General architecture

NetScaler BLX is a software form factor of NetScaler and provides the same functionality as other form factors. It runs as a user space application on a Linux host.

BLX uses the Linux drivers for Rx/Tx of packets and for managing the NIC ports. Virtual Ethernet (veths) interfaces blx0 and blx1, created during the boot-up phase, are used for communication between the Linux host and BLX. For example, BLX uses veths to send log information to the syslog daemon on a Linux Host.

The network mode of BLX defines whether the NIC ports of the Linux host are shared with other Linux applications running on the host. You can configure BLX to run on one of the following network modes:

• Dedicated mode - The NIC ports of the Linux host are dedicated to BLX and are not shared with other Linux applications.
• Shared mode - The NIC ports of the Linux host are shared with other Linux applications.

NetScaler BLX in dedicated mode

In dedicated mode, the NIC ports of the Linux host specified in the blx.conf (boot-up config file of BLX) file are dedicated to BLX. These NIC ports are not shared with other applications running on the host. Only BLX can see the dedicated NIC ports.

The IP addressing scheme in dedicated mode is similar to a traditional NetScaler. BLX can have different IP addresses for NetScaler IP (NSIP), Virtual server IP (VIP), and Subnet IP (SNIP).

BLX receives the packets from the external network, processes the received packets, and responds directly through the configured dedicated Linux NIC ports. It has a full-fledged TCP/IP stack to process the packets, bypassing the TCP/IP stack of the Linux kernel. BLX interacts directly with the Linux kernel driver to pick the raw packets from the NIC ports.

Although BLX bypasses the network stack of the Linux kernel, there is still an overhead in transferring packets between Linux kernel memory and user space memory. This overhead affects the overall performance of packet processing. We recommend using the Data Plane Development Kit (DPDK) compatible NICs for high packet processing performance. For the list of DPDK-compatible NICs supported by BLX, see Hardware requirements of Linux host.

DPDK is a set of open-source Linux libraries and network interface controllers used for better network performance. For more information on DPDK, see the official DPDK website at https://www.dpdk.org/.

DPDK helps to bypass the kernel memory and delivers the packets directly to the user space memory for processing. DPDK combined with the Linux UIO module, allows BLX to receive and transmit packets without involving the Linux kernel overhead of copying packets from the kernel memory to the user space memory. Once memory is allocated, DPDK manages its buffer to achieve better performance.

Note:

BLX might start in a dedicated mode without DPDK support if one of the following conditions is met.

• BLX does not support the dedicated DPDK-compatible NIC ports.
• DPDK does not support the dedicated NIC ports.

NetScaler BLX in shared mode

In shared mode, the NIC ports of the Linux host are shared with other Linux applications to receive and transmit the packets. BLX is auto-assigned with the IP address of 192.0.0.1/24. This IP address is used for management and data traffic. All the NetScaler-owned IP addresses (for example, NSIP, SNIP, and VIP address) have the same IP address of 192.0.0.1 but with different port numbers. In other words, this single IP address (192.0.0.1) uses different port numbers to function as the NSIP, SNIP, and VIPs.

Because host Linux NIC ports are shared between BLX and other Linux applications, an IP table rule is added to NAT. This IP table rule is used to forward the traffic received on the host to BLX for further processing.

The Linux host translates the destination IP address of the received packet to the IP address (192.0.0.1) of BLX. BLX receives the packets through blx0 and blx1 virtual interfaces.

BLX processes the received packets and sends them to the Linux kernel through blx1 and blx0 virtual interfaces. The Linux host does NAT on these packets using the BLX IP NAT table and then sends them to the destination through the Linux NIC ports.

Note:

We do not recommend configuring BLX in shared mode for production setups.