6V0-22.25 Planning and Designing
Planning and Designing
Detailed list of 6V0-22.25 knowledge points
Planning and Designing Detailed Explanation
Capacity Planning and Service Engine Sizing
Exam Radar
Core Priority: Accurately assessing throughput and transaction requirements to determine physical resource allocation.
High Frequency: Accounting for the CPU overhead of SSL/TLS handshakes, comparing RSA and EC certificate impacts.
Confusion Alert: Distinguishing between per-SE resource limits (vCPU/Memory) and Service Engine Group (SEG) aggregate limitations.
Scenario Logic: Calculating required SE resources based on expected Gigabits per second (Gbps) and Connections Per Second (CPS).
Version Delta: Modern sizing must account for the specific performance profile of the underlying vSphere host hardware.
Atomic Deconstruction
Actionable: Conduct a sizing exercise by evaluating the application's peak throughput and cryptographic requirements before defining SE Group resource maximums.
Parametric: Monitor the impact of Elliptic Curve (EC) certificates, which typically offer lower CPU overhead compared to traditional RSA certificates at similar security levels.
Causal: Under-provisioning vCPU or Memory at the SE level will lead to packet drops and increased latency when the application reaches peak CPS.
SKILLS.md Matrix
| Metric | Design Constraint | Impact |
|---|---|---|
| Throughput | Gbps requirement | Number of SEs / vCPU count |
| Transactions | CPS requirement | CPU cycles for handshakes |
| Memory | Concurrent sessions | Persistence table and buffer size |
Elastic Scale-Out and Scale-In Logic
Exam Radar
Core Priority: Defining the automated triggers that adjust data plane capacity without manual intervention.
High Frequency: Setting CPU, memory, and throughput thresholds that signal the Controller to provision additional SEs.
Confusion Alert: Distinguishing between the scale-out event (adding SEs) and the cooling period (preventing rapid flapping).
Scenario Logic: Predicting how the Controller redistributes existing connections and manages Gratuitous ARP during a scale-out.
Version Delta: Utilizing duration-based rules to ensure stability during fluctuating traffic patterns.
Atomic Deconstruction
Actionable: Configure Analytics Profiles with specific percentage thresholds (e.g., 80 percent CPU) to trigger the automated spin-up of new SE VMs.
Parametric: Define scale-in cooling periods to ensure that capacity is not removed too quickly after a transient traffic spike.
Causal: Automatic scale-out prevents application downtime by ensuring that the Virtual Service (VS) always has sufficient aggregate CPU/RAM to process incoming requests.
SKILLS.md Matrix
| Logic | Design Requirement | Goal |
|---|---|---|
| Scale-Out | High-watermark threshold | Performance preservation |
| Scale-In | Cooling period duration | Flapping prevention |
| Redundancy | N+M Buffer | Spare capacity maintenance |
High Availability (HA) Mode Selection
Exam Radar
Core Priority: Aligning the HA mode with application criticality and Recovery Time Objectives (RTO).
High Frequency: Comparing Elastic HA (N+M) for efficient redundancy versus Elastic HA (Active/Active) for maximum throughput.
Confusion Alert: Identifying that Legacy Active/Standby is suitable only for basic requirements and limits total throughput.
Scenario Logic: Choosing the Active/Active design for instantaneous failover where multiple SEs serve the same VIP simultaneously.
Version Delta: Selecting the default recommended N+M mode for a balance of efficiency and availability.
Atomic Deconstruction
Actionable: Select the HA mode within the SE Group configuration based on whether the application requires maximum throughput (Active/Active) or efficient resource usage (N+M).
Parametric: In N+M mode, configure the "M" buffer to specify how many spare SEs the Controller should maintain across the group.
Causal: Active/Active HA ensures that if a single SE fails, the remaining SEs continue to process traffic for the Virtual Service with zero transition time.
SKILLS.md Matrix
| HA Mode | Capability | Use Case |
|---|---|---|
| Legacy | Active/Standby | Simple, low-throughput apps |
| Elastic N+M | Buffer-based recovery | Standard enterprise apps |
| Active/Active | Simultaneous processing | Mission-critical, high-scale apps |
Virtual Service and Pool Design Best Practices
Exam Radar
Core Priority: Proper association of health monitors and persistence profiles to ensure predictable traffic flow.
High Frequency: Choosing appropriate monitor types (HTTP, TCP, or Custom) to verify application layer responsiveness.
Confusion Alert: Evaluating the need for HTTP Cookie persistence versus Source IP persistence in multi-server environments.
Scenario Logic: Designing port usage standards such as port 80 to 443 redirection and selecting optimized TCP/UDP profiles.
Version Delta: Emphasis on verifying backend responsiveness rather than just port connectivity.
Atomic Deconstruction
Actionable: Select and configure health monitors that validate specific application strings or status codes to ensure pool members are truly functional.
Parametric: Implement persistence profiles based on application session requirements to maintain client affinity to specific backend servers.
Causal: Using HTTP Cookie persistence ensures that clients remain tied to the same backend server even if their source IP changes, which is critical for stateful applications.
SKILLS.md Matrix
| Element | Atomic Requirement | Operational Detail |
|---|---|---|
| Health Monitoring | Response Validation | Beyond simple L4 port checks |
| Persistence | Session Continuity | Cookie vs. Source IP profiles |
| Traffic Flow | Redirection Logic | Standardized 80 to 443 mapping |
Analytics Profiles and Service Engine Resource Impact
Exam Radar
Core Priority: Balancing deep visibility requirements against Service Engine (SE) CPU and memory consumption.
High Frequency: Designing log policies that default to Significant logs and use Full logs only for active troubleshooting.
Confusion Alert: Distinguishing between the frequency of metric collection and the real-time impact of Client Insights on SE throughput.
Scenario Logic: Adjusting the frequency of metric collection to reduce processing overhead on the SE data plane.
Version Delta: High-fidelity logging requires a calculated design trade-off in resource-constrained environments.
Atomic Deconstruction
Actionable: Configure Analytics Profiles to collect Significant logs by default to preserve SE resources while maintaining essential visibility.
Parametric: Adjust metric collection intervals, moving from 5-second to 30-second intervals for non-critical services to lower CPU overhead.
Causal: Reducing the log fidelity for stable virtual services frees up SE processing cycles for actual traffic handling and SSL termination.
SKILLS.md Matrix
| Feature | Logic | Atomic Detail |
|---|---|---|
| Log Levels | Significant vs. Full | Resource-conscious telemetry |
| Metrics | Collection Frequency | Adjustable processing overhead |
| Client Insights | Real-User Monitoring | Impact on SE throughput capacity |
GSLB and Multi-Site Architectural Planning
Exam Radar
Core Priority: Coordinated design between global and local load balancing layers for multi-site availability.
High Frequency: Architecting the Controller cluster to manage global configuration (Leader) while maintaining local site autonomy (Follower).
Scenario Logic: Utilizing Geolocation databases to route clients to the nearest active site and minimize latency.
Version Delta: Implementing split-brain prevention through health monitor logic that ensures safe failure states.
Atomic Deconstruction
Actionable: Designate specific Controller clusters as GSLB Leaders to synchronize global application states across geographically dispersed sites.
Parametric: Configure proximity-based steering within GSLB pools to automatically direct users based on their geographic location.
Causal: Proper site health monitoring ensures that if a data center fails, DNS responses are automatically updated to point to the next closest healthy site.
SKILLS.md Matrix
| Component | Logic | Detail |
|---|---|---|
| Site Roles | Leader/Follower | Configuration vs. Local Execution |
| Steering | Proximity-Based | Geolocation database integration |
| Resiliency | Fail-Safe Monitors | Split-brain and failover protection |
GSLB Site Management and Leader/Follower Architecture
Exam Radar
Core Priority: Defining the hierarchy of Controller clusters to manage global application delivery.
High Frequency: Understanding the synchronization of global configuration from the GSLB Leader to all Follower sites.
Confusion Alert: Distinguishing between a site's local load balancing autonomy and its participation in the global health fabric.
Scenario Logic: Maintaining global availability when the GSLB Leader is unreachable by relying on local Follower site persistence.
Version Delta: Strategic placement of the GSLB Leader in the most stable management domain to ensure global configuration integrity.
Atomic Deconstruction
Actionable: Designate one Avi Controller cluster as the GSLB Leader to serve as the authoritative source for global virtual service configurations.
Parametric: Configure Follower sites to receive and execute global policies while maintaining local control over their specific Service Engine Groups.
Causal: Using a Leader/Follower architecture ensures that a localized failure in one data center does not disrupt the global DNS resolution or traffic steering logic for other healthy sites.
SKILLS.md Matrix
| Role | Responsibility | Data Flow |
|---|---|---|
| GSLB Leader | Global Config Authoring | Push to all Follower sites |
| GSLB Follower | Local Policy Execution | Pull from Leader/Local Health Checks |
| Health Monitor | Cross-site Verification | Bi-directional site status sync |
DNS Steering and Proximity-Based Planning
Exam Radar
Core Priority: Selecting the optimal traffic steering algorithm based on user location and site health.
High Frequency: Utilizing Geolocation databases to minimize latency by directing clients to the closest active data center.
Scenario Logic: Implementing health-based steering where DNS records are automatically updated to exclude failed sites.
Version Delta: Integration with internal or external DNS providers to automate the assignment of A/AAAA records for global VIPs.
Atomic Deconstruction
Actionable: Integrate a Geolocation database into the Avi GSLB configuration to enable proximity-based steering for global applications.
Parametric: Define "Active" and "Passive" site weights within the GSLB pool to control traffic distribution during normal operations and failover.
Causal: DNS-based steering allows for global load balancing without requiring complex BGP Anycast configurations, simplifying the multi-site network architecture.
SKILLS.md Matrix
| Steering Method | Operational Requirement | Primary Benefit |
|---|---|---|
| Proximity | Geolocation Database | Lowest client latency |
| Weighted | Traffic Ratio Config | Controlled canary/blue-green deploys |
| Failover | Priority-based Pools | Disaster recovery automation |
Split-Brain Prevention and Fail-Safe Design
Exam Radar
Core Priority: Designing monitor logic that prevents multiple sites from claiming "Active" status during a network partition.
High Frequency: Implementing "fail-safe" or "fail-to-last-known-good" settings for DNS responses during site isolation.
Scenario Logic: Predicting site behavior when synchronization between the GSLB Leader and Followers is lost.
Version Delta: Modern health monitoring includes verifying the integrity of the data path, not just the management plane.
Atomic Deconstruction
Actionable: Configure cross-site health monitors that verify connectivity between all GSLB sites to detect network partitions.
Parametric: Set the GSLB DNS response policy to "return local" or a specific "failover IP" if the site becomes isolated from the Leader.
Causal: Implementing split-brain prevention ensures that users are not directed to a site that is operational but isolated from the application database or backend services.
SKILLS.md Matrix
| Condition | Logic | System Response |
|---|---|---|
| Site Isolation | Fail-safe policy | Maintain local vs. stop DNS |
| Leader Failure | Follower Autonomy | Local VS continues to function |
| Partition | Split-brain logic | Site health consensus required |
Frequently Asked Questions
What is the recommended number of nodes in an Avi Controller cluster for production deployments?
Three Controller nodes are recommended for production environments.
Avi Controllers form a cluster that manages configuration, analytics, and orchestration. A three-node cluster ensures high availability through quorum-based consensus.
With three nodes:
the system tolerates a single controller failure
configuration and analytics services remain operational
cluster decisions maintain quorum
A two-node configuration is not recommended because quorum cannot be reliably maintained during failures.
Exam scenarios mentioning controller cluster resilience or quorum typically expect three controllers as the correct design choice.
Demand Score: 79
Exam Relevance Score: 92
Which factors should be considered when sizing Service Engines?
Key factors include expected traffic volume, SSL processing requirements, connection rates, and application throughput.
Service Engines process application traffic, so their sizing directly affects performance. Administrators must evaluate:
concurrent connections
requests per second
SSL/TLS termination load
network throughput requirements
SSL termination can significantly increase CPU utilization, so environments with heavy encrypted traffic often require additional Service Engines.
Proper sizing ensures traffic is distributed efficiently while maintaining performance and avoiding resource exhaustion.
In exam questions, if a scenario mentions performance capacity planning, the focus is usually on Service Engine sizing rather than controller resources.
Demand Score: 88
Exam Relevance Score: 90
Why would an administrator deploy multiple Service Engine Groups in a design?
To support workload segmentation, resource isolation, and policy differentiation.
Service Engine Groups allow different applications or tenants to operate under separate resource policies. For example:
production applications may require high CPU and strict HA policies
development workloads may use smaller resource allocations
By separating workloads into multiple SE Groups, administrators can maintain predictable performance and isolate environments.
This is particularly useful in multi-tenant environments where different teams or customers require distinct policies.
Exam questions often include scenarios involving different environments or application tiers, which indicates the need for multiple Service Engine Groups.
Demand Score: 74
Exam Relevance Score: 88
What design feature allows Avi to scale load balancing capacity automatically?
Elastic scaling of Service Engines.
Avi’s distributed architecture allows the Controller to dynamically deploy additional Service Engines when traffic demand increases.
This scaling mechanism ensures that:
application performance remains stable
traffic spikes are handled automatically
infrastructure resources are used efficiently
When demand decreases, unused Service Engines can be removed to conserve resources.
This elastic scaling capability is a major advantage compared with traditional hardware load balancers.
Exam questions describing automatic scaling during traffic spikes typically refer to Service Engine elastic scaling.
Demand Score: 80
Exam Relevance Score: 91
What design principle allows Avi to separate management logic from traffic processing?
The separation of control plane and data plane.
Avi Controllers operate in the control plane, managing policies, analytics, and orchestration.
Service Engines operate in the data plane, processing application traffic.
This separation allows the platform to scale independently:
controllers handle configuration and monitoring
Service Engines handle network traffic
The design improves scalability and resilience because the failure of a Service Engine does not impact controller operations.
Exam questions often test this concept by asking which component handles traffic processing vs orchestration.
Demand Score: 83
Exam Relevance Score: 93
