Citrix ADC

Citrix ADC configurations support in admin partition

Citrix ADC configurations can be categorized into the following three types of configurations. It depends on the Citrix configuration and the partition in which the configuration is performed.

Note

  • Admin partitions cannot be set up on a Citrix ADC cluster. It means that a Citrix ADC cluster cannot be partitioned.
  • Admin partitions cannot be set up on a Citrix ADC 14000 FIPS appliance.
  • Case 3 lists the Citrix ADC features that are not supported in admin partitions.
  • Load balancing templates are not supported in admin partitions.

Case 1 (global configurations)

Configurations that can be performed ONLY in the default partition and which are available or impact all the admin partitions.

Admin partition global configuration

  • Updates to built-in entities for monitors, TCP profiles, HTTP profiles, and so on.
  • Updates to global parameters for syslog, NSLOG, weblog, content switching, IPSEC, SIP, DHCP, Surge protection, TCP buffering, and system collection.
  • High availability (HA) configurations
  • Interface and VLAN changes
  • User configurations

Case 2 (partition-specific configurations)

Configurations that can be performed independently in default and admin partitions. These configurations are applicable only to the partition in which they are performed.

Admin partition specific configuration

  • Getting traffic level statistics for a partition.
  • Partition admin can update IP bindings for VLAN which is bound to that partition. But cannot update the interface bindings.
  • Clearing Citrix ADC configurations.
  • Feature-specific parameters for the following features: AppFlow, AppQoE, HTTP compression, DNS, TCP, HTTP, encryption, responder, rewrite, and SSL.
  • Feature-specific configurations such as virtual servers, services, monitors.

Case 3

Configurations that cannot be performed on admin partitions. These features can be configured in the default partition, but there is no impact on admin partitions.

Admin partition types

Note:

Configurations that are supported on admin partitions for a particular release are marked as Yes.

Feature Component Citrix ADC Feature NetScaler 11.1 NetScaler 12.0 Citrix ADC 12.1 Citrix ADC 13.0 Citrix ADC 13.1
Networking Traffic Domain No (Not supported from build 60.13 onwards) No No No No
Policy Extensibility Yes Yes Yes Yes Yes
Load Balancing DBS Autoscale Yes Yes Yes Yes Yes
Load Balancing DNSSEC No No Yes Yes Yes
Load Balancing Diameter Yes Yes Yes Yes Yes
Load Balancing RTSP No No No No No
Load Balancing Sure Connect Yes Yes Deprecated Deprecated Removed
Load Balancing Autoscale Service Group Yes Yes Yes Yes Yes
Manageability RBA External Authentication Yes Yes Yes Yes Yes
Manageability RISE Cisco No No No Yes Yes
Manageability ACI-Cisco Yes Yes Yes Yes Yes
Manageability AppExpert Yes Yes Yes Yes Yes
Manageability HDX Insight No No No No No
Manageability Insight No No No No No
VPN Citrix CloudBridge Connector No No No No No
VPN Citrix Gateway or SSL VPN No No No No No
VPN SSL VPN ICA Proxy No No No No No
VPN Web Interface on Citrix ADC No No No No No
SSL SSL Profile Yes Yes Yes Yes Yes
SSL SSL-FIPS No No No No No
SSL External-HSM No No No No No
Infra Cache Redirection No No No No No
Infra Integrated Caching Yes Yes Yes Yes Yes
Network VXLAN Yes Yes Yes Yes Yes
Network Graceful Shutdown Yes Yes Yes Yes Yes
Network LSN No No No No No
Network IPv6 Ready Logo Yes Yes Yes Yes Yes
Network vPath Yes Yes Yes Yes Yes
Load Balancing Datastream Yes Yes Yes Yes Yes
Logging Web logging Yes Yes Yes Yes Yes
Network L2 Param/L3 Param Yes Yes Yes Yes Yes
Network GRE Tunnel Yes Yes Yes Yes Yes
Loading Balancing Scriptable Monitoring Yes Yes Yes Yes Yes
Load Balancing GSLB Yes Yes Yes Yes Yes
Infra Connection Mirroring Yes Yes Yes Yes Yes
Infra FEO Yes Yes Yes Yes Yes
Infra Ns trace Yes Yes Yes Yes Yes
Load Balancing Priority Queuing Yes Yes Deprecated Deprecated Removed
Network HDOSP Yes Yes Deprecated Deprecated Removed
Network Net profile Yes Yes Yes Yes Yes
Network Networking (Restricted Feature) Yes Yes Yes Yes Yes
Network VRRP (Restricted Feature) Yes Yes Yes Yes Yes
Logging Audit Logging (SYSLOG-TCP, LB of syslog servers, SNIP support, and FQDN support for syslog) Yes Yes Yes Yes Yes
VPN Citrix Gateway No No No No No
VPN AAA-TM Yes Yes Yes Yes Yes
AppFlow AppFlow No Yes (IPFIX only) Yes (IPFIX only) Yes Yes
AppFw Application Firewall No No No No No
URL transformation URL transformation No No No No No
Load Balancing TCP Buffering No No No No No
Policies OCSP Responder Yes Yes Yes Yes Yes
Audit Log SYSLOG-TCP No Yes Yes Yes Yes
Optimization Front-end-optimization No Yes Yes Yes Yes
AppQoE AppQoE Yes Yes Yes Yes Yes

The preceding table lists some of the features as Restricted Features in the admin partition setup. The following section provides the reason why some of the features are mentioned as Restricted Features.

  • VRRP. The VRRP is Restricted Feature in the admin partition because of the following:

    • VRID addition or deletion can be done only from the default partition context. However, once a VRID is created, it can be used within non-default partitions.

    • VRRP functionality is supported only over the dedicated VLANs.

    • VRRP functionality is not supported on shared VLANs, used by the admin partition. It is blocked internally. No error message is shown during configuration. The protocol is blocked on a shared VLAN (tagged or untagged) bound to a default or any administrative partition.

Important

To support active-active deployment using VRRP, main and backup VIP must use the same VRID. Different VRIDs cannot be used.

  • Networking. Some of the networking configurations (L2 Param and L3 Param) are not supported or valid in the partition context. If you come across any such configurations, the following error message is displayed. “ERROR: This configuration option is not supported on the non-default partition.”
Citrix ADC configurations support in admin partition