Create and manage services on your network

Introduction

Services define resources on your local network that you want to reach using an AppWAN. A service definition consists of an IP address, protocol, and port. When you create a service you assign it to a gateway. That gateway becomes the egress point onto your local network to reach the service.

For example, if you have an HTTPS web server sitting in AWS, with an IP address of 10.100.200.17, you can create a service definition for it:

  • IP address 10.100.200.17
  • Protocol TCP
  • Port 443

Services can define a single IP address, or a range of addresses in CIDR notation. If the above web server was instead fronted by an ALB, which lived on a private subnet 10.100.200.16/28, then you can create a service for the entire subnet:

  • IP range 10.100.200.16/28
  • Protocol TCP
  • Port 443

Say that the web server listens for both HTTP and HTTPS traffic. You can use a set of port numbers that are comma-separated to list them out:

  • IP address 10.100.200.17
  • Protocol TCP
  • Port 80, 443

If you want to specify a range of ports, say all privileged ports between 1-1023 on TCP and UDP, you can specify a hyphen-separated range:

  • IP address 10.100.200.17
  • Protocol TCP/UDP
  • Port 1-1023

The gateway you assign the service to must be able to reach the IP address on the port(s) and protocol(s) specified. In this example, you would launch a gateway in your AWS VPC and assign this service to it. To make the service available to endpoints on your NetFoundry network, add it to an AppWAN.

Create and manage services

To manage your Services on the console, choose Manage Services from the navigation menu. From this page you can:

  • Create a new service
  • Edit existing services
  • Delete services

Click on a service row to edit it. Click the blue plus-sign in the upper right corner to create a new service. Use the ellipsis menu at the end of each row to take actions on an individual service. 

services_index.png

Creating a new service

From the Manage Services page, click the blue plus-sign icon to create a new service. There are two types of services. One defines a single IP address, the other defines an IP address range.

Services have the following attributes:

Service Type

Choose "IP Host" for a single IP address, and "IP Network" for an IP address range

Service Name

A free-form text label to uniquely identify this service on your network
IP Address or IP Range The IP address of the service host, or a range of IP addresses in CIDR notation.
Port, Port Set, or Port Range The single port, set of ports, or range of ports on the host your service is listening on
Intercept IP Address An alternate IP address that endpoints will use to reach this resource. This value can be the same as the IP Address, or it can be assigned any other valid IP address. In the later case, endpoints will listen for packets destined for the intercept IP and redirect them to the real IP address. This is also called Destination NAT.
Protocol Type Choose the protocol your service is using: TCP, UDP, or TCP/UDP
Gateway Assign the Service to the closest egress gateway that has connectivity to the service host

 

service_types.png

 

Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.