-
Configuration guide for Citrix Virtual Apps and Desktops workloads
-
-
Application route
-
This content has been machine translated dynamically.
Dieser Inhalt ist eine maschinelle Übersetzung, die dynamisch erstellt wurde. (Haftungsausschluss)
Cet article a été traduit automatiquement de manière dynamique. (Clause de non responsabilité)
Este artículo lo ha traducido una máquina de forma dinámica. (Aviso legal)
此内容已经过机器动态翻译。 放弃
このコンテンツは動的に機械翻訳されています。免責事項
이 콘텐츠는 동적으로 기계 번역되었습니다. 책임 부인
Este texto foi traduzido automaticamente. (Aviso legal)
Questo contenuto è stato tradotto dinamicamente con traduzione automatica.(Esclusione di responsabilità))
This article has been machine translated.
Dieser Artikel wurde maschinell übersetzt. (Haftungsausschluss)
Ce article a été traduit automatiquement. (Clause de non responsabilité)
Este artículo ha sido traducido automáticamente. (Aviso legal)
この記事は機械翻訳されています.免責事項
이 기사는 기계 번역되었습니다.책임 부인
Este artigo foi traduzido automaticamente.(Aviso legal)
这篇文章已经过机器翻译.放弃
Questo articolo è stato tradotto automaticamente.(Esclusione di responsabilità))
Translation failed!
Application Route
In a typical enterprise network, the branch offices access applications on the on-premises data center, the cloud data center, or the SaaS applications. The application routing feature, allows you to steer the applications through your network easily and cost-efficiently. For example, when a user on the branch site is trying to access a SaaS application the traffic can be routed such that the branch offices can access the SaaS applications on the internet directly, without having to go through the data center first.
Citrix SD-WAN allows you to define the application routes for the following services:
-
Virtual Path: This service manages traffic across the Virtual Paths. A Virtual Path is a logical link between two WAN links. It comprises a collection of WAN Paths combined to provide high service-level communication between two SD-WAN nodes. The SD-WAN appliance measures the network on a per-path basis and adapts to changing application demand and WAN conditions. A Virtual Path can be static (always exists) or dynamic (exists only when traffic between two SD-WAN Appliances reaches a configured threshold).
-
Internet: This service manages traffic between an Enterprise site and sites on the public Internet. Internet traffic is not encapsulated. When congestion occurs, the SD-WAN actively manages bandwidth by rate-limiting Internet traffic relative to the Virtual Path, and Intranet traffic.
-
Intranet: This service manages Enterprise Intranet traffic that has not been defined for transmission across a Virtual Path. Intranet traffic is not encapsulated. The SD-WAN manages bandwidth by rate-limiting this traffic relative to other service types during times of congestion. Under certain conditions, and if Intranet Fallback is configured on the Virtual Path, traffic that ordinarily travels through Virtual Path can instead be treated as Intranet traffic.
-
Local: This service manages traffic local to the site that matches no other service. SD-WAN ignores traffic sourced and destined to a local route.
-
GRE Tunnel: This service manages IP traffic destined for a GRE tunnel, and matches the LAN GRE tunnel configured at the site. The GRE Tunnel feature enables you to configure SD-WAN appliances to terminate GRE tunnels on the LAN. For a route with service type GRE Tunnel, the gateway must reside in one of the tunnel subnets of the local GRE tunnel.
-
LAN IPsec Tunnel: This service manages IP traffic destined for a LAN IPsec tunnel, and matches the LAN IPsec tunnel configured at the site. The LAN IPsec Tunnel feature enables you to configure SD-WAN Appliances to terminate IPsec tunnels on the LAN or WAN side.
To perform service steering for applications, it is important to identify an application on the first packet itself. Initially, the packets flow through the IP route once the traffic is classified and the application is known, the corresponding application route is used. First packet classification is achieved by learning the IP subnets and ports associated with application objects. These are obtained using historical classification results of the DPI classifier, and user configured IP port match types.
To view statistics data for the application routes:
-
In the SD-WAN GUI, navigate to Monitoring > Statistics.
-
From the Show drop-down list, select Application Routes.
You can view the following statistics:
- Application Object: Name of the application object.
- Gateway IP Address: The gateway IP address used by application objects with GRE Tunnel service type.
- Service: The service type mapped to the application object.
- Firewall Zone: The firewall zone that this route falls in.
- Reachable: The status of the application route.
- Site: Name of the site.
- Type: Indicates if the route is static or dynamic.
- Cost: The priority of the route.
- Hit Count: The number of times the application route is used to steer the traffic.
- Eligible: Is the application route eligible to send the traffic.
- Eligibility Type: The type of route eligibility condition applied to this route. The eligibility type can be Path, Gateway, or Tunnel.
- Eligibility Value: The value specified for the route eligibility condition.
Note
In the current release, applications that belong to application family, match type defined in application object, cannot be steered.
Troubleshooting
After creating the application route, you can confirm that the application is correctly routed to the intended service using the Monitoring section.
To view if the application is correctly routed to the intended service, navigate to the following pages:
- Monitoring > Statistics > Application Routes
- Monitoring > Flows
- Monitoring > Firewall
If there is any unexpected routing behavior, collect the STS diagnostics bundle while the issue is being observed, and share it with the Citrix Support team.
The STS bundle can be created and downloaded using Configuration > System Maintenance > Diagnostics > Diagnostic Information.
Share
Share
In this article
This Preview product documentation is Cloud Software Group Confidential.
You agree to hold this documentation confidential pursuant to the terms of your Cloud Software Group Beta/Tech Preview Agreement.
The development, release and timing of any features or functionality described in the Preview documentation remains at our sole discretion and are subject to change without notice or consultation.
The documentation is for informational purposes only and is not a commitment, promise or legal obligation to deliver any material, code or functionality and should not be relied upon in making Cloud Software Group product purchase decisions.
If you do not agree, select I DO NOT AGREE to exit.