Appliance failure handled in various deployment modes

Citrix SD-WAN WANOP appliances have safeguards against loss of connectivity in case of software, hardware, and power failures. These safeguards are mode-dependent.

In inline mode, appliances maintain network continuity in the event of hardware, software, or power failure. If present, the bypass relay in the appliance closes if power is lost or some other failure occurs. Inline appliances without a bypass card usually block traffic in the event of a serious failure, but they continue to forward traffic under some conditions, namely, when the network stack is running but the acceleration software has been disabled or has shut itself down because of persistent errors.

Existing accelerated connections usually become unresponsive after a failure and are eventually terminated by the application or the network stack at one of the end points. Some accelerated connections might continue as unaccelerated connections after the failure. New connections run in unaccelerated mode.

When the appliance comes back online, existing connections continue as unaccelerated connections. New connections are accelerated.

In WCCP mode, the router bypasses an appliance that stops responding, and reopens the connection when the appliance begins responding again. The WCCP protocol has integral health-checking.

If the “verify-availability” option is used with virtual inline mode, the router behaves like it does with WCCP mode, bypassing the appliance when it is not available and reconnecting when it is. If “verify-availability” is not used, all packets forwarded to the appliance are dropped if the appliance is not available.

In group mode, an appliance can be configured to fail “open” (bridging disabled) or “closed” (bridging or bypass relay enabled).

In high availability mode, if one HA appliance fails, the other takes over automatically. The appliances’ bypass cards are disabled in HA mode, so if the HA appliances are in inline mode and both appliances fail, connectivity is lost.

In redirector mode, the Citrix SD-WAN WANOP Plug-in performs health checking on redirector-mode appliances and bypasses unresponsive appliances, sending traffic directly to endpoint servers instead.

Appliance failure handled in various deployment modes