Limitations and usage guidelines

The following are the limitations and some usage guidelines related to Citrix ADC BLX appliances.

  • The following are the limitations related to LA/LACP channels:
    • LA/LACP channels are not supported for shared mode NIC interfaces.
    • LA/LACP channels are supported only between dedicated NIC interfaces or only between DPDK NIC interfaces.
    • LA/LACP channels are not supported for blx1 and ns1 virtual interfaces.
  • High availability is supported for Citrix ADC BLX appliances only in dedicated mode.

  • High availability for ADC BLX appliances is not supported if the nsinternal user login is disabled.

  • Web application firewall (WAF) is supported only for ADC BLX in dedicated mode.

  • In a Citrix ADC BLX appliance deployed in dedicated mode, management HTTP or HTTPS port (mgmt-http-port or mgmt-https-port) settings specified in the BLX configuration file do not apply. By default, 9080 and 9443 port numbers are dedicated for HTTP and HTTPS management access.

    To change these ports for ADC BLX appliances in dedicated mode, you must use the Citrix ADC command:

    set ns param (-mgmthttpport <value> | -mgmthttpsport <value>).

    Example:

    set ns param -mgmthttpport 2080"

  • If firewall is enabled on the Linux host, then you might have to add exceptions for the Citrix ADC BLX management ports in addition to the SYSLOG ports.

  • A stable start for a Citrix ADC BLX appliance might take around 45 seconds.

  • Citrix ADC BLX configurations are stored in the /nsconfig/ns.conf file. For configurations to be available across sessions, you must save the configuration after every configuration change.

    To view the running configuration by using the Citrix ADC BLX CLI

    At the Citrix ADC BLX CLI prompt, type:

    show ns runningConfig

    To save configurations by using the Citrix ADC BLX CLI

    At the command prompt, type:

    save ns config

  • The Citrix ADC BLX configurations in /nsconfig/ns.conf take precedence over /etc/blx/blx.conf file.

  • A Citrix ADC BLX appliance does not start if the memory allocated is less than 1 GB per ADC BLX worker-processes.

  • The following system settings are changed on installing a Citrix ADC BLX appliance in Linux environment: ip_forward is set to 1.

  • After a Citrix ADC BLX appliance is uninstalled, BLX configuration file blx.conf is retained and backed up as blx.conf.rpmsave.

    To apply this backup configuration file to a newly installed Citrix ADC BLX appliance on the same Linux host, you must manually rename the file back to blx.conf

  • Citrix does not recommend running a Citrix ADC BLX appliance on the following Ubuntu version because the Citrix ADC BLX appliance might run into some packet drop related issues.

    Ubuntu version 16.04.5 with kernel version 4.4.0-131-generic

  • A Citrix ADC BLX appliance deployed on CentOS Linux version 8.0 host or Oracle Linux version 8.0 host might not start or function properly if the following condition is met:

    • SELinux policy is enabled on the Linux host. SELinux prevents the systemd process from running some Citrix ADC BLX system files.

    Workaround: Disable SELinux on the Linux host.

  • A Citrix ADC BLX appliance supports a maximum of nine NIC ports (DPDK NIC ports, or non-DPDK NIC ports, or both).

Limitations specific to a Citrix ADC BLX appliance with DPDK ports

  • A Citrix ADC BLX appliance with DPDK ports might fail to start on Linux hosts running on some older CPU models.

    Examples:

    • Intel(R) Xeon(R) CPU E5-2690 v4 @ 2.60 GHz

    • Intel(R) Xeon(R) CPU E5504 @ 2.00 GHz

  • The Linux host might crash if you unbind NICs bound to the DPDK module when the Citrix ADC BLX appliance is running.

  • A Citrix ADC BLX appliance with DPDK ports takes a little more time to restart as compared to a Citrix ADC BLX appliance without DPDK ports.

  • All DPDK bound Linux ports are automatically dedicated for the Citrix ADC BLX appliance and cannot be used for other DPDK Linux applications.
  • A Citrix ADC BLX appliance running on a Linux host VM in a VMware virtualization platform does not support VMXNET3 network ports as DPDK ports.

    By default, the VMXNET3 network ports specified as dedicated ports are added as DPDK ports on the Citrix ADC appliance but they don’t function as expected.

    Workaround:

    You can configure the Linux host VM so that VMXNET3 network ports are added as non-DPDK dedicated ports to the Citrix ADC BLX appliance.

    Perform the following steps by using the Linux host CLI:

    1. Add the following settings in the system map file/etc/blx/ns_static_drv_map_file for each wanted VMXNET3 network port:

       Status=Failed dpdk_test_init=Failed
       <!--NeedCopy-->
      

      Example:

       #cat /etc/blx/ns_static_drv_map_file
      
       Interface=ens2f1 Slot=0000:2f:00.1 Current_driver=vfio-pci Old_driver=igb Status=Failed dpdk_test_init=Failed
       <!--NeedCopy-->
      
    2. Restart the Citrix ADC BLX appliance.

       systemctl restart blx
       <!--NeedCopy-->
      

    After you restart the Citrix ADC BLX appliance, the VMXNET3 network ports are added as non-DPDK ports to the Citrix ADC BLX appliance.

  • The Citrix ADC appliance supports trunk mode or VLAN tagging only for DPDK ports.

Limitations of DPDK Mellanox ports in a Citrix ADC BLX appliance

  • A Citrix ADC BLX appliance supports only one type of DPDK ports at a time. For example, either all Mellanox ports or all Intel ports.

  • A Citrix ADC BLX appliance supports only the MLX5 DPDK driver for Mellanox ports.

  • For more information about the MLX5 DPDK driver and its limitations, see the official MLX5 DPDK documentation.

  • For more information about Mellanox NICs and its limitations, see the official Mellanox documentation.

Limitations and usage guidelines