Citrix Systems 4.2 Switch User Manual


 
About Using a NetScaler Load Balancer
155
An external Juniper SRX or Cisco ASA can be used for:
Source NAT
Static NAT
Firewall
Port forwarding
A NetScaler or F5 can be used for:
Load balancing
For details about installing and setting up these external network service providers, see the
CloudPlatform Installation Guide.
16.7.1. About Using a NetScaler Load Balancer
Citrix NetScaler is supported as an external network element for load balancing in zones that use
isolated networking in advanced zones. Set up an external load balancer when you want to provide
load balancing through means other than CloudPlatform’s provided virtual router.
Note
In a Basic zone, load balancing service is only supported if Elastic IP or Elastic LB services are
enabled.
When NetScaler load balancer is used to provide EIP or ELB services in a Basic zone, ensure that all
guest VM traffic must enter and exit through the NetScaler device. When inbound traffic goes through
the NetScaler device, traffic is routed by using the NAT protocol depending on the EIP/ELB configured
on the public IP to the private IP. The traffic that is originated from the guest VMs usually goes through
the layer 3 router. To ensure that outbound traffic goes through NetScaler device providing EIP/ELB,
layer 3 router must have a policy-based routing. A policy-based route must be set up so that all traffic
originated from the guest VM's are directed to NetScaler device. This is required to ensure that the
outbound traffic from the guest VM's is routed to a public IP by using NAT. For more information on
Elastic IP, see Section 16.18, “About Elastic IP”.
The NetScaler can be set up in direct (outside the firewall) mode. It must be added before any load
balancing rules are deployed on guest VMs in the zone.
The functional behavior of the NetScaler with CloudPlatform is the same as described in the
CloudPlatform documentation for using an F5 external load balancer. The only exception is that the F5
supports routing domains, and NetScaler does not. NetScaler can not yet be used as a firewall.
To install and enable an external load balancer for CloudPlatform management, see External Guest
Load Balancer Integration in the Installation Guide.
The Citrix NetScaler comes in three varieties. The following table summarizes how these variants are
treated in CloudPlatform.
NetScaler ADC Type Description of Capabilities CloudPlatform Supported
Features
MPX Physical appliance. Capable of
deep packet inspection. Can
In advanced zones, load
balancer functionality fully