ADC

Configure a Citrix ADC VPX instance to use SR-IOV network interface

Note

Support for SR-IOV interfaces in a high availability setup is available from Citrix ADC release 12.0 57.19 onwards.

After you have created a Citrix ADC VPX instance on AWS, you can configure the virtual appliance to use SR-IOV network interfaces, by using AWS CLI.

In all Citrix ADC VPX models, except Citrix ADC VPX AWS Marketplace Editions of 3G and 5G, SR-IOV is not enabled in the default configuration of a network interface.

Before you start the configuration, read the following topics:

This section includes the following topics:

  • Change the Interface Type to SR-IOV
  • Configure SR-IOV on a High Availability Setup

Change the interface type to SR-IOV

You can run the show interface summary command to check the default configuration of a network interface.

Example 1: The following CLI screen capture shows the configuration of a network interface where SR-IOV is enabled by default  on Citrix ADC VPX AWS Marketplace Editions of 3G and 5G.

localized image

Example 2: The following CLI screen capture shows the default configuration of a network interface where SR-IOV is not enabled.

localized image

For more information about changing the interface type to SR-IOV, see http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/sriov-networking.html

To change the interface type to SR-IOV:

1. Shut down the Citrix ADC VPX instance running on AWS.

2. To enable SR-IOV on the network interface, type the following command in the AWS CLI.

$ aws ec2 modify-instance-attribute –instance-id <instance_id> –sriov-net-support simple

3. To check if SR-IOV has been enabled, type the following command in the AWS CLI.

$ aws ec2 describe-instance-attribute –instance-id <instance_id> –attribute sriovNetSupport

Example 3: Network interface type changed to SR-IOV, by using AWS CLI.

localized image

If SR-IOV is not enabled, value for SriovNetSupport is absent.

Example 4: In the following example, SR-IOV support is not enabled.

localized image

3. Power on the VPX instance. To see the changed status of the network interface, type “show interface summary” in CLI.

Example 5: The following screen capture shows the network interfaces with SR-IOV enabled. The interfaces 10/1, 10/2, 10/3 are SR-IOV enabled.

localized image

These steps complete the procedure to configure VPX instances to use SR-IOV network interfaces.

Configure SR-IOV on a high availability setup

 High availability is supported with SR-IOV interfaces from Citrix ADC release 12.0 build  57.19 onwards.

If the high availability setup was deployed manually or  by using the Citrix CloudFormation template for Citrix ADC version 12.0 56.20 and lower, the IAM role attached to the high availability setup must have the following privileges:

  • ec2:DescribeInstances
  • ec2:DescribeNetworkInterfaces
  • ec2:DetachNetworkInterface
  • ec2:AttachNetworkInterface
  • ec2:StartInstances
  • ec2:StopInstances
  • ec2:RebootInstances
  • autoscaling:*
  •  sns:*
  • sqs:*
  • iam:SimulatePrincipalPolicy
  • iam:GetRole

By default, the Citrix CloudFormation template for Citrix ADC version 12.0 57.19 automatically adds the required privileges to the IAM role.

Note

A high availability setup with SR-IOV Interfaces take around 100 seconds of down time.

Related resources:

For more information about IAM roles, see AWS documentation.

Configure a Citrix ADC VPX instance to use SR-IOV network interface