Merge pull request #191721 from prmitiki/patch-4

prmitiki Update azure-vm-certification-faq.yml

Author: tamarakhader

articles/marketplace/azure-vm-certification-faq.yml

@@ -482,7 +482,35 @@ sections:
           1. Generalize the VM, take the image VHD, and stop the VM.
           
           1. Resubmit the generalized image.
+
+      - question: |
+          Network Virtual Appliance validations
+        answer: |
+          During Marketplace image certification, a VM offer that is a Network Virtual Appliance (NVA) is validated using tests that are generic to any VM offer, as well as NVA testcases listed in the table below.  The goal of these NVA specific validations is to verify how well the NVA image orchestrates with SDN stack.
           
+          |Test case|Steps to run test case|Solution|
+          |---|---|---|
+          |VHD Access|Ensure the correct SAS URL for the VHD is provided, the permissions are set to allow access and the NVA image is [generalized](../virtual-machines/generalize.md).|Verify the NVA image and the URL provided.|
+          |NVA Deployment|Deploy a VM using the NVA with 1 NIC. Verify that the deployment is completed in 20 minutes.|If the deployment is not completed within 20 minutes, then verify the NVA image.|
+          |NVA Reboot|Deploy a VM using the NVA with 1 NIC. Then, go to the VM in Azure portal, and under section **Support + troubleshooting** in the left pane, click on **Redeploy + Reapply** and redeploy the VM. After redeployment is completed, verify that the status of the VM is *Running* and the NIC port 22 is reachable using Netcat command.|If VM doesn't come up after reboot, then there may be an issue with the NVA image.<br><br>If the Netcat test fails, then it could be because the NIC failed to come up after the reboot even though the VM was running. Please wait for few minutes and try again. If after 20 mins it still fails, then there may be an issue with the NVA image|
+          |NVA Redeployment|Deploy a VM using the NVA with 1 NIC. Then, redeploy the VM. Verify that the status of the VM is *Running* and the NIC port 22 is reachable using Netcat command.|If the redeploy does not complete within 15 minutes, then there may be an issue with the NVA image.<br><br>If the Netcat test fails, then it could be because the NIC failed to come up after the reboot even though the VM was running. Please wait for few minutes and try again. If after 20 mins it still fails, then there may be an issue with the NVA image|
+          |High Availability|Deploy a VM using the NVA with 1 NIC. Either No public IP should be attached to NIC or if Public IP is attached then SKU should be standard and IP allocation method should be static. In the same virtual network, setup an Azure Internal [load balancer](../virtual-machines/linux/tutorial-load-balancer.md) using configuration below.<br> - Load balancer using *Standard SKU*<br> - Frontend IP using private IP allocation method as dynamic<br> - Health probes using TCP, port 22 with a retry interval of 15 seconds<br> - A load balancing rule with protocol as *all* and enable floating IP set to False.<br> - Backend pool pointing to NVA VM.<br><br>Once the setup is ready, verify that the NVA VM is reachable across the load balancer, using Netcat command.|If the NVA is unreachable across the load balancer, then verify the setup of the VM, load balancer and HA ports feature. If everything is accurate, then there may be an issue with the NVA image.|
+          |VNET Peering|Deploy a virtual machine VM1 using the NVA image, with 1 NIC in a virtual network VNET1. In another virtual network VNET2, deploy a virtual machine VM2 using any Linux image, say ubuntu, with 1 NIC, and VM settings as Dynamic IP allocation method and basic SKU. Create [VNET peering](../virtual-network/virtual-network-manage-peering.md) between VNET1 and VNET2 and **Traffic to remote virtual network** is configured as *Allow (default)*<br><br>Once the setup is ready, verify that from VM2 we can reach private IP of the NIC on the NVA VM1, using Netcat command.|If the NVA VM1 is unreachable from VM2, then verify that the VNET peering is configured correctly and try again. If it still doesn't work, then there may be an issue with the NVA image.|
+          |Accelerated Networking (AN)|Deploy a VM with the NVA and 1 [AN enabled NIC](../virtual-network/create-vm-accelerated-networking-cli.md). You can enable AN on a NIC while creating the VM, or on the NIC properties after creating the VM. Verify that the VM will be up and running.|If the deployment fails, then please verify that the NVA image supports Accelerated Networking.|
+          |Multi-NIC Basic|Deploy a VM using the NVA with 3 NICs with Dynamic IP allocation method and basic SKU. Get private IP and MAC address for all the NICs (refer to [view Network Interface](../virtual-network/virtual-network-network-interface.md) for instructions). Then, redeploy the VM, and verify that the private IP and MAC address for all the NICs remain the same as before redeploying.|If the private IP and MAC address for all the NICs change after redeploying, then there may be an issue with the NVA image.|
+          |Network Disruption|Deploy a VM using the NVA with 1 NIC. Then, create and apply a [Network Security Group](../virtual-network/manage-network-security-group.md) (NSG) to block all traffic to the NVA VM. Then, verify that the status of the VM is *Running*.|If after applying NSG the VM goes down, then there may be an issue with the NVA image.|
+          
+          For further information or questions, please open an Azure Support case.
+          
+          #### Netcat overview:
+          
+          Netcat is a command capable of establishing a TCP or UDP connection between two computers, meaning it can write and read through an open port. During NVA validations, we execute the Netcat command from a VM which is in the same virtual network as the NVA VM, to test if TCP port 22 is reachable. The command syntax is 
+          `nc <destination_ip_address> <destination_port>`, where
+             - *destination_ip_address* is the private IP address assigned to VM NIC, 
+             - *destination_port* is the port number on the NVA. We use *22* in NVA test cases.
+             
+          For example, `nc 192.168.1.1 22`
+             
       - question: |
           Request an exception on VM images for select tests
         answer: |