you want to load balance the traffic.
4. Click View IP Addresses.
5. Click the IP address for which you want to create the rule, then click the Configuration tab.