Configuring and Managing Virtual IP (VIP) Addresses

Configuration of a virtual server IP (VIP) address is not mandatory during initial configuration of the Citrix ADC. When you configure load balancing, you assign VIP addresses to virtual servers.

For more information about configuring a load balancing setup, see Load Balancing
.

In some situations, you need to customize VIP attributes or enable or disable a VIP address. A VIP address is usually associated with a virtual server, and some of the VIP attributes are customized to meet the requirements of the virtual server. You can host the same virtual server on multiple Citrix ADC appliances residing on the same broadcast domain, by using ARP and ICMP attributes. After you add a VIP (or any IP address), the appliance sends, and then responds to, ARP requests. VIPs are the only Citrix ADC-owned IP addresses that can be disabled. When a VIP address is disabled, the virtual server using it goes down and does not respond to ARP, ICMP, or L4 service requests. As an alternative to creating VIP addresses one at a time, you can specify a consecutive range of VIP addresses.

To create a VIP address by using the CLI:

At the command prompt, type:

• add ns ip <IPAddress> <netmask> -type <type>
• show ns ip <IPAddress>

Example:

> add ns ip 10.102.29.59 255.255.255.0 -type VIP Done<!--NeedCopy-->

To create a range of VIP addresses by using the CLI:

At the command prompt, type:

• add ns ip <IPAddress> <netmask> -type <type>
• show ns ip <IPAddress>

Example:

> add ns ip 10.102.29.[60-64] 255.255.255.0 -type VIPip "10.102.29.60" addedip "10.102.29.61" addedip "10.102.29.62" addedip "10.102.29.63" addedip "10.102.29.64" added Done<!--NeedCopy-->

To enable or disable an IPv4 VIP address by using the CLI:

At the command prompt, type one of the following sets of commands to enable or disable a VIP and verify the configuration:

• enable ns ip <IPAddress>
• show ns ip <IPAddress>
• disable ns ip <IPAddress>
• show ns ip <IPAddress>

Example:

> enable ns ip 10.102.29.79 Done> show ns ip 10.102.29.79        IP: 10.102.29.79        Netmask: 255.255.255.255        Type: VIP        state: Enabled        arp: Enabled        icmp: Enabled        vserver: Enabled        management access: Disabled          telnet: Disabled          ftp: Disabled          ssh: Disabled          gui: Disabled          snmp: Disabled        Restrict access: Disabled        dynamic routing: Disabled        hostroute: Disabled Done> disable ns ip 10.102.29.79 Done> show ns ip 10.102.29.79        IP: 10.102.29.79        Netmask: 255.255.255.255        Type: VIP        state: Disabled        arp: Enabled        icmp: Enabled        vserver: Enabled        management access: Disabled          telnet: Disabled          ftp: Disabled          ssh: Disabled          gui: Disabled          snmp: Disabled        Restrict access: Disabled        dynamic routing: Disabled        hostroute: Disabled Done<!--NeedCopy-->

To configure a VIP address by using the GUI:

Navigate to System > Network > IPs > IPV4s, and add a new IP address or edit an existing address.

To create a range of VIP addresses by using the GUI:

1. Navigate to System > Network > IPs > IPV4s.
2. In the Action list, select Add Range.

To enable or disable a VIP address by using the GUI:

1. Navigate to System > Network > IPs > IPV4s.
2. Do one of the following:
   • Select a VIP address.
   • Hold down the Ctrl key and select multiple server address entries.
   • Hold down the Shift key and select a range of server address entries.
   • Select all the addresses by selecting the checkbox on the left side of the header row.
3. From the Action list, select Disable or Enable.

Detecting a Citrix ADC Appliance in a UDP Load Balancing Setup through TTL Updates

The following table displays how a Citrix ADC appliance handles the TTL value of received packets in different functionalities.

Some enterprises/scenarios running a monitoring application requires the Citrix ADC appliance of a load balancing setup to be detected as one of the hop in a traceroute. A Citrix ADC appliance of a load balancing setup is not detected in a traceroute because the appliance, by default, sets the TTL value to 255 instead of decrementing it when forwarding the request to a backend server.

To meet this requirement, Decrement TTL parameter of a VIP address can be used. This parameter applies to all UDP virtual servers using this VIP.

When you enable the Decrement TTL parameter of a VIP, the Citrix ADC appliance decrements the TTL value by 1 instead of setting it to 255 when forwarding requests, which are received on the UDP virtual servers that uses this VIP.

Monitoring applications using traceroute data can now detect the presence of a Citrix ADC appliance of a UDP load balancing setup.

Before You Begin

Before you begin configuring a Citrix ADC appliance to be detected in a traceroute of a load balancing setup, note the following points:

• Decrement TTL parameter is supported only for UDP load balancing virtual servers.
• Decrement TTL parameter is supported for IPv4 VIP as well as IPv6 VIP (VIP6) addresses.
• Decrement TTL parameter is supported for standalone Citrix ADC appliances as well as for high availability (HA) and cluster setups.

Configuration Steps

Configuring a Citrix ADC appliance to be detected in a traceroute of a UDP load balancing setup consists of the following tasks:

• Create a UDP load balancing configuration
• Enable the Decrement TTL parameter for the VIP address

CLI Procedures

To enable the decrement TTL option for a VIP address by using the CLI:

• To enable the decrement TTL option for a VIP address while adding the VIP address, at the command prompt, type:
  • add ns ip <ip> <mask> -type VIP -decrementTTL ENABLED
  • show ns ip <VIP address>
• To enable the decrement TTL option for an existing VIP address, at the command prompt, type:
  • set ns ip <ip> <mask> -decrementTTL ENABLED
  • show ns ip <VIP address>

To enable the decrement TTL option for a VIP6 address by using the CLI:

• To enable the decrement TTL option for a VIP6 address while adding the VIP6 address, at the command prompt, type:
  • add ns ip6 <IP6/prefix> <mask> -type VIP -decrementTTL ENABLED
  • show ns ip6 <VIP6/prefix>
• To enable the decrement TTL option for an existing VIP6 address, at the command prompt, type:
  • set ns ip6 <ip6/prefix> <mask> -decrementTTL ENABLED
  • show ns ip6 <VIP6 address>

    > add ns ip 203.0.113.30 -type VIP -decrementTTL ENABLED     Done    > add ns ip6  2001:DB8:5001::30 -type VIP -decrementTTL ENABLED     Done<!--NeedCopy-->

GUI Procedures

To enable the decrement TTL option for a VIP address by using the GUI:

Navigate to System > Network > IPs > IPv4s, and enable the Decrement TTL parameter while adding a new VIP address or editing an existing address.

To enable the decrement TTL option for a VIP6 address by using the GUI:

Navigate to System > Network > IPs > IPv6s, and enable the Decrement TTL parameter while adding a new VIP6 address or editing an existing address.