ADC

Common network topologies

As described in the “Physical deployment mode” section in Where does a Citrix ADC appliance fit in the network?, you can deploy the Citrix ADC appliance either inline between the clients and servers or in one-arm mode. Inline mode uses a two-arm topology, which is the most common type of deployment.

Set up a common two-arm topology

In a two-arm topology, one network interface is connected to the client network and another network interface is connected to the server network, ensuring that all traffic flows through the appliance. This topology might require you to reconnect your hardware and also might result in a momentary downtime. The basic variations of two-arm topology are multiple subnets, typically with the appliance on a public subnet and the servers on a private subnet, and transparent mode, with both the appliance and the servers on the public network.

Set up a simple two-arm multiple subnet topology

One of the most commonly used topologies has the Citrix ADC appliance inline between the clients and the servers, with a virtual server configured to handle the client requests. This configuration is used when the clients and servers reside on different subnets. In most cases, the clients and servers reside on public and private subnets, respectively.

For example, consider an appliance deployed in two-arm mode for managing servers S1, S2, and S3, with a virtual server of type HTTP configured on the appliance, and with HTTP services running on the servers. The servers are on a private subnet and a SNIP is configured on the appliance to communicate with the servers. The Use SNIP (USNIP) option must be enabled on the appliance so that it uses the SNIP instead of the MIP.

As shown in the following figure, the VIP is on public subnet 217.60.10.0, and the NSIP, the servers, and the SNIP are on private subnet 192.168.100.0/24.

Figure 1. Topology Diagram for Two-Arm Mode, Multiple Subnets

image

To deploy a Citrix ADC appliance in two-arm mode with multiple subnets, follow these steps:

  1. Configure the NSIP and default gateway, as described in Configuring the NetScaler IP Address (NSIP).
  2. Configure the SNIP, as described in Configuring Subnet IP Addresses.
  3. Enable the USNIP option, as described in To enable or disable USNIP mode section.
  4. Configure the virtual server and the services, as described in Creating a Virtual Server section and Configuring Services section.
  5. Connect one of the network interfaces to a private subnet and the other interface to a public subnet.

Set up a simple two-arm transparent topology

Use transparent mode if the clients need to access the servers directly, with no intervening virtual server. The server IP addresses must be public because the clients need to be able to access them. In the example shown in the following figure, a Citrix ADC appliance is placed between the client and the server, so the traffic must pass through the appliance. You must enable L2 mode for bridging the packets. The NSIP and MIP are on the same public subnet, 217.60.10.0/24.

Figure 2. Topology Diagram for Two-Arm, Transparent Mode

image

To deploy a Citrix ADC appliance in two-arm, transparent mode, follow these steps

  1. Configure the NSIP and default gateway, as described in Configuring the NetScaler IP Address (NSIP).
  2. Enable L2 mode, as described in Enabling and Disabling Layer 2 Mode.
  3. Configure the default gateway of the managed servers as the MIP.
  4. Connect the network interfaces to the appropriate ports on the switch.

Set up common one-arm topologies

The two basic variations of one-arm topology are with a single subnet and with multiple subnets.

Set up a simple one-arm single subnet topology

You can use a one-arm topology with a single subnet when the clients and servers reside on the same subnet. For example, consider a Citrix ADC appliance deployed in one-arm mode for managing servers S1, S2, and S3. A virtual server of type HTTP is configured on an ADC appliance, and HTTP services are running on the servers. As shown in the following figure, the Citrix ADC IP address (NSIP), the Mapped IP address (MIP), and the server IP addresses are on the same public subnet, 217.60.10.0/24.

Figure 3. Topology Diagram for One-Arm Mode, Single Subnet

image

To deploy a Citrix ADC appliance in one-arm mode with a single subnet, follow these steps:

  1. Configure the NSIP and the default gateway, as described in, as described in Configuring the Citrix ADC IP Address (NSIP).
  2. Configure the virtual server and the services, as described in Creating a Virtual Server section and Configuring Services section.

  3. Connect one of the network interfaces to the switch.

Set up a simple one-arm multiple subnet topology

You can use a one-arm topology with multiple subnets when the clients and servers reside on the different subnets. For example, consider a Citrix ADC appliance deployed in one-arm mode for managing servers S1, S2, and S3, with the servers connected to switch SW1 on the network. A virtual server of type HTTP is configured on the appliance, and HTTP services are running on the servers. These three servers are on the private subnet, so a subnet IP address (SNIP) is configured to communicate with them. The Use Subnet IP address (USNIP) option must be enabled so that the appliance uses the SNIP instead of a MIP. As shown in the following figure, the virtual IP address (VIP) is on public subnet 217.60.10.0/24; the NSIP, SNIP, and the server IP addresses are on private subnet 192.168.100.0/24.

Figure 4. Topology Diagram for One-Arm Mode, Multiple Subnets

image

To deploy a Citrix ADC appliance in one-arm mode with multiple subnets, follow these steps:

  1. Configure the NSIP and the default gateway, as described in Configuring the NetScaler IP Address (NSIP).
  2. Configure the SNIP and enable the USNIP option, as described in Configuring Subnet IP Addresses.

  3. Configure the virtual server and the services, as described in Creating a Virtual Server section and Configuring Services section.
  4. Connect one of the network interfaces to the switch.
Common network topologies