Routing in a cluster

Routing in a cluster works in much the same way as routing in a standalone system. A few points to note:

  • All routing configurations must be performed from the cluster IP address and the configurations are propagated to the other cluster nodes.

  • Routes are limited to the maximum number of ECMP routes supported by the upstream router.

  • Node-specific routing configurations must be performed by using the owner-node argument as follows:

  router ospf
    owner-node 0
      ospf router-id 97.131.0.1
    exit-owner-node
  !

The following command displays the consolidated cluster configuration for all nodes in VTYSH.

show cluster-config

The following command displays the cluster status on each node.

show cluser node

IPv4 routing in L2 cluster

The following section contains sample configurations that help you to configure IPv4 OSPF and BGP routing in L2 cluster.

Adding spotted SNIP address and enabling dynamic routing

In the following configuration, OSPF, and BGP routing are enabled. Also, spotted SNIP addresses are added and dynamic routing is enabled on these SNIP addresses.

en ns fea ospf bgp
add vlan 10
add ns ip 10.10.10.1 255.255.255.0 -dynamicrouting enabled -ownernode 1
add ns ip 10.10.10.2 255.255.255.0 -dynamicrouting enabled -ownernode 2
add ns ip 10.10.10.3 255.255.255.0 -dynamicrouting enabled -ownernode 3
bind vlan 10 -ipaddress 10.10.10.1 255.255.255.0

VTYSH IPv4 OSPF configuration

For configuring IPv4 OSPF in L2 cluster, you must

  • Set the priority to zero.
  • Configure the Router-id as a spotted configuration.

Note

The OSPF configuration guidelines for L2 cluster are applicable for OSPFv3 also.

In the following sample configuration IPv4 OSPF is configured.

      interface vlan10
       IP OSPF PRIORITY 0
       !
      router ospf
          owner-node 1
            ospf router-id 97.131.0.1
          exit-owner-node
          owner-node 2
            ospf router-id 97.131.0.2
          exit-owner-node
          owner-node 3
            ospf router-id 97.131.0.3
          exit-owner-node
      network 10.10.10.0/24 area 0
      redistribute kernel
       !

VTYSH IPv4 BGP configuration

In the following VTYSH sample configuration, IPv4 BGP is configured.

    router bgp 100
      neighbor 10.10.10.10 remote-as 200
     owner-node 1
      neighbor 10.10.10.10 update-source 10.10.10.1
     exit-owner-node
     owner-node 2
      neighbor 10.10.10.10 update-source 10.10.10.2
     exit-owner-node
     owner-node 3
      neighbor 10.10.10.10 update-source 10.10.10.3
     exit-owner-node
    redistribute kernel
    !

Note

The update-source command is used for each neighbor with owner-node argument in the following configuration to connect with proper source IP.

IPv6 routing in L2 cluster

The following section contains sample configurations that help you to configure IPv6 OSPF and BGP routing in L2 cluster.

Enable IPv6 routing

Before configuring IPv6 routing in a L2 cluster, you must enable the IPv6 feature.

To enable IPv6 routing by using the CLI,

At the command prompt, type:

  • enable ns fea ipv6pt

Adding spotted SNIP6 address and enabling dynamic routing

In the following configuration, OSPF, and BGP routing are enabled. Also, spotted SNIP6 addresses are added and dynamic routing is enabled on these SNIP6 addresses.

add ns ip6 3ffa::1/64 -dynamicrouting enabled -ownernode 1
add ns ip6 3ffa::2/64 -dynamicrouting enabled -ownernode 2
add ns ip6 3ffa::3/64 -dynamicrouting enabled -ownernode 3
add vlan 10
bind vlan 10 -ipaddress 3ffa::1/64

VTYSH IPv6 BGP configuration

In the following VTYSH sample configuration, IPv6 BGP is configured.

  router bgp 100
   neighbor 3ffa::10 remote-as 200
     owner-node 1
      neighbor 3ffa::10 update-source 3ffa::1
     exit-owner-node
     owner-node-2
      neighbor 3ffa::10 update-source 3ffa::2
     exit-owner-node
     owner-node-3
      neighbor 3ffa::10 update-source 3ffa::3
     exit-owner-node
   no neighbor 3ffa::10 activate  
   address-family ipv6
    redistribute kernel
    neighbor 3ffa::10 activate
   exit-address-family
  !

Install IPv6 learned routes

The Citrix ADC cluster can use routes learned by various routing protocols after you install the routes in the Citrix ADC cluster routing table.

To install IPv6 learned routes to the internal routing table by using the CLI:

At the command prompt, type:

  • ns route-install ipv6 bgp

  • ns route-install ipv6 ospf

  • ns route-install default

Note

  • If you have to exchange IPv4 routes on a IPv6 neighbor, you must remove the no neighbor 3ffa::10 active VTYSH command from the earlier configuration.

  • The update-source VTYSH command must be used for each owner node to specify right IPv6 source IP while connecting to BGP peer as given in BPG IPv4 configuration.

Routing in a L3 cluster

The routing in L3 cluster works only when the following configurations are done on the Citrix ADC appliance.

  • Enable the dynamic routing for a VLAN.

     set vlan <id> -dynamicrouting enabled
    
  • To reach all cluster nodes, the VIP, CLIP, and Citrix ADC IP (NSIP) must be advertised by routing protocols along with set vlan command.

Deployment scenario for BGP in L3 cluster

Consider an example where all the cluster nodes are grouped in AS 100 network, and the upstream routers are in different AS 200.

The following figure depicts the AS 100 and AS 200 deployment in a cluster setup.

localized image

In this deployment, CLIP advertises CCO to upstream routers. Some cluster nodes drop the advertised traffic, as AS loop is detected.

To overcome the issue, configure the following command in vtysh BGP router mode for each neighbor.

At the VTYSH command prompt, type:

neighbor <peer_ip> allowas-in 1

As a best practice, Citrix recommends you to configure any one of the following:

  • Configure route-maps to learn only desired networks such as; default route, Citrix ADC IP (NSIP), and NSIP subnets on cluster nodes.

  • Configure upstream routes to advertise only desired networks such as; CLIP and Citrix ADC IP (NSIP) in cluster.