-
-
Configuring Citrix ADC-owned IP addresses
-
Configuring ARP response Suppression for Virtual IP addresses (VIPs)
-
-
-
Configure to source Citrix ADC FreeBSD data traffic from a SNIP address
This content has been machine translated dynamically.
Dieser Inhalt ist eine maschinelle Übersetzung, die dynamisch erstellt wurde. (Haftungsausschluss)
Cet article a été traduit automatiquement de manière dynamique. (Clause de non responsabilité)
Este artículo lo ha traducido una máquina de forma dinámica. (Aviso legal)
此内容已经过机器动态翻译。 放弃
このコンテンツは動的に機械翻訳されています。免責事項
이 콘텐츠는 동적으로 기계 번역되었습니다. 책임 부인
Este texto foi traduzido automaticamente. (Aviso legal)
Questo contenuto è stato tradotto dinamicamente con traduzione automatica.(Esclusione di responsabilità))
This article has been machine translated.
Dieser Artikel wurde maschinell übersetzt. (Haftungsausschluss)
Ce article a été traduit automatiquement. (Clause de non responsabilité)
Este artículo ha sido traducido automáticamente. (Aviso legal)
この記事は機械翻訳されています.免責事項
이 기사는 기계 번역되었습니다.책임 부인
Este artigo foi traduzido automaticamente.(Aviso legal)
这篇文章已经过机器翻译.放弃
Questo articolo è stato tradotto automaticamente.(Esclusione di responsabilità))
Translation failed!
Configuring ARP response Suppression for Virtual IP addresses (VIPs)
You can configure the Citrix ADC appliance to respond or not respond to ARP requests for a Virtual IP (VIP) address on the basis of the state of the virtual servers associated with that VIP.
For example, if virtual servers V1, of type HTTP, and V2, of type HTTPs, share VIP address 10.102.29.45 on a Citrix ADC appliance, you can configure the appliance to not respond to any ARP request for VIP 10.102.29.45 if both V1 and V2 are in the DOWN state.
The following three options are available for configuring ARP-response suppression for a virtual IP address.
- NONE. The Citrix ADC appliance responds to any ARP request for the VIP address, irrespective of the state of the virtual servers associated with the address.
- ONE VSERVER. The Citrix ADC appliance responds to any ARP request for the VIP address if at least one of the associated virtual servers is in UP state.
- ALL VSERVER. The Citrix ADC appliance responds to any ARP request for the VIP address if all of the associated virtual servers are in UP state.
Following table shows the sample behavior of Citrix ADC appliance for a VIP configured with two virtual servers:
Associated virtual servers for a VIP | STATE 1 | STATE 2 | STATE 3 | STATE 4 |
---|---|---|---|---|
NONE | ||||
V1 | UP | UP | DOWN | DOWN |
V2 | UP | DOWN | UP | DOWN |
Respond to an ARP request for this VIP? | Yes | Yes | Yes | Yes |
ONE VSERVER | ||||
V1 | UP | UP | DOWN | DOWN |
V2 | UP | DOWN | UP | DOWN |
Respond to an ARP request for this VIP? | Yes | Yes | Yes | No |
ALL VSERVER | ||||
V1 | UP | UP | DOWN | DOWN |
V2 | UP | DOWN | UP | DOWN |
Respond to an ARP request for this VIP? | Yes | No | No | No |
Consider an example where you want to test the performance of two virtual servers, V1 and V2, which have the same VIP address but are of different types and are each configured on Citrix ADC appliances NS1 and NS2. Let’s call the shared VIP address VIP1.
V1 load balances servers S1, S2, and S3. V2 load balances servers S4 and S5.
On both NS1 and NS2, for VIP1, the ARP suppression parameter is set to ALL_VSERVER. If you want to test the performance of V1 and V2 on NS1, you must manually disable V1 and V2 on NS2, so that NS2 does not respond to any ARP request for VIP1.
Figure 1.
The execution flow is as follows:
- Client C1 sends a request to V1. The request reaches R1.
- R1 does not have an APR entry for the IP address (VIP1) of V1, so R1 broadcasts an ARP request for VIP1.
- NS1 replies with source MAC address MAC1 and source IP address VIP1. NS2 does not reply to the ARP request.
- SW1 learns the port for VIP1 from the ARP reply and updates its bridge table, and R1 updates the ARP entry with MAC1 and VIP1.
- R1 forwards the packet to address VIP1 on NS1.
- NS1’s load balancing algorithm selects server S2, and NS1 opens a connection between one of its SNIP addresses and S2. When S2 sends a response to the client, the response returns by the same path.
- Now you want to test the performance of V1 and V2 on NS2, so you enable V1 and V2 on NS2 and disable them on NS1. NS2 now broadcasts an ARP message for VIP1. In the message, MAC2 is the source MAC address and VIP1 is the source IP address.
- SW1 learns the port number for reaching MAC2 from the ARP broadcast and updates its bridge table to send subsequent client requests for VIP1 to NS2. R1 updates its ARP table.
- Now suppose the ARP entry for VIP1 times out in the ARP table of R1, and client C1 sends a request for V1. Because R1 does not have an APR entry for VIP1, it broadcasts an ARP request for VIP1.
- NS2 replies with a source MAC address and VIP1 as the source IP address. NS1 does not reply to the ARP request.
To configure ARP response suppression by using the CLI:
At the command prompt, type:
- set ns ip -arpResponse <arpResponse>]
- sh ns ip <IPAddress>
Example:
> set ns ip 10.102.29.96 -arpResponse ALL_VSERVERS
Done
<!--NeedCopy-->
To configure ARP response suppression by using the GUI:
- Navigate to System > Network > IPs > IPV4s.
- Open an IP address entry and select the type of ARP Response.
Share
Share
In this article
This Preview product documentation is Cloud Software Group Confidential.
You agree to hold this documentation confidential pursuant to the terms of your Cloud Software Group Beta/Tech Preview Agreement.
The development, release and timing of any features or functionality described in the Preview documentation remains at our sole discretion and are subject to change without notice or consultation.
The documentation is for informational purposes only and is not a commitment, promise or legal obligation to deliver any material, code or functionality and should not be relied upon in making Cloud Software Group product purchase decisions.
If you do not agree, select I DO NOT AGREE to exit.