Merge pull request #252638 from mbender-ms/gwlb-dual

American-Dipper · web-flow · commit b9584a485aa0 · 2023-09-23T17:55:47.000-07:00
Load Balancer - New Article - GWLB IPv6
diff --git a/articles/load-balancer/TOC.yml b/articles/load-balancer/TOC.yml
@@ -70,6 +70,8 @@
       href: tutorial-gateway-powershell.md
     - name: Create gateway load balancer - Azure CLI
       href: tutorial-gateway-cli.md
+    - name: Deploy a dual-stack gateway load balancer
+      href: gateway-deploy-dual-stack-load-balancer.md
   - name: NAT gateway
     items:
     - name: Integrate NAT gateway public load balancer
@@ -277,7 +279,7 @@
   - name: Ruby
     href: https://www.rubydoc.info/gems/azure_mgmt_network/Azure/Network/Mgmt/V2020_03_01/LoadBalancers
   - name: Python
-    href: /python/api/azure-mgmt-network/azure.mgmt.network.v2019_02_01.operations.loadbalancersoperations
+    href: /python/api/azure-mgmt-network/azure.mgmt.network.operations.loadbalancersoperations
   - name: REST
     href: /rest/api/load-balancer/loadbalancers
   - name: Resource Manager template
diff --git a/articles/load-balancer/gateway-deploy-dual-stack-load-balancer.md b/articles/load-balancer/gateway-deploy-dual-stack-load-balancer.md
@@ -0,0 +1,300 @@
+---
+title: Deploy a dual-stack Azure Gateway Load Balancer 
+titlesuffix: Azure Virtual Network
+description: In this tutorial, you deploy IPv6 configurations to an existing IPv4-configured Azure Gateway Load Balancer
+author: mbender-ms
+ms.service: load-balancer
+ms.topic: how-to
+ms.workload: infrastructure-services
+ms.date: 09/15/2023
+ms.author: mbender
+ms.custom: template-how-to
+---
+
+# Deploy a dual-stack Azure Gateway Load Balancer
+
+In this tutorial, you deploy IPv6 configurations to an existing IPv4-configured Azure Gateway Load Balancer. 
+
+You learn to:
+> [!div class="checklist"]
+> * Add IPv6 address ranges to an existing subnet.
+> * Add an IPv6 frontend to Gateway Load Balancer.
+> * Add an IPv6 backend pool to Gateway Load Balancer.
+> * Add IPv6 configuration to network interfaces.
+> * Add a load balancing rule for IPv6 traffic.
+> * Chain the IPv6 load balancer frontend to Gateway Load Balancer.
+
+Along with the Gateway Load Balancer, this scenario includes the following already-deployed resources:
+
+- A dual stack virtual network and subnet.
+- A standard Load Balancer with dual (IPv4 + IPv6) front-end configurations.
+- A Gateway Load Balancer with IPv4 only.
+- A network interface with a dual-stack IP configuration, a network security group attached, and public IPv4 & IPv6 addresses.
+
+## Prerequisites
+
+- An Azure account with an active subscription. [Create an account for free](https://azure.microsoft.com/free/?WT.mc_id=A261C142F).
+- An existing dual-stack load balancer. For more information on creating a dual-stack load balancer, see [Deploy IPv6 dual stack application - Standard Load Balancer](virtual-network-ipv4-ipv6-dual-stack-standard-load-balancer-powershell.md).
+- An existing IPv4 gateway balancer. For more information on creating a gateway load balancer, see [Create a gateway load balancer](./tutorial-gateway-powershell.md).
+
+## Add IPv6 address ranges to an existing subnet
+
+# [PowerShell](#tab/powershell)
+
+```powershell-interactive
+
+#Add IPv6 ranges to the VNET and subnet
+#Retrieve the VNET object
+$rg = Get-AzResourceGroup  -ResourceGroupName "myResourceGroup"
+$vnet = Get-AzVirtualNetwork  -ResourceGroupName $rg.ResourceGroupName -Name "myVNet"  
+
+#Add IPv6 prefix to the VNET
+$vnet.addressspace.addressprefixes.add("fd00:db8:deca::/48")
+
+#Update the running VNET
+$vnet |  Set-AzVirtualNetwork
+
+#Retrieve the subnet object from the local copy of the VNET
+$subnet= $vnet.subnets[0]
+
+#Add IPv6 prefix to the subnet
+$subnet.addressprefix.add("fd00:db8:deca::/64")
+
+#Update the running VNET with the new subnet configuration
+$vnet |  Set-AzVirtualNetwork
+
+```
+# [CLI](#tab/cli)
+
+```azurecli-interactive
+
+az network vnet subnet update 
+--vnet-name myVNet 
+--name myGWSubnet 
+--resource-group myResourceGroup 
+--address-prefixes  "10.1.0.0/24"  "fd00:db8:deca:deed::/64"
+
+```
+---
+
+## Add an IPv6 frontend to gateway load balancer
+
+# [PowerShell](#tab/powershell)
+
+```powershell-interactive
+
+# Retrieve the load balancer configuration
+$gwlb = Get-AzLoadBalancer -ResourceGroupName "myResourceGroup"-Name "myGatewayLoadBalancer"
+
+# Add IPv6 frontend configuration to the local copy of the load balancer configuration
+$gwlb | Add-AzLoadBalancerFrontendIpConfig `
+     -Name "myGatewayFrontEndv6" `
+     -PrivateIpAddressVersion "IPv6" `
+     -Subnet $subnet
+
+#Update the running load balancer with the new frontend
+$gwlb | Set-AzLoadBalancer 
+
+```
+# [CLI](#tab/cli)
+
+
+```azurecli-interactive
+
+az network lb frontend-ip create --lb-name myGatewayLoadBalancer                                 
+--name myGatewayFrontEndv6                               
+--resource-group myResourceGroup                          
+--private-ip-address-version IPv6 
+--vnet-name myVNet
+--subnet myGWS 
+
+```
+---
+
+## Add an IPv6 backend pool to gateway load balancer
+
+# [PowerShell](#tab/powershell)
+
+```azurepowershell-interactive
+
+## Create IPv6 tunnel interfaces
+$int1 = @{
+    Type = 'Internal'
+    Protocol = 'Vxlan'
+    Identifier = '866'
+    Port = '2666'
+}
+$tunnelInterface1 = New-AzLoadBalancerBackendAddressPoolTunnelInterfaceConfig @int1
+
+$int2 = @{
+    Type = 'External'
+    Protocol = 'Vxlan'
+    Identifier = '867'
+    Port = '2667'
+}
+$tunnelInterface2 = New-AzLoadBalancerBackendAddressPoolTunnelInterfaceConfig @int2
+
+# Create the IPv6 backend pool
+$pool = @{
+    Name = 'myGatewayBackendPoolv6'
+    TunnelInterface = $tunnelInterface1,$tunnelInterface2
+}
+
+# Add the backend pool to the load balancer
+$gwlb | Add-AzLoadBalancerBackendAddressPoolConfig @pool
+
+# Update the load balancer
+$gwlb | Set-AzLoadBalancer
+
+```
+# [CLI](#tab/cli)
+
+```azurecli-interactive
+
+az network lb address-pool create --address-pool-name myGatewayBackendPool \
+                                  --lb-name myGatewayLoadBalancer \
+                                  --resource-group myResourceGroup \
+                                  --tunnel-interfaces "{[{"port": 2666,"identifier": 866,"protocol": "VXLAN","type": "Internal"},{"port": 2667,"identifier": 867,"protocol": "VXLAN","type": "External"}]}"
+
+```
+---
+
+## Add IPv6 configuration to network interfaces
+
+# [PowerShell](#tab/powershell)
+
+```azurepowershell-interactive
+
+#Retrieve the NIC object
+$NIC_1 = Get-AzNetworkInterface -Name "myNic1" -ResourceGroupName $rg.ResourceGroupName
+
+
+$backendPoolv6 = Get-AzLoadBalancerBackendAddressPoolConfig -Name "myGatewayBackendPoolv6" -LoadBalancer $gwlb
+
+#Add an IPv6 IPconfig to NIC_1 and update the NIC on the running VM
+$NIC_1 | Add-AzNetworkInterfaceIpConfig -Name myIPv6Config -Subnet $vnet.Subnets[0]  -PrivateIpAddressVersion IPv6 -LoadBalancerBackendAddressPool $backendPoolv6 
+$NIC_1 | Set-AzNetworkInterface
+
+
+```
+# [CLI](#tab/cli)
+
+```azurecli-interactive
+
+az network nic ip-config create \
+--name myIPv6Config \
+--nic-name myVM1 \
+--resource-group MyResourceGroup \
+--vnet-name myVnet \
+--subnet mySubnet \
+--private-ip-address-version IPv6 \
+--lb-address-pools gwlb-v6pool \
+--lb-name myGatewayLoadBalancer
+
+```
+---
+
+## Add a load balancing rule for IPv6 traffic
+
+# [PowerShell](#tab/powershell)
+
+```azurepowershell-interactive
+
+# Retrieve the updated (live) versions of the frontend and backend pool, and existing health probe
+$frontendIPv6 = Get-AzLoadBalancerFrontendIpConfig -Name "myGatewayFrontEndv6" -LoadBalancer $gwlb
+$backendPoolv6 = Get-AzLoadBalancerBackendAddressPoolConfig -Name "myGatewayBackendPoolv6" -LoadBalancer $gwlb
+$healthProbe = Get-AzLoadBalancerProbeConfig -Name "myHealthProbe" -LoadBalancer $gwlb
+
+# Create new LB rule with the frontend and backend
+$gwlb | Add-AzLoadBalancerRuleConfig `
+  -Name "myRulev6" `
+  -FrontendIpConfiguration $frontendIPv6 `
+  -BackendAddressPool $backendPoolv6 `
+  -Protocol All `
+  -FrontendPort 0 `
+  -BackendPort 0 `
+  -Probe $healthProbe
+
+#Finalize all the load balancer updates on the running load balancer
+$gwlb | Set-AzLoadBalancer
+ 
+
+```    
+# [CLI](#tab/cli)
+
+```azurecli-interactive
+az network lb rule create \
+    --resource-group myResourceGroup \
+    --lb-name myGatewayLoadBalancer \
+    --name myGatewayLoadBalancer-rule \
+    --protocol All \
+    --frontend-port 0 \
+    --backend-port 0 \
+    --frontend-ip-name gwlb-v6fe \
+    --backend-pool-name gwlb-v6pool \
+    --probe-name myGatewayLoadBalancer-hp
+```
+---
+
+## Chain the IPv6 load balancer frontend to gateway load balancer
+
+# [PowerShell](#tab/powershell)
+
+```azurepowershell-interactive
+
+## Place the existing Standard load balancer into a variable. ##
+$par1 = @{
+    ResourceGroupName = 'myResourceGroup'
+    Name = 'myLoadBalancer'
+}
+$lb = Get-AzLoadBalancer @par1
+
+## Place the public frontend IP of the Standard load balancer into a variable.
+$par3 = @{
+    ResourceGroupName = 'myResourceGroup'
+    Name = 'myIPv6PublicIP'
+}
+$publicIP = Get-AzPublicIPAddress @par3
+
+## Chain the Gateway load balancer to your existing Standard load balancer frontend. ##
+# $feip = Get-AzLoadBalancerFrontendIpConfig -Name "myGatewayFrontEndv6" -LoadBalancer $gwlb
+
+$par4 = @{
+    Name = 'myIPv6FrontEnd'
+    PublicIPAddress = $publicIP 
+    LoadBalancer = $lb
+    GatewayLoadBalancerId = $feip.id
+}
+$config = Set-AzLoadBalancerFrontendIpConfig @par4
+
+$config | Set-AzLoadBalancer
+
+```
+# [CLI](#tab/cli)
+
+```azurecli-interactive
+
+feid=$(az network lb frontend-ip show \
+    --resource-group myResourceGroup \
+    --lb-name myLoadBalancer-gw \
+    --name myFrontend \
+    --query id \
+    --output tsv)
+
+  az network lb frontend-ip update \
+    --resource-group myResourceGroup \
+    --name myFrontendIP \
+    --lb-name myLoadBalancer \
+    --public-ip-address myIPv6PublicIP \
+    --gateway-lb $feid
+
+```
+---
+## Limitations
+
+- Gateway load balancer doesn't support NAT 64/46. 
+- When you implement chaining, the IP address version of Standard and Gateway Load Balancer front end configurations must match.
+
+## Next steps
+
+- Learn more about [Azure Gateway Load Balancer partners](./gateway-partners.md) for deploying network appliances.
