Product Documentation

Virtual Inline Mode

Aug 09, 2017

Note

Use virtual inline mode only when inline mode is not possible. Do not mix inline and virtual inline modes within the same appliance. However, you can mix virtual inline and WCCP (WANOP appliance supported deployment) modes within the same appliance. Citrix does not recommend virtual inline mode with routers that do not support health monitoring.

In virtual inline mode, the router uses policy based routing (PBR) rules to redirect incoming and outgoing WAN traffic to the appliance for acceleration, and the appliance forwards the processed packets back to the router. Almost all of the configuration tasks are performed on the router. The only thing to be configured on the appliance is the forwarding method, and the default method is recommended.

Virtual inline deployment requires no rewiring and no downtime, and it provides a solution for asymmetric routing issues faced in a deployment with two or more WAN links. It contains no built-in status monitoring or health checking, making troubleshooting difficult. Virtual inline is recommended only when inline mode is impractical.

Example

The following figure shows a simple network in which all traffic destined for or received from the remote site is redirected to the appliance. In this example, both the local site and remote site use virtual inline mode.

Figure 1. Virtual Inline Example


Following are some configuration details for the network in this example:
  • Endpoint systems have their gateways set to the local router (which is not unique to virtual inline mode).
  • Each router is configured to redirect both incoming and outgoing WAN traffic to the local appliance.
  • Each appliance processes the traffic received from its local router and forwards it back to the router.
  • PBR rules configured on the router prevent routing loops by allowing packets to make only one trip to and from the appliance. The packets that the appliance forwards back to the router are sent to their original (local or remote) destination.
  • Each appliance has its default gateway set to the address of the local router, as usual (on the Configuration: Network Adapters page). The options for forwarding packets back to the router are Return to Ethernet Sender and Send to Gateway.