-
Getting Started with Citrix NetScaler
-
Deploy a Citrix NetScaler VPX instance
-
Install a Citrix NetScaler VPX instance on Microsoft Hyper-V servers
-
Install a NetScaler VPX instance on Linux-KVM platform
-
Prerequisites for Installing NetScaler VPX Virtual Appliances on Linux-KVM Platform
-
Provisioning the NetScaler Virtual Appliance by using OpenStack
-
Provisioning the NetScaler Virtual Appliance by using the Virtual Machine Manager
-
Configuring NetScaler Virtual Appliances to Use SR-IOV Network Interface
-
Configuring NetScaler Virtual Appliances to use PCI Passthrough Network Interface
-
Provisioning the NetScaler Virtual Appliance by using the virsh Program
-
-
Deploying NetScaler VPX Instances on AWS
-
Upgrade and downgrade a NetScaler appliance
-
-
-
-
-
-
Overriding Static Proximity Behavior by Configuring Preferred Locations
-
Example of a Complete Parent-Child Configuration Using the Metrics Exchange Protocol
-
Configuring Global Server Load Balancing for DNS Queries with NAPTR records
-
Using the EDNS0 Client Subnet Option for Global Server Load Balancing
-
-
Persistence and persistent connections
-
Advanced load balancing settings
-
Gradually stepping up the load on a new service with virtual server–level slow start
-
Protect applications on protected servers against traffic surges
-
Use source IP address of the client when connecting to the server
-
Set a limit on number of requests per connection to the server
-
Configure automatic state transition based on percentage health of bound services
-
-
Use case 2: Configure rule based persistence based on a name-value pair in a TCP byte stream
-
Use case 3: Configure load balancing in direct server return mode
-
Use case 6: Configure load balancing in DSR mode for IPv6 networks by using the TOS field
-
Use case 7: Configure load balancing in DSR mode by using IP Over IP
-
Use case 10: Load balancing of intrusion detection system servers
-
Use case 11: Isolating network traffic using listen policies
-
Use case 14: ShareFile wizard for load balancing Citrix ShareFile
-
-
-
-
-
Configuring a CloudBridge Connector Tunnel between two Datacenters
-
Configuring CloudBridge Connector between Datacenter and AWS Cloud
-
Configuring a CloudBridge Connector Tunnel Between a Datacenter and Azure Cloud
-
Configuring CloudBridge Connector Tunnel between Datacenter and SoftLayer Enterprise Cloud
-
Configuring a CloudBridge Connector Tunnel Between a NetScaler Appliance and Cisco IOS Device
-
CloudBridge Connector Tunnel Diagnostics and Troubleshooting
This content has been machine translated dynamically.
Dieser Inhalt ist eine maschinelle Übersetzung, die dynamisch erstellt wurde. (Haftungsausschluss)
Cet article a été traduit automatiquement de manière dynamique. (Clause de non responsabilité)
Este artículo lo ha traducido una máquina de forma dinámica. (Aviso legal)
此内容已动态机器翻译。 放弃
このコンテンツは動的に機械翻訳されています。免責事項
This content has been machine translated dynamically.
This content has been machine translated dynamically.
This content has been machine translated dynamically.
This article has been machine translated.
Dieser Artikel wurde maschinell übersetzt. (Haftungsausschluss)
Ce article a été traduit automatiquement. (Clause de non responsabilité)
Este artículo ha sido traducido automáticamente. (Aviso legal)
この記事は機械翻訳されています.免責事項
이 기사는 기계 번역되었습니다.
Este artigo foi traduzido automaticamente.
这篇文章已经过机器翻译.放弃
Translation failed!
Stateless NAT46
The stateless NAT46 feature enables communication between IPv4 and IPv6 networks through IPv4 to IPv6 packet translation, and vice versa, without maintaining any session information on the NetScaler appliance.
For a stateless NAT46 configuration, the appliance translates an IPv4 packet to IPv6 or an IPv6 packet to IPv4 as defined in RFCs 6145 and 2765.
A stateless NAT46 configuration on the NetScaler appliance has the following components:
-
IPv4-IPv6 INAT entry. An INAT entry defining a 1:1 relationship between an IPv4 address and an IPv6 address. In other words, an IPv4 address on the appliance listens to connection requests on behalf of an IPv6 server. An IPv4 request packet for this IPv4 address is translated into an IPv6 packet, and then the IPv6 packet is sent to the IPv6 server.
The appliance translates an IPv6 response packet into an IPv4 response packet with its source IP address field set as the IPv4 address specified in the INAT entry. The translated packet is then sent to the client.
-
NAT46 IPv6 prefix. A global IPv6 prefix of length 96 bits (128-32=96) configured on the appliance. During IPv4 packet to IPv6 packet translation, the appliance sets the source IP address of the translated IPv6 packet to a concatenation of the NAT46 IPv6 prefix [96 bits] and the IPv4 source address [32 bits] that was received in the request packet.
During IPv6 packet to IPv4 packet translation, the appliance sets the destination IP address of the translated IPv4 packet to the last 32 bits of the destination IP address of the IPv6 packet.
Consider an example in which an enterprise hosts site www.example.com on server S1, which has an IPv6 address. To enable communication between IPv4 clients and IPv6 server S1, NetScaler appliance NS1 is deployed with a stateless NAT46 configuration that includes an IPv4-IPv6 INAT entry for server S1, and a NAT46 Prefix. The INAT entry includes an IPv4 address at which the appliance listens to connection requests from IPv4 clients on behalf of the IPv6 server S1.
The following table lists the settings used in this example:
Entities | Name | Value |
---|---|---|
IP address of the client | Client_IPv4 (for reference purposes only) | 192.0.2.60 |
IPv6 address of the server | Sevr_IPv6 (for reference purposes only) | 2001:DB8:5001::30 |
IPv4 address defined in the INAT entry for IPv6 server S1 | Map-Sevr-IPv4 (for reference purposes only) | 192.0.2.180 |
IPv6 prefix for NAT 46 translation | NAT46_Prefix (for reference purposes only) | 2001:DB8:90:: |
Following is the traffic flow in this example:
- IPv4 Client CL1 sends a request packet to the Map-Sevr-IPv4 (192.0.2.180) address on the NetScaler appliance.
- The appliance receives the request packet and searches the NAT46 INAT entries for the IPv6 address mapped to the Map-sevr-IPv4 (192.0.2.180) address. It finds the Sevr-IPv6 (2001:DB8:5001::30) address.
- The appliance creates a translated IPv6 request packet with:
- Destination IP address field = Sevr-IPv6 = 2001:DB8:5001::30
- Source IP address field = Concatenation of NAT Prefix (First 96 bits) and Client_IPv4 (last 32 bits) = 2001:DB8:90::192.0.2.60
- The appliance sends the translated IPv6 request to Sevr-IPv6.
- The IPv6 server S1 responds by sending an IPv6 packet to the NetScaler appliance with:
- Destination IP address field = Concatenation of NAT Prefix (First 96 bits) and Client_IPv4 (last 32 bits)= 2001:DB8:90::192.0.2.60
- Source IP address field = Sevr-IPv6 = 2001:DB8:5001::30
- The appliance receives the IPv6 response packet and verifies that its destination IP address matches the NAT46 prefix configured on the appliance. Because the destination address matches the NAT46 prefix, the appliance searches the NAT46 INAT entries for the IPv4 address associated with the Sevr-IPv6 address (2001:DB8:5001::30 ). It finds the Map-Sevr-IPv4 address (192.0.2.180).
- The appliance creates an IPv4 response packet with:
- Destination IP address field = The NAT46 prefix stripped from the destination address of the IPv6 response = Client_IPv4 (192.0.2.60)
- Source IP address field = Map-Sevr-IPv4 address (192.0.2.180)
- The appliance sends the translated IPv4 response to client CL1.
Limitations of Stateless NAT46
The following limitations apply to stateless NAT46:
- Translation of IPv4 options is not supported.
- Translation of IPv6 routing headers is not supported.
- Translation of hop-by-hop extension headers of IPv6 packets is not supported.
- Translation of ESP and EH headers of IPv4 packets is not supported.
- Translation of multicast packets is not supported.
- Translation of destination option headers and source routing headers is not supported.
- Translation of fragmented IPv4 UDP packets that do not contain UDP checksum is not supported.
Configure Stateless NAT46
Creating the required entities for stateless NAT46 configuration on the NetScaler appliance involves the following procedures:
- Create an IPv4-IPv6 mapping INAT entry with stateless mode enabled.
- Create a NAT46 IPv6 prefix.
NetScaler command line procedures
To configure an INAT mapping entry by using the NetScaler command line:
At the command prompt, type:
- add inat <name> <publicIPv4> <privateIPv6> -mode STATELESS
- show inat <name>
To create an NAT46 prefix by using the NetScaler command line:
At the command prompt, type:
-
set inatparam -nat46v6Prefix <ipv6_addr *> - show inatparam
Example:
> add inat exmpl-com-stls-nat46 192.0.2.180
2001:DB8:5001::30 -mode stateless
Done
> set inatparam -nat46v6Prefix 2001:DB8:90::/96
Done
NetScaler GUI procedures
To create an INAT mapping entry by using the NetScaler GUI:
-
Navigate to System > Network > Routes > INAT.
-
Add a new INAT entry, or edit an existing INAT entry.
-
Set the following parameters:
- Name*
- Public IP Address*
- Private IP Address* (Select the IPv6 check box and enter the address in IPv6 format.)
- Mode (Select Stateless from the drop down list.)
* A required parameter
To create a NAT46 prefix by using the NetScaler GUI:
Navigate to System > Network, in the Settings group, click Configure INAT Parameters, and set the Prefix parameter.
Setting Global Parameters for Stateless NAT46
The appliance provides some optional global parameters for stateless NAT46 configurations.
To set global parameters for stateless NAT46 by using the NetScaler command line:
At the command prompt, type:
-
set inatparam [-nat46IgnoreTOS ( YES NO )] [-nat46ZeroCheckSum ( ENABLED DISABLED )] [-nat46v6Mtu <positive_integer>] [-nat46FragHeader ( ENABLED DISABLED )] - show inatparam
Example:
> set inatparam -nat46IgnoreTOS YES -nat46ZeroCheckSum DISABLED -nat46v6Mtu 1400 -nat46FragHeader DISABLED
Done
To set global parameters for stateless NAT46 by using the NetScaler GUI:
Navigate to System > Network, in the Settings group, click Configure INAT Parameters.
Share
Share
This Preview product documentation is Citrix Confidential.
You agree to hold this documentation confidential pursuant to the terms of your Citrix Beta/Tech Preview Agreement.
The development, release and timing of any features or functionality described in the Preview documentation remains at our sole discretion and are subject to change without notice or consultation.
The documentation is for informational purposes only and is not a commitment, promise or legal obligation to deliver any material, code or functionality and should not be relied upon in making Citrix product purchase decisions.
If you do not agree, select Do Not Agree to exit.