Product Documentation

Configure source IP persistency for backend communication

By default, for a load balancing configuration with the USIP option disabled and a net profile bound to a virtual server or services or service groups, the Citrix ADC appliance uses the round robin algorithm to select an IP address from the net profile for communicating with the servers. Because of this selection method, the IP address selected can be different for different sessions of a specific client.

Some situations require that the Citrix ADC appliance send all of a specific client’s traffic from the same IP address when sending the traffic to servers. The servers can then, for example, identify traffic belonging to a specific set for logging and monitoring purposes.

The source IP persistency option of a net profile enables the Citrix ADC appliance to use the same address, specified in the net profile, to communicate with servers about all sessions initiated from a specific client to a virtual server.

To enable source IP persistency in a net profile by using the CLI

To enable source IP persistency while adding a net profile, at the command prompt, type:

add netProfile <name> -srcippersistency ( ENABLED | DISABLED )

show netprofile <name>

To enable source IP persistency in an existing net profile, at the command prompt, type:

set netProfile <name> -srcippersistency ( ENABLED | DISABLED )

show netprofile <name>

To enable source IP persistency in a net profile by using the GUI

1.    Navigate to System > Network > Net Profiles.

2.    Select Source IP Persistency while adding or modifying a net profile.

Example

In the following sample configuration, net profile NETPROFILE-IPPRSTNCY-1 has the source IP persistency option enabled and is bound to load balancing virtual server LBVS-1.

The Citrix ADC appliance always use the same IP address (in this example, 192.0.2.11) to communicate with servers bound to LBVS-1, for all sessions initiated from a specific client to the virtual server.

> add ipset IPSET-1

Done
> bind ipset IPSET-1 192.0.2.[11-15]
 IPAddress "192.0.2.11" bound
 IPAddress "192.0.2.12" bound
 IPAddress "192.0.2.13" bound
 IPAddress "192.0.2.14" bound
 IPAddress "192.0.2.15" bound
 Done
> add netprofile NETPROFILE-IPPRSTNCY-1 -srcIp IPSET-1 -srcippersistency ENABLED

Done
> set lb vserver LBVS-1 -netprofile NETPROFILE-IPPRSTNCY-1

 Done

Configure source IP persistency for backend communication