Configuring and Managing Virtual IP (VIP) Addresses 编辑
Configuring and Managing Virtual IP (VIP) Addresses
Configuration of a virtual server IP (VIP) address is not mandatory during initial configuration of the Citrix ADC. When you configure load balancing, you assign VIP addresses to virtual servers.
For more information about configuring a load balancing setup, see Load Balancing
.
In some situations, you need to customize VIP attributes or enable or disable a VIP address. A VIP address is usually associated with a virtual server, and some of the VIP attributes are customized to meet the requirements of the virtual server. You can host the same virtual server on multiple Citrix ADC appliances residing on the same broadcast domain, by using ARP and ICMP attributes. After you add a VIP (or any IP address), the appliance sends, and then responds to, ARP requests. VIPs are the only Citrix ADC-owned IP addresses that can be disabled. When a VIP address is disabled, the virtual server using it goes down and does not respond to ARP, ICMP, or L4 service requests. As an alternative to creating VIP addresses one at a time, you can specify a consecutive range of VIP addresses.
To create a VIP address by using the CLI:
At the command prompt, type:
- add ns ip <IPAddress> <netmask> -type <type>
- show ns ip <IPAddress>
Example:
> add ns ip 10.102.29.59 255.255.255.0 -type VIP Done<!--NeedCopy-->
To create a range of VIP addresses by using the CLI:
At the command prompt, type:
- add ns ip <IPAddress> <netmask> -type <type>
- show ns ip <IPAddress>
Example:
> add ns ip 10.102.29.[60-64] 255.255.255.0 -type VIPip "10.102.29.60" addedip "10.102.29.61" addedip "10.102.29.62" addedip "10.102.29.63" addedip "10.102.29.64" added Done<!--NeedCopy-->
To enable or disable an IPv4 VIP address by using the CLI:
At the command prompt, type one of the following sets of commands to enable or disable a VIP and verify the configuration:
- enable ns ip <IPAddress>
- show ns ip <IPAddress>
- disable ns ip <IPAddress>
- show ns ip <IPAddress>
Example:
> enable ns ip 10.102.29.79 Done> show ns ip 10.102.29.79 IP: 10.102.29.79 Netmask: 255.255.255.255 Type: VIP state: Enabled arp: Enabled icmp: Enabled vserver: Enabled management access: Disabled telnet: Disabled ftp: Disabled ssh: Disabled gui: Disabled snmp: Disabled Restrict access: Disabled dynamic routing: Disabled hostroute: Disabled Done> disable ns ip 10.102.29.79 Done> show ns ip 10.102.29.79 IP: 10.102.29.79 Netmask: 255.255.255.255 Type: VIP state: Disabled arp: Enabled icmp: Enabled vserver: Enabled management access: Disabled telnet: Disabled ftp: Disabled ssh: Disabled gui: Disabled snmp: Disabled Restrict access: Disabled dynamic routing: Disabled hostroute: Disabled Done<!--NeedCopy-->
To configure a VIP address by using the GUI:
Navigate to System > Network > IPs > IPV4s, and add a new IP address or edit an existing address.
To create a range of VIP addresses by using the GUI:
- Navigate to System > Network > IPs > IPV4s.
- In the Action list, select Add Range.
To enable or disable a VIP address by using the GUI:
- Navigate to System > Network > IPs > IPV4s.
- Do one of the following:
- Select a VIP address.
- Hold down the Ctrl key and select multiple server address entries.
- Hold down the Shift key and select a range of server address entries.
- Select all the addresses by selecting the checkbox on the left side of the header row.
- From the Action list, select Disable or Enable.
Detecting a Citrix ADC Appliance in a UDP Load Balancing Setup through TTL Updates
The following table displays how a Citrix ADC appliance handles the TTL value of received packets in different functionalities.
Functionality | TTL value |
---|---|
Virtual Server | TTL is set to 255 when forwarding the request to the backend servers. TTL is decremented by 1 when forwarding the response to the client. |
L2 Mode | TTL is not changed. |
L3 Mode | TTL is set to 255. |
INAT | TTL is set to 255 when forwarding the request to the backend server. TTL is decremented by 1 when forwarding the response to the client. |
Some enterprises/scenarios running a monitoring application requires the Citrix ADC appliance of a load balancing setup to be detected as one of the hop in a traceroute. A Citrix ADC appliance of a load balancing setup is not detected in a traceroute because the appliance, by default, sets the TTL value to 255 instead of decrementing it when forwarding the request to a backend server.
To meet this requirement, Decrement TTL parameter of a VIP address can be used. This parameter applies to all UDP virtual servers using this VIP.
When you enable the Decrement TTL parameter of a VIP, the Citrix ADC appliance decrements the TTL value by 1 instead of setting it to 255 when forwarding requests, which are received on the UDP virtual servers that uses this VIP.
Monitoring applications using traceroute data can now detect the presence of a Citrix ADC appliance of a UDP load balancing setup.
Before You Begin
Before you begin configuring a Citrix ADC appliance to be detected in a traceroute of a load balancing setup, note the following points:
- Decrement TTL parameter is supported only for UDP load balancing virtual servers.
- Decrement TTL parameter is supported for IPv4 VIP as well as IPv6 VIP (VIP6) addresses.
- Decrement TTL parameter is supported for standalone Citrix ADC appliances as well as for high availability (HA) and cluster setups.
Configuration Steps
Configuring a Citrix ADC appliance to be detected in a traceroute of a UDP load balancing setup consists of the following tasks:
- Create a UDP load balancing configuration
- Enable the Decrement TTL parameter for the VIP address
CLI Procedures
To enable the decrement TTL option for a VIP address by using the CLI:
- To enable the decrement TTL option for a VIP address while adding the VIP address, at the command prompt, type:
- add ns ip <ip> <mask> -type VIP -decrementTTL ENABLED
- show ns ip <VIP address>
- To enable the decrement TTL option for an existing VIP address, at the command prompt, type:
- set ns ip <ip> <mask> -decrementTTL ENABLED
- show ns ip <VIP address>
To enable the decrement TTL option for a VIP6 address by using the CLI:
- To enable the decrement TTL option for a VIP6 address while adding the VIP6 address, at the command prompt, type:
- add ns ip6 <IP6/prefix> <mask> -type VIP -decrementTTL ENABLED
- show ns ip6 <VIP6/prefix>
- To enable the decrement TTL option for an existing VIP6 address, at the command prompt, type:
- set ns ip6 <ip6/prefix> <mask> -decrementTTL ENABLED
- show ns ip6 <VIP6 address>
> add ns ip 203.0.113.30 -type VIP -decrementTTL ENABLED Done > add ns ip6 2001:DB8:5001::30 -type VIP -decrementTTL ENABLED Done<!--NeedCopy-->
GUI Procedures
To enable the decrement TTL option for a VIP address by using the GUI:
Navigate to System > Network > IPs > IPv4s, and enable the Decrement TTL parameter while adding a new VIP address or editing an existing address.
To enable the decrement TTL option for a VIP6 address by using the GUI:
Navigate to System > Network > IPs > IPv6s, and enable the Decrement TTL parameter while adding a new VIP6 address or editing an existing address.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论