High availability across different AWS availability zones

You can configure two Citrix ADC VPX instances on two different subnets or two different AWS availability zones, as a high availability active-passive pair in Independent Network Configuration (INC) mode. If for any reason, the primary node is unable to accept connections, the secondary node takes over.

For more information about high availability, see High availability. For more information about INC, see Configuring high availability nodes in different subnets.

Points to note

  • Read the following documents before you start your deployment:
  • The VPX high availability pair can either reside in the same availability zone in a different subnet or in two different AWS availability zones.
  • Citrix recommends that you use different subnets for management (NSIP), client traffic (VIP), and back-end server (SNIP).
  • High availability must be set in Independent Network Configuration (INC) mode for a failover to work.
  • The two instances must have port 3003 open for UDP traffic as that is used for heartbeats.
  • The management subnets of both the nodes must have access to internet or to AWS API server through internal NAT so that the rest APIs are functional.
  • IAM role must have E2 permission for the public IP or elastic IP (EIP) migration and EC2 Route Table permissions for the private IP migration.

You can deploy high availability across AWS availability zones in the following ways:

High availability across different AWS availability zones