Product Documentation

Policy-Based Routes (PBR6) for IPv6 Traffic

Configuring PBR6s involves the following tasks:

  • Create a PBR6.
  • Apply PBR6s.
  • (Optional) Disable or enable a PBR6.
  • (Optional) Renumber the priority of the PBR6.

Creating or Modifying a PBR6

You cannot create two PBR6s with the same parameters. If you attempt to create a duplicate, an error message appears.

You can configure the priority of a PBR6. The priority (an integer value) defines the order in which the Citrix ADC appliance evaluates PBR6s. When you create a PBR6 without specifying a priority, the Citrix ADC automatically assigns a priority that is a multiple of 10.

If a packet matches the condition defined by the PBR6, the Citrix ADC performs an action. If the packet does not match the condition defined by the PBR6, the Citrix ADC compares the packet against the PBR6 with the next highest priority.

CLI procedures

To create a PBR6 by using the CLI:

At the command prompt, type:

  • add ns pbr6 <name> <action> [-srcIPv6 [<operator>] <srcIPv6Val>] [-srcPort [<operator>] <srcPortVal>] [-destIPv6 [<operator>] <destIPv6Val>] [-destPort [<operator>] <destPortVal>] [-srcMac <mac_addr>] [-protocol <protocol> |-protocolNumber <positive_integer>] [-vlan <positive_integer>] [-interface <interface_name>] [-priority <positive_integer>] [-state ( ENABLED | DISABLED )] [-msr ( ENABLED | DISABLED ) [-monitor <string>]] [-nextHop <nextHopVal>] [-nextHopVlan <positive_integer>]
  • show ns pbr

To modify or remove a PBR6 by using the CLI:

To modify a PBR6, type the set pbr6 <name> command and the parameters to be changed, with their new values.

To remove one or all PBR6s by using the CLI:

At the command prompt, type one of the following commands:

  • rm ns pbr6 <name>
  • clear ns pbr6

GUI procedures

To create or modify a PBR6 by using the GUI:

Navigate to System > Network > PBRs and, on the PBR6s tab, add a new PBR6, or edit an existing PBR6.

To remove one or all PBR6s by using the GUI:

Navigate to System > Network > PBRs and, on the PBR6s tab, delete the PBR6.

Applying PBR6s

You must apply a PBR6 to activate it. The following procedure reapplies all PBR6s that you have not disabled. The PBR6s constitute a memory tree (lookup table). For example, if you create 10 PBR6s (p6_1 - p6_10), and then you create another PBR6 (p6_11) and apply it, all of the PBR6s (p6_1 - p6_11) are freshly applied and a new lookup table is created. If a session has a DENY PBR6 related to it, the session is destroyed.

You must apply this procedure after every modification you make to any PBR6. For example, you must follow this procedure after disabling a PBR6.

Note: PBR6s created on the Citrix ADC appliance do not work until they are applied.

To apply PBR6s by using the CLI:

At the command prompt, type:

  • apply ns PBR6

To apply PBR6s by using the GUI:

  1. Navigate to System > Network > PBRs.
  2. On the PBR6s tab, select the PBR6, in the Action list, select Apply.

Enabling or Disabling a PBR6

By default, the PBR6s are enabled. This means that when PBR6s are applied, the Citrix ADC appliance automatically compares outgoing IPv6 packets against the configured PBR6s. If a PBR6 is not required in the lookup table, but it needs to be retained in the configuration, it must be disabled before the PBR6s are applied. After the PBR6s are applied, the Citrix ADC does not compare incoming packets against disabled PBR6s.

To enable or disable a PBR6 by using the CLI:

At the command prompt, type one of the following commands:

  • enable ns pbr <name>
  • disable ns pbr <name>

To enable or disable a PBR6 by using the GUI:

  1. Navigate to System > Network > PBRs.
  2. On the PBR6s tab, select the PBR6, in the Action list, select Enable or Disable.

Renumbering PBR6s

You can automatically renumber the PBR6s to set their priorities to multiples of 10.

To renumber PBR6s by using the CLI:

At the command prompt, type:

  • renumber ns pbr6

To renumber PBR6s by using the GUI:

Navigate to System > Network > PBRs, on the PBR6s tab, in the Action list, select Renumber Priority (s).

Policy-Based Routes (PBR6) for IPv6 Traffic