Limitations and usage guidelines
The following limitations and usage guidelines apply when deploying a Citrix® ADC VPX instance on AWS:
- Before you start, read the AWS terminology section in Deploy a Citrix ADC VPX instance on AWS.
- The clustering feature is not supported for VPX.
- For the high availability setup to work effectively, associate a dedicated NAT device to management Interface or associate EIP to NSIP. For more information on NAT, in the AWS documentation, see NAT Instances.
- Data traffic and management traffic must be segregated with ENIs belonging to different subnets.
- Only the NSIP address must be present on the management ENI.
- If a NAT instance is used for security instead of assigning an EIP to the NSIP, appropriate VPC level routing changes are required. For instructions on making VPC level routing changes, in the AWS documentation, see Scenario 2: VPC with Public and Private Subnets.
- A VPX instance can be moved from one EC2 instance type to another (for example, from m3.large to an m3.xlarge).
- For storage options for VPX on AWS, Citrix recommends EBS, because it is durable and the data is available even after it is detached from instance.
- Dynamic addition of ENIs to VPX is not supported. Restart the VPX instance to apply the update. Citrix recommends you to stop the standalone or HA instance, attach the new ENI, and then restart the instance.
- You can assign multiple IP addresses to an ENI. The maximum number of IP addresses per ENI is determined by the EC2 instance type, see the section “IP Addresses Per Network Interface Per Instance Type” in Elastic Network Interfaces. You must allocate the IP addresses in AWS before you assign them to ENIs. For more information, see Elastic Network Interfaces.
- Citrix recommends that you avoid using the enable and disable interface commands on Citrix ADC VPX interfaces.
- The Citrix ADC set ha node \<NODE\_ID\> -haStatus STAYPRIMARYandset ha node \<NODE\_ID\> -haStatus STAYSECONDARYcommands are disabled by default.
- IPv6 is not supported for VPX.
- Due to AWS limitations, these features are not supported:
    - Gratuitous ARP(GARP)
- L2 mode
- Tagged VLAN
- Dynamic Routing
- Virtual MAC (VMAC)
 
- For RNAT to work, ensure Source/Destination Check is disabled. For more information, see “Changing the Source/Destination Checking” in Elastic Network Interfaces.
- 
    In a Citrix ADC VPX deployment on AWS, in some AWS regions, the AWS infrastructure might not be able to resolve AWS API calls. This happens if the API calls are issued through a nonmanagement interface on the Citrix ADC VPX instance. 
 As a workaround, restrict the API calls to the management interface only. To do that, create a NSVLAN on the VPX instance and bind the management interface to the NSVLAN by using the appropriate command. For example: set ns config -nsvlan <vlan id> -ifnum 1/1 -tagged NO save config Restart the VPX instance at the prompt. For more information about configuring NSVLAN, see Configuring NSVLAN.
- In the AWS console, the vCPU usage shown for a VPX instance under the Monitoring tab might be high (up to 100 percent), even when the actual usage is much lower. To see the actual vCPU usage, use the VPX GUI or CLI.