NetScaler BLX limitations and usage guidelines
The following limitations and usage guidelines are related to NetScaler BLX.
High availability
-
High availability is not supported in any public cloud platform, such as Amazon Web Services (AWS) and Oracle Cloud Infrastructure (OCI).
-
High availability is not supported if the
nsinternal
user login is disabled. -
High availability is supported only in dedicated mode.
NetScaler BLX cluster
- CLAG-based traffic distribution is not supported.
LA and LACP channels
-
LA/LACP channels are not supported in shared mode.
-
LA/LACP channels are supported only between the dedicated NIC interfaces or DPDK NIC interfaces.
-
LA/LACP channels are not supported for
blx1
andns1
virtual interfaces.
SNMP
- SNMP is supported only for BLX in dedicated mode.
Web application firewall
- Web application firewall (WAF) is supported only for NetScaler BLX in dedicated mode
NetScaler BLX with DPDK ports
-
BLX with DPDK ports might fail to start if the Linux host is running on some older CPU models, such as Intel(R) Xeon(R) CPU E5-2690 v4 @ 2.60 GHz and CPU E5504 @ 2.00 GHz.
-
The Linux host might crash if you unbind NIC ports bound to the DPDK module when BLX is running.
-
BLX with DPDK ports takes a little more time to restart than BLX without DPDK ports.
-
All DPDK-bound Linux ports are automatically dedicated to BLX and cannot be used for other DPDK Linux applications.
-
For VMXNET3 DPDK ports supported by BLX, you must specify the number of worker processes in the power of 2 (2ⁿ). For example, 1, 2, 4, 8, and so on.
-
BLX supports trunk mode or VLAN tagging only for DPDK ports.
Mellanox ports
-
BLX supports only one type of DPDK port at a time. For example, either all Mellanox ports or all Intel ports.
-
BLX supports only the MLX5 DPDK driver for Mellanox ports.
-
For more information about the MLX5 DPDK driver and its limitations, see the official MLX5 DPDK documentation.
-
For more information about Mellanox NICs and its limitations, see the official Mellanox documentation.
Other limitations and guidelines
-
When you set the host name of BLX using the
set ns hostname
command, the host name of the Linux host is also changed. -
When you restart BLX configured with the BLX managed host feature, all the active SSH sessions to the Linux host are closed. To restore the connection, you must retry connecting to the host.
-
In dedicated mode, the management HTTP or HTTPS port (
mgmt-http-port
ormgmt-https-port
) specified in theblx.conf
file is ignored. By default, 80 and 443 port numbers are dedicated for HTTP and HTTPS management access. To change these ports for BLX in dedicated mode, you must use the following NetScaler CLI command:set ns param (-mgmthttpport <value> | -mgmthttpsport <value>)
Example: The following command changes the management HTTP port to 2080.
set ns param -mgmthttpport 2080
-
If the firewall is enabled on the Linux host, you might have to add exceptions for the BLX management and SYSLOG ports.
-
BLX might take up to 45 seconds to start.
-
BLX configuration is stored in the
/nsconfig/ns.conf
file. For the configuration to be available across sessions, you must save the configuration after every configuration change.-
To view the running configuration by using the NetScaler CLI
At the command prompt, type the following:
show ns runningConfig
-
To save configurations by using the NetScaler CLI
At the command prompt, type the following:
save ns config
-
-
BLX configuration in
/nsconfig/ns.conf
takes precedence over the configuration in the/etc/blx/blx.conf
file. -
BLX does not start if the memory allocated is less than 1 GB per worker process.
-
When you install BLX, the
ip_forward
parameter is set to 1 on the Linux host. -
After you uninstall BLX, the configuration file (
blx.conf
) is retained and backed up asblx.conf.rpmsave
. To apply this backup configuration file to a newly installed BLX on the same Linux host, you must manually rename the file back toblx.conf
. -
We do not recommend running BLX on the following Ubuntu version because BLX might run into some packet drop-related issues.
Ubuntu version 16.04.5 with kernel version 4.4.0-131-generic
-
BLX supports a maximum of nine NIC ports (DPDK NIC ports, non-DPDK NIC ports, or a combination of both).
-
BLX deployed on Red Hat based Linux host might not start or function properly if the following condition is met:
-
SELinux
policy is enabled on the Linux host. SELinux prevents thesystemd
process from running some BLX system files.Workaround: Disable
SELinux
on the Linux host.
-
Unsupported NetScaler features in NetScaler BLX
- Admin partition
- Content optimization
- Custom monitors
- Hardware SSL offload
- Intermediate System-to-Intermediate System (IS-IS) routing protocol
- IPSec
- Jumbo frames
- Precision Time Protocol (PTP)
- Quality of Service (QoS)
- Routing Information Protocol (RIP)
- Routing Information Protocol Next Generation (RIPng)
- URL filtering