Citrix Systems 4.2 Switch User Manual


 
Chapter 16. Managing Networks and Traffic
182
services if a NetScaler device is deployed in your zone. Consider the following illustration for more
details.
In the illustration, a NetScaler appliance is the default entry or exit point for the CloudPlatform
instances, and firewall is the default entry or exit point for the rest of the data center. Netscaler
provides LB services and staticNAT service to the guest networks. The guest traffic in the pods and
the Management Server are on different subnets / VLANs. The policy-based routing in the data center
core switch sends the public traffic through the NetScaler, whereas the rest of the data center goes
through the firewall.
The EIP work flow is as follows:
When a user VM is deployed, a public IP is automatically acquired from the pool of public IPs
configured in the zone. This IP is owned by the VM's account.
Each VM will have its own private IP. When the user VM starts, Static NAT is provisioned on the
NetScaler device by using the Inbound Network Address Translation (INAT) and Reverse NAT
(RNAT) rules between the public IP and the private IP.