Configuration of cluster ECMP by using Cisco Nexus 7000 switch with routing Protocol
With ECMP over a cluster setup, a Citrix ADC appliance is able to handle the traffic through a routing protocol. The ECMP mechanism helps in advertising the virtual server IP addresses through all active cluster nodes.
To use ECMP, you must first enable the BGP protocol on the cluster IP address. Bind the interfaces and the spotted IP address (with dynamic routing enabled) to a VLAN. Configure the selected routing protocol and redistribute the kernel routes on the ZebOS by using the VTYSH shell.
Use Case: Cluster ECMP by using Cisco Nexus 7000 switch with routing Protocol
Consider an example of a cluster deployment with a Cisco Nexus 7000 switch:
- Two Citrix ADC appliances (Node 1 and Node 2), connected to the Nexus switch (upstream).
- Two Cisco Nexus 7000 switch.
- Client and server (drawing HTTP traffic through the Nexus switch). With Hot Standby Router Protocol (HSRP) enabled on the client-side.
Prerequisites
Consider the following points before configuring cluster nodes on a Citrix ADC appliance.
- All appliances must be of the same platform type.
- Border Gateway Protocol (BGP) must be enabled on the cluster nodes.
Configuring by using the CLI on a Citrix ADC appliance
-
Log on to an appliance (for example, appliance with NSIP address 1.1.1.1)
-
To add a cluster node.
add cluster node 0 1.1.1.2 –state ACTIVE –backplane 0/10/8
-
To add the cluster IP address
add ns ip 1.1.1.10 255.255.255.254 –type clip
-
Save the configuration
save ns config
-
Warm reboot the appliance
reboot -warm
-
To add node 1 using CLIP
add cluster node 1 2.2.2.2 –state ACTIVE –backplane 1/10/8
-
To join a node to the cluster
join cluster –clip 1.1.1.10 –password nsroot
-
Perform the following configuration on CLIP
-
enable ns feature bgp ospf DYNAMICROUTING
-
add ns ip 11.1.1.3 255.255.255.254 –dynamicRouting ENABLED –ownerNode 0
-
add ns ip 11.1.1.7 255.255.255.254 –dynamicRouting ENABLED –ownerNode 0
-
add ns ip 11.1.1.5 255.255.255.254 –dynamicRouting ENABLED –ownerNode 1
-
add ns ip 11.1.1.9 255.255.255.254 –dynamicRouting ENABLED –ownerNode 1
-
On the Cisco Nexus router (11.1.1.2/31 and 11.1.1.4/31), you must perform the following configurations by using the command line:
feature ospf
feature bgp
feature interface-vlan
-
feature hsrp
> interface vlan100 no shutdown ip address 50.1.1.1/8 hsrp 50 ip 50.50.50.50 > interface Ethernet 4/15 ip address 11.1.1.2/31 no shutdown > interface Ethernet 4/19 ip address 11.1.1.4/31 no shutdown > interface Ethernet 4/22 switchport switchport access vlan 100
On the Cisco Nexus router (11.1.1.6/31 and 11.1.1.8/31), you must perform the following configurations by using the command line:
feature ospf
feature bgp
feature interface-vlan
-
feature hsrp
> interface vlan100 no shutdown no ip redirects ip address 50.1.1.2/8 hsrp 50 ip 50.50.50.50 > interface Ethernet 4/13 ip address 11.1.1.6/31 no shutdown > interface Ethernet 4/15 ip address 11.1.1.8/31 no shutdown > interface Ethernet 4/22 switchport switchport access vlan 100
For the BGP protocol, you must perform the following configurations on CLIP of the Citrix ADC appliance:
> vtysh
ns# router bgp 1
redistribute kernel
owner-node 0
neighbor 11.1.1.2 remote-as 2
neighbor 11.1.1.2 as-origination-interval 1
neighbor 11.1.1.2 advertisement-interval 0
neighbor 11.1.1.6 remote-as 2
neighbor 11.1.1.6 as-origination-interval 1
neighbor 11.1.1.6 advertisement-interval 0
owner-node 1
neighbor 11.1.1.4 remote-as 2
neighbor 11.1.1.4 as-origination-interval 1
neighbor 11.1.1.4 advertisement-interval 0
neighbor 11.1.1.8 remote-as 2
neighbor 11.1.1.8 as-origination-interval 1
neighbor 11.1.1.8 advertisement-interval 0
exit-owner-node
Perform the following configurations on the Cisco Nexus router (11.1.1.3 and 11.1.1.5)
> ip access-list acl1
10 permit ip 50.0.0.0/8 any
route-map test permit
match ip address acl1
router bgp 2
address-family ipv4 unicast
redistribute direct route-map test
maximum-paths 2
neighbor 11.1.1.3 remote-as 1
address-family ipv4 unicast
neighbor 11.1.1.5 remote-as 1
address-family ipv4 unicast
Perform the following configurations on the Cisco Nexus router (11.1.1.7 and 11.1.1.9)
> ip access-list acl1
10 permit ip 50.0.0.0/8 any
route-map test permit 1
match ip address acl1
router bgp 2
address-family ipv4 unicast
redistribute direct route-map test
maximum-paths 2
neighbor 11.1.1.7 remote-as 1
address-family ipv4 unicast
neighbor 11.1.1.9 remote-as 1
address-family ipv4 unicast
For the OSPF protocol, you must perform the following configurations on CLIP of the Citrix ADC appliance:
> vtysh
ns# router osfp 1
redistribute kernel
owner-node 0
network 15.1.1.2/31 area 0
network 15.1.1.6/31 area 0
exit-owner-node
owner-node 1
network 15.1.1.4/31 area 0
network 15.1.1.8/31 area 0
exit-owner-node
route-map map2 permit 1
set metric 10
On the Cisco Nexus router (11.1.1.2/31 and 11.1.1.4/31), you must perform the following configurations by using the command line:
> route-map- map2 permit 1
set metric 10
interface Ethernet4/15
ip address 15.1.1.2/31
ip router ospf 1 area 0.0.0.0
no shutdown
interface Ethernet4/19
ip address 15.1.1.4/31
ip router ospf 1 area 0.0.0.0
no shutdown
router ospf 1
router-id 1.1.1.1
redistribute direct route-map map2
On the Cisco Nexus router (11.1.1.7/31 and 11.1.1.9/31), you must perform the following configurations by using the command line:
> route-map- map2 permit 1
set metric 10
interface Ethernet4/13
ip address 15.1.1.6/31
ip router ospf 1 area 0.0.0.0
no shutdown
interface Ethernet4/15
ip address 15.1.1.8/31
ip router ospf 1 area 0.0.0.0
no shutdown
router ospf 1
router-id 1.1.1.2
redistribute direct route-map map2