MUX to the VMSwitch of the Hyper-V host that is hosting the source of the load-
balancer usage. From that point on, all subsequent packets from the source
connection to the load balancer VIP will be sent directly to the VMSwitch of the
Hyper-V host that is hosting the identified target VM with the chosen VIP. This means
the SLB MUX is then bypassed for the rest of the communication, which is useful for
optimizing multitier services running within a network.
The SLB supports two types of load-balancing functionality:
Load-Balanced Sets Multiple DIPs that offer the same service are placed in a
load-balanced set. Through the use of probes to ensure availability of the backend
servers, the incoming traffic is received on a certain port and distributed between
the backend set members to a specific port. Either five, three, or two tuples can be
used for the distribution of the traffic, which control the stickiness between the
client and the actual backend server. Using five tuples (the default) sends the
client to the same processing server only if the destination and source IP, port, and
protocol are the same. Using three tuples stipulates that the destination and source
IP address and protocol must be the same, but the port can change. Using two
tuples simply requires the same destination and source IP address, but the port
and protocol can change.
NAT Rules Also known as port forwarders, NAT rules specify that traffic received
on a certain port is always sent to another specific port on a specific DIP. This can
be useful when you want to be able to get to a certain VM via an SLB directly; for
example, perhaps a NAT rule to port 3389 on a VM to enable RDP to the VM. (Be
careful, however, about ever offering RDP to services from the Internet.)
A single SLB configuration supports multiple VIPs with combinations of load-balancer
sets and NAT rules.
Gateways
By default, virtual machines in a virtual network can talk to each other but not to
other resources—not to services in other networks nor resources out on the Internet.
To enable communication outside the virtual network, to other services in the
datacenter—to services in other sites via a site-to-site tunnel or just Internet-based
services—the multitenant gateway SDNv2 component is used. If you want to enable a
hybrid environment, you must be able to connect virtual networks to other networks
in a controlled fashion, removing the isolation. The multitenant gateway (also
referred to as a RAS gateway) supports connectivity to the following:
Forwarding traffic to a network acting as a simple router, for example to a VLAN,
known as L3 forwarding. In this deployment, the gateway connects to multiple
virtual networks and to trunk ports on a switch via its vNIC that maps to various
VLANs. The gateway takes care of routing and encapsulating traffic as required,
enabling communication.
Another isolated datacenter network or MPLS using GRE tunneling. From the