- Release notes
- What's new
- Updating and Upgrading to NetScaler SD-WAN 9.3
- Single-Step Upgrade for SD-WAN Appliances
- Before You Begin
Getting Started by Using NetScaler SD-WAN
- NetScaler SD-WAN Management Web Interface
- One Touch Start
- Installing the SD-WAN Appliance Packages on the Clients
- Preparing the SD-WAN Appliance Packages on the MCN
- Connecting the Client Appliances to Your Network
Setting up the SD-WAN Appliances
- Setting up the Appliance Hardware
- Setting the Management IP Addresses for the Appliances
- Setting the Management IP Address for a SD-WAN Appliance
- Setting the Date and Time on an SD-WAN Appliance
- Setting the Console Session Timeout Interval (Optional)
- Uploading and Installing the SD-WAN Software License File
- Troubleshooting DHCP Management IP Address Configuration
- Configuring Alarms
- Configuration Rollback
- About SD-WAN VPX Standard Edition
- Installing and Deploying a SD-WAN VPX Standard Edition on VMware ESXi
Setting up the Master Control Node (MCN) Site
- Master Control Node (MCN)
- How to Switch the Management Web Interface to MCN Console Mode
- How to Add the MCN Site
- How to Configure Virtual Interface Groups for the MCN Site
- How to Configure Virtual IP Addresses for the MCN Site
- How to Configure GRE Tunnels for the MCN Site (Optional)
- How to Configure WAN Links for the MCN Site
- How to Configure Routes for the MCN Site
- How to Configure High Availability (HA) for the MCN Site (Optional)
- How to Enable and Configure Virtual WAN Security and Encryption (Optional)
- Naming, Saving, and Backing Up the MCN Site Configuration
Adding and Configuring the Branch Sites
- How to Add the Branch Site
- How to Configure Virtual Interface Groups for the Branch Site
- How to Configure Virtual IP Addresses for the Branch Site
- How to Configure GRE Tunnels for the Branch Site
- How to Configure WAN Links for the Branch Site
- How to Configure Routes for the Branch Site
- How to Configure High Availability (HA) for the Branch Site (Optional)
- How to Clone the Branch Site (Optional)
- How to Resolve Configuration Audit Alerts
- How to Save the Completed Sites Configuration
Deployment use Cases
- Deploying SD-WAN in Gateway Mode
- Deploying SD-WAN in PBR mode (Virtual Inline Mode)
- Building a SD-WAN Network
- Dynamic Paths for Branch to Branch Communication
- Configuring Static WAN Paths
- Routing Support for LAN Segmentation
- Utilizing Enterprise Edition Appliance to Provide WAN Optimization Services Only
- SD-WAN SE/EE Appliance in Hairpin Deployment Mode
- Two Box Mode
- SD-WAN Overlay Routing
- High Availability Deployment
- Basic Configuration Mode
Virtual Routing and Forwarding
- How To Configure Routing Domain
- How To Configure Routes
- How To Select Routing Domain for Intranet Service
- How To Configure Interface Groups
- How To Configure Virtual IP Addresses
- How To Configure Virtual IP Address Identity
- How To Configure GRE Tunnels
- How To Configure Access Interface
- How to Customize Classes
- How to Add Rule Groups and Enable MOS
- How to Create Rules
- How To Configure Firewall Segmentation
- Dynamic routing
- Route Filtering
- Network Objects
- Application Classification
- QoS Fairness With Random Early Detection (RED)
- Application QoS Rules
- MPLS QoS Queues
- Application Quality of Experience (QoE)
- Link State Propagation
- Metering and Standby WAN Links
- Multiple Net Flow collectors
- IPSec Tunnel Termination
- Stateful Firewall and NAT Support
- Configuring Multicast Groups
- NetScaler SD-WAN and Zscaler - Using GRE Tunnels and IPsec Tunnels
- Enabling FIPS Compliance Mode in NetScaler SD-WAN
- Configuring Virtual WAN IPsec for FIPS Compliant Operation
- Firewall Traffic Redirection Support by Using Forcepoint in NetScaler SD-WAN
- Internet Service
- DHCP Server and DHCP Relay Agent
- DHCP Client for Data Port (WAN Link IP Address Learning)
- Adaptive Bandwidth Detection
- Active Bandwidth Testing
- Diagnostic Tool
- Monitoring Your Virtual WAN
Auto Secure Peering and Manual Secure Peering
- Auto Secure Peering to an EE appliance from a Standalone WANOP / SDWAN SE/WANOP on the DC site
- Auto Secure Peering Initiated from EE Appliance at DC Site and Branch Site EE Appliance
- Auto Secure Peering Initiated from EE Appliance at DC Site and Branch with WANOP/SE Appliance
- Manual Secure Peering Initiated from EE Appliance at DC Site and Branch EE Appliance
- Manual Secure Peering initiated from EE appliance at DC site to Branch WANOP/SDWAN-SE Appliance
- Domain Join and Delegate User Creation
- SNMPv3 Polling and Trap Capability
- Zero Touch Deployment
- Configure 210-SE LTE
- NetScaler SD-WAN WANOP 9.3
The WANOP Client Plug-in
- Hardware and software requirements
- How the WANOP plug-in works
- Deploying appliances for use with plug-ins
- Customizing the plug-in MSI file
- Deploying plug-ins on Windows systems
- WANOP plug-in GUI commands
- Updating the WANOP plug-in
- Troubleshooting WANOP plug-in
- Configuring Service Class Association with SSL Profiles
- Standard MIB Support
- Best Practices - Security
- Reference Material
- Installing SD-WAN SE Virtual Appliances (VPX) in Linux-KVM Platform
- SD-WAN Standard Edition Virtual Appliance (VPX) HA Support for AWS
- SD-WAN Standard Edition Virtual Appliance (VPX) in Hypervisor on HyperV 2012 R2 and 2016
- SD-WAN Standard Edition Virtual Appliance (VPX) HA Support for Microsoft Azure
- XenServer 6.5 Upgrade for SD-WAN Standard Edition Appliances
How to Customize Classes
Oct 17, 2017
The SD-WAN configuration provides a default set of application-classification, rule-filtering, and class-assignment settings that can be applied to any virtual path service in the SD-WAN environment. You can also customize these settings.
Using classes, you can classify a specific type of traffic on the virtual path, and then you can apply rules to handle this traffic. Traffic is assigned to a specific class, as defined in the rule.
For more information about creating rules, see How to Create Rules.
The SD-WAN system provides 17 classes (0-16). Classes 0-3 are predefined for Citrix HDX QoS prioritization. To use this feature, enable the following options:
- WAN Optimization, available under Optimization > Features.
- HDX QoS Priorities, available under Optimization > Features.
- ICA Service Class, available under Optimization > Service Classes.
These classes are used to classify HDX traffic with different ICA priority tags. You can edit the class types and their assigned bandwidth sharing to obtain the optimal quality of service, but you cannot edit the names of the classes.
Classes 10-16 are predefined and are associated with Realtime, Interactive, and Bulk class types. Each type can be configured further to optimize quality of service for its type of traffic. Classes 4-9 can be used to specify user defined classes. Classes are of one of the following three types:
- Realtime: Used for low latency, low bandwidth, time-sensitive traffic. Real-time applications are time sensitive but don’t really need high bandwidth (for example voice over IP). Real-time applications are very sensitive to latency and jitter, but can tolerate some loss.
- Interactive: Used for interactive traffic with low to medium latency requirements and low to medium bandwidth requirements. Interactive applications involve human input in the form of mouse clicks or cursor moves. The interaction is typically between a client and a server. The communication might not need high bandwidth but is sensitive to loss and latency. However, server to client does need high bandwidth to transfer graphical information, which might not be sensitive to loss.
- Bulk: Used for high bandwidth traffic that can tolerate high latency. Applications that handle file transfer and need high bandwidth are categorized as bulk class. These applications involve very little human interference and are mostly handled by the systems themselves.
To customize classes:
1. In the SD-WAN Configuration Editor, click Global > Default Sets > Virtual Path Default Sets > New_Virtual_Path_Default_Set > Classes.
2. Click the pencil icon.
3. In the Name field, either leave the default name or enter a name of your choice.
4. In the Type field, select the class type (Realtime, Interactive or Bulk).
5. For realtime classes, you can specify the following attributes:
* Initial Period: The time period in milliseconds to apply an initial rate before switching to a sustained rate.
* Initial Rate: Maximum rate at which packets leave the queue during the initial period.
* Sustained Rate: Maximum rate at which the packets leave the queue after the initial period.
When in contention, the scheduler ensures that the realtime class receives the Initial Rate and the Sustained Rate that you specify, plus a small percentage of the available bandwidth that is shared with interactive and bulk classes.
6. For interactive classes, you can specify the following attributes:
* Initial Period: The time period, in milliseconds, during which to apply initial percentage of the available bandwidth before switching to the sustained percentage. Typically, 20 ms.
* Initial Share %: The maximum share of virtual-path bandwidth during the initial period.
* Sustained Share %: The maximum share of virtual-path bandwidth after the initial period.
Interactive classes use the remaining bandwidth after the real-time traffic has been serviced.
7. For bulk classes, you can specify only the Sustained Share%, which determines the remaining virtual path bandwidth to be used for a bulk class.
Bulk traffic is serviced after real-time and interactive traffic are serviced. Typically, a bulk class gets a lower sustained share % than an interactive class.
8. Click Apply.
Save the configuration, export it to the change management inbox, and initiate the change management process.