Overview and architecture

NetScaler BLX appliance is a software form-factor of Citrix ADC. It is designed to run natively on bare-metal-Linux on commercial off the shelf servers (COTS).

Following are the benefits of using a BLX appliance:

  • Cloud-ready. BLX provides day-zero support for running on cloud.

    BLX appliances do not require any certifications to run on cloud because they run as a software application on Linux virtual machines provisioned on the cloud.

  • Easy-management. Standard tools available as part of the Linux operating system can be used to easily monitor and manage BLX appliances. BLX appliances can be easily plugged with an existing orchestration setup.

  • Seamless third-party tools integration. Open source tools (for example, monitoring, debugging, and logging) supported for Linux environments can be seamlessly integrated with BLX appliances. There is no need to develop separate plug-ins for each integration.

  • Coexistence of other applications. Because BLX appliances run as a software application, other Linux applications can also run on the same host.

  • DPDK support. BLX appliance supports Data Plane Development Kit (DPDK) integration for better performance. A BLX appliance uses the DPDK open source library to improve performance, and overcomes the Linux kernel bottleneck in packet processing.

General architecture

BLX appliance is a software form-factor of Citrix ADC, and provides the same functionality as of a traditional Citrix ADC appliance. A BLX appliance runs as a user space application in a Linux system. The BLX appliance uses the Linux drivers for Rx/Tx of packets and managing the NIC ports. Virtual interfaces blx0 and blx1, which are created during the BLX boot up phase, are used for communication between the kernel and the BLX appliance.

Architecture BLX

Network modes

Network mode of a BLX appliance defines whether the NIC ports of the Linux host are shared or not shared with other Linux applications running on the host. A BLX appliance can be configured to run on one of the following network modes:

  • Shared mode
  • Dedicated mode

Shared mode

A BLX appliance configured to run in shared mode, shares the Linux host NIC ports with other Linux applications.

Shared mode BLX

A BLX appliance in shared mode is auto-assigned the network address of 192.0.0.1/24.

A BLX appliance in shared mode operates with one single IP address that is used for management and data traffic. All the Citrix ADC owned IP addresses (for example, NSIP, SNIP, and VIP) have the same IP address of 192.0.0.1 but with different port numbers. In other words, this single IP address (192.0.0.1) uses different port numbers to function as the NSIP, SNIP, and VIPs.

Because the Linux NIC ports are shared between the BLX appliance and other Linux applications, an IP NAT table is added in the kernel for the BLX appliance. The Linux host uses this IP NAT table to recognize packets received on the Linux NIC ports belonging to the BLX appliance.

The Linux host then performs NAT by translating the destination IP address of the received packet to the IP address (192.0.0.1) of the BLX appliance. The BLX appliance receives the packets through blx0 and blx1 virtual interfaces (veth).

The BLX appliance processes the received packets and sends them to Linux kernel through blx1 and blx0 virtual interfaces. The Linux host performs NAT on these packets using the BLX IP NAT table, and then sends them out to the destination through the Linux NIC ports.

Dedicated mode

A BLX appliance configured in dedicated mode has dedicated Linux host NIC ports and it does not share the ports with other Linux applications.

Other Linux applications on the host do not see the Linux NIC ports dedicated to the BLX appliance.

Dedicated mode BLX

The IP addressing scheme on a BLX appliance in dedicated mode is similar to that of on a traditional Citrix ADC appliance. On a BLX appliance in dedicated mode, ADC owned IP addresses (for example, NSIP, SNIP, and VIPs) can have different IP addresses.

Unlike in shared mode, there is no NAT operation required for the BLX appliance in dedicated mode. The BLX appliance receives/responds packets directly from/to the external network device through the configured dedicated Linux NIC ports.

The BLX appliance in dedicated mode still uses blx0 and blx1 virtual interfaces (veths) to send SYSLOG and other management related information to the Linux kernel.

BLX appliance with Data Plane Development Kit (DPDK) support

A BLX appliance uses the traditional Linux drivers for Rx/Tx of packets and managing the NIC ports. The packets transmitted between the Linux kernel and the BLX appliance in the user space using the Linux drivers has several overheads. These overheads affect the performance of the BLX appliance.

The BLX appliance has a full TCP/IP stack to process any packet. If the BLX appliance has a speedy way of receiving packet from underlying Linux NIC ports then the network performance is improved.

Data Plane Development Kit (DPDK) can be used to overcome this bottleneck. DPDK is a set of open source Linux libraries and network interface controllers used for better network performance. For more information on DPDK, see the official DPDK website at https://www.dpdk.org/

DPDK BLX

DPDK helps in bypassing the kernel and directly delivers the packets into the user space application for further processing. DPDK, in combined with Linux UIO module, helps the BLX appliance to receive/transmit packet from/to the Linux NIC ports without involving the Linux kernel overhead of packet processing. Once memory is allocated, DPDK manages its own buffer to achieve better performance.

A BLX Appliance with DPDK support works only in dedicated network mode.

Overview and architecture