NetScaler VPX

Configure Azure route server with NetScaler VPX HA pair

August 28, 2024

Contributed by:

You can configure Azure route server with NetScaler VPX instance to exchange the VIP routes configured with virtual network using the BGP protocol. The NetScaler can be deployed in standalone or in HA-INC mode, and then configured with BGP. This deployment doesn’t require an Azure load balancer (ALB) in front of the ADC HA pair.

The following diagram depicts how a VPX HA topology is integrated with the Azure route server. Each of the ADC instances has 3 interfaces: one for management, one for client traffic, and one for server traffic.

VPX HA topology with the Azure route server

The topology diagram uses the following IP addresses.

Sample IP configuration for primary ADC instance:

NSIP: 10.0.0.4/24
SNIP on 1/1: 10.0.1.4/24
SNIP on 1/2: 10.0.2.4/24
VIP: 172.168.1.1/32
<!--NeedCopy-->

Sample IP configuration for secondary ADC instance:

NSIP: 10.0.0.5/24
SNIP on 1/1: 10.0.1.5/24
SNIP on 1/2: 10.0.2.5/24
VIP: 172.168.1.1/32
<!--NeedCopy-->

Prerequisites

You must be familiar with the following information before deploying a NetScaler VPX instance on Azure.

Azure terminology and network details. For more information, see Azure terminology.
Overview of Azure Route Server. For more information, see What is Azure Route Server?.
Working of a NetScaler appliance. For more information, see NetScaler documentation.
NetScaler networking. For more information, see the ADC Networking.

How to configure an Azure route server with NetScaler VPX HA pair

Create a route server in the Azure portal. For more information, see Create and configure a Route Server using the Azure portal.

In the following example, subnet 10.0.3.0/24 is used for deploying Azure server. Once the route server is created, get the route server IP addresses, for example: 10.0.3.4, 10.0.3.5.
Set up peering with network virtual appliance (NVA) in the Azure portal. Add your NetScaler VPX instance as the NVA. For more information, see Set up peering with NVA.

In the following example, the ADC SNIP on 1/1 interfaces: 10.0.1.4 and 10.0.1.5, and the ASN: 400 and 500, are used while adding the peer.
Add two NetScaler VPX instances for the HA configuration.

Complete the following steps:
1. Deploy two VPX instances (primary and secondary instances) on Azure.
2. Add client and server NIC on both the instances.
3. Configure HA settings on both instances by using the NetScaler GUI.

Configure dynamic routing in the primary ADC instance.

Sample configuration:

enable ns mode L3 MBF USNIP SRADV DRADV  PMTUD
enable ns feature LB BGP
add ns ip 10.0.1.4 255.255.255.0 -vServer DISABLED -dynamicRouting ENABLED
VTYSH
configure terminal
router BGP 400
timers bgp 1 3
neighbor 10.0.3.4 remote-as 65515
neighbor 10.0.3.4 advertisement-interval 3
neighbor 10.0.3.4 fall-over  bfd
neighbor 10.0.3.5 remote-as 65515
neighbor 10.0.3.5 advertisement-interval 3
neighbor 10.0.3.5 fall-over  bfd
address-family ipv4
redistribute kernel
redistribute static
<!--NeedCopy-->

Configure dynamic routing in the secondary ADC instance.

Sample configuration:

enable ns mode L3 MBF USNIP SRADV DRADV  PMTUD
enable ns feature LB BGP
add ns ip 10.0.1.5 255.255.255.0 -vServer DISABLED -dynamicRouting ENABLED
VTYSH
configure terminal
router BGP 500
timers bgp 1 3
neighbor 10.0.3.4 remote-as 65515
neighbor 10.0.3.4 advertisement-interval 3
neighbor 10.0.3.4 fall-over  bfd
neighbor 10.0.3.5 remote-as 65515
neighbor 10.0.3.5 advertisement-interval 3
neighbor 10.0.3.5 fall-over  bfd
address-family ipv4
redistribute kernel
redistribute static
<!--NeedCopy-->

Verify the BGP peers established using the BGP commands in the VTY shell interface. For more information, see Verifying the BGP Configuration.
```
show ip bgp neighbors

```
Configure LB virtual server in the primary ADC instance.

Sample configuration:
```
add ns ip 172.16.1.1 255.255.255.255 -type VIP -hostRoute ENABLED
add lbvserver v1 HTTP 172.16.1.1 80
add service s1 10.0.2.6 HTTP 80
bind lbvserver v1 s1
enable ns feature lb

```
A client in the same virtual network as of the NetScaler VPX instance can now access the LB virtual server. In this case, the NetScaler VPX instance advertises the VIP route to the Azure route server.

The official version of this content is in English. Some of the Cloud Software Group documentation content is machine translated for your convenience only. Cloud Software Group has no control over machine-translated content, which may contain errors, inaccuracies or unsuitable language. No warranty of any kind, either expressed or implied, is made as to the accuracy, reliability, suitability, or correctness of any translations made from the English original into any other language, or that your Cloud Software Group product or service conforms to any machine translated content, and any warranty provided under the applicable end user license agreement or terms of service, or any other agreement with Cloud Software Group, that the product or service conforms with any documentation shall not apply to the extent that such documentation has been machine translated. Cloud Software Group will not be held responsible for any damage or issues that may arise from using machine-translated content.

Was this helpful

Configure Azure route server with NetScaler VPX HA pair

August 28, 2024

Contributed by:

August 28, 2024

Contributed by:

Configure Azure route server with NetScaler VPX HA pair

Prerequisites

How to configure an Azure route server with NetScaler VPX HA pair

In this article