Citrix SD-WAN WANOP 11.4

Enabling Group Mode

To enable group mode, create a group of two or more appliances. An appliance can be a member of only one group. Group members are identified by IP address and the SSL common name in the appliance license.

All group mode parameters are on the Settings: Group Mode page, in the Configure Settings: Group Mode table.

Figure 1. Group Mode Page

localized image

To enable group mode

  1. Select the address to use for group communication. At the top of the Group Mode Configuration table on the Configuration: Advanced Deployments: Group Mode tab, the table cell under Member VIP contains the management address of the port used to communicate with other group members. Use the (unlabeled) drop-down menu to select the correct address (for example, to use the Aux1 port, select the IP address you assigned to the Aux1 port). Then, click Change VIP.
  2. Add at least one more group member to the list. (Groups of three or more are supported but are rarely used.) In the next cell of the Member VIP column, type the IP address of the port used by the other appliance for group-mode communication.
  3. Type the other group member’s SSL common name in the SSL Common Name column. The SSL common name is listed on the other appliance’s Configure: Advanced Deployments: High Availability tab. If the other group member is a high-availability pair, the name listed is the SSL common name of the primary appliance.

    Note:

    If the local appliance is not part of a high-availability pair, the first cell in the high availability Secondary SSL Common Name is blank.If the other group member is a high-availability pair, specify the SSL Common Name of the high availability secondary appliance in the high availability Secondary SSL Common Name column.

  4. Click Add.
  5. Repeat steps 2-4 for any additional appliances or high-availability pairs in the group.
  6. The three buttons under the list of group members are toggles, so each is labeled as the opposite of its current setting:
    1. The top button reads either, Do not accelerate when member failure is detected or Continue to accelerate when member failure is detected. The “Do not accelerate…” setting always works and does not block traffic, but if any member fails, the other group members go into bypass mode, which causes a complete loss of acceleration. With the “Continue to accelerate” option, the failing appliance’s bridge becomes an open circuit, and the link fails. This option is appropriate if the WAN router responds by causing a failover. New connections, and open connections belonging to the surviving appliances, are accelerated.
    2. The bottom button should now be labeled Disable Group Mode. If it is not, enable group mode by clicking the button.
  7. Refresh the screen. The top of the page should list the group mode partners, but display warnings about their status, because they haven’t been configured for group mode yet. For example, it might indicate that the partner cannot be found or is running a different software release.
  8. Repeat this procedure with the other members of the group. Within 20 seconds after enabling the last member of the group, the Group Mode Status line should show NORMAL, and the other group mode members should be listed with Status: On-Line and Configuration: OK.
Enabling Group Mode