Configuring and Managing Virtual IP (VIP) Addresses

Configuration of a virtual server IP (VIP) address is not mandatory during initial configuration of the NetScaler appliance. When you configure load balancing, you assign VIP addresses to virtual servers.

For more information about configuring a load balancing setup, see Load Balancing.

In some situations, you need to customize VIP attributes or enable or disable a VIP address. A VIP address is usually associated with a virtual server, and some of the VIP attributes are customized to meet the requirements of the virtual server. You can host the same virtual server on multiple NetScaler appliances residing on the same broadcast domain, by using ARP and ICMP attributes. After you add a VIP (or any IP address), the NetScaler sends, and then responds to, ARP requests. VIPs are the only NetScaler-owned IP addresses that can be disabled. When a VIP address is disabled, the virtual server using it goes down and does not respond to ARP, ICMP, or L4 service requests. As an alternative to creating VIP addresses one at a time, you can specify a consecutive range of VIP addresses.

To create a VIP address by using the NetScaler command line:

At the command prompt, type:

  • add ns ip <IPAddress> <netmask> -type <type>
  • show ns ip <IPAddress>

Example:


> add ns ip 10.102.29.59 255.255.255.0 -type VIP
 Done

To create a range of VIP addresses by using the NetScaler command line:

At the command prompt, type:

  • add ns ip <IPAddress> <netmask> -type <type>
  • show ns ip <IPAddress>

Example:


> add ns ip 10.102.29.[60-64] 255.255.255.0 -type VIP
ip "10.102.29.60" added
ip "10.102.29.61" added
ip "10.102.29.62" added
ip "10.102.29.63" added
ip "10.102.29.64" added
 Done

To enable or disable an IPv4 VIP address by using the NetScaler command line:

At the command prompt, type one of the following sets of commands to enable or disable a VIP and verify the configuration:

  • enable ns ip <IPAddress>
  • show ns ip <IPAddress>
  • disable ns ip <IPAddress>
  • show ns ip <IPAddress>

Example:


> enable ns ip 10.102.29.79
 Done
> show ns ip 10.102.29.79

        IP: 10.102.29.79
        Netmask: 255.255.255.255
        Type: VIP
        state: Enabled
        arp: Enabled
        icmp: Enabled
        vserver: Enabled
        management access: Disabled
          telnet: Disabled
          ftp: Disabled
          ssh: Disabled
          gui: Disabled
          snmp: Disabled
        Restrict access: Disabled
        dynamic routing: Disabled
        hostroute: Disabled
 Done
> disable ns ip 10.102.29.79
 Done
> show ns ip 10.102.29.79

        IP: 10.102.29.79
        Netmask: 255.255.255.255
        Type: VIP
        state: Disabled
        arp: Enabled
        icmp: Enabled
        vserver: Enabled
        management access: Disabled
          telnet: Disabled
          ftp: Disabled
          ssh: Disabled
          gui: Disabled
          snmp: Disabled
        Restrict access: Disabled
        dynamic routing: Disabled
        hostroute: Disabled

 Done

To configure a VIP address by using the NetScaler GUI:

Navigate to System > Network > IPs > IPV4s, and add a new IP address or edit an existing address.

To create a range of VIP addresses by using the NetScaler GUI:

  1. Navigate to System > Network > IPs > IPV4s.
  2. In the Action list, select Add Range.

To enable or disable a VIP address by using the NetScaler GUI:

  1. Navigate to System > Network > IPs > IPV4s.
  2. Do one of the following:
    • Select a VIP address.
    • Hold down the Ctrl key and select multiple server address entries.
    • Hold down the Shift key and select a range of server address entries.
    • Select all the addresses by selecting the checkbox on the left side of the header row.
  3. From the Action list, select Disable or Enable.

Detecting a NetScaler Appliance in a UDP Load Balancing Setup through TTL Updates

The following table displays how a NetScaler appliance handles the TTL value of received packets in different functionalities.

Functionality TTL value
Virtual Server TTL is set to 255 when forwarding the request to the backend servers. TTL is decremented by 1 when forwarding the response to the client.
L2 Mode TTL is not changed.
L3 Mode TTL is set to 255.
INAT TTL is set to 255 when forwarding the request to the backend server. TTL is decremented by 1 when forwarding the response to the client.

Some enterprises/scenarios running a monitoring application requires the NetScaler appliance of a load balancing setup to be detected as one of the hop in a traceroute. A NetScaler appliance of a load balancing setup is not detected in a traceroute because the appliance, by default, sets the TTL value to 255 instead of decrementing it when forwarding the request to a backend server.

To meet this requirement, Decrement TTL parameter of a VIP address can be used. This parameter applies to all UDP virtual servers using this VIP.

When you enable the **Decrement TTL **parameter of a VIP, the NetScaler appliance decrements the TTL value by 1 instead of setting it to 255 when forwarding requests, which are received on the UDP virtual servers that uses this VIP.

Monitoring applications using traceroute data can now detect the presence of a NetScaler appliance of a UDP load balancing setup.

Before You Begin

Before you begin configuring a NetScaler appliance to be detected in a traceroute of a load balancing setup, note the following points:

  • Decrement TTL parameter is supported only for UDP load balancing virtual servers.
  • Decrement TTL parameter is supported for IPv4 VIP as well as IPv6 VIP (VIP6) addresses.
  • Decrement TTL parameter is supported for standalone NetScaler appliances as well as for high availability (HA) and cluster setups.

Configuration Steps

Configuring a NetScaler appliance to be detected in a traceroute of a UDP load balancing setup consists of the following tasks:

  • Create a UDP load balancing configuration
  • Enable the Decrement TTL parameter for the VIP address

NetScaler Command Line Procedures

To enable the decrement TTL option for a VIP address by using the NetScaler command line:

  • To enable the decrement TTL option for a VIP address while adding the VIP address, at the command prompt, type:
    • add ns ip <ip> <mask> -type VIP -decrementTTL ENABLED
    • show ns ip <VIP address>
  • To enable the decrement TTL option for an existing VIP address, at the command prompt, type:
    • set ns ip <ip> <mask> -decrementTTL ENABLED
    • show ns ip <VIP address>

To enable the decrement TTL option for a VIP6 address by using the NetScaler command line:

  • To enable the decrement TTL option for a VIP6 address while adding the VIP6 address, at the command prompt, type:
    • add ns ip6 <IP6/prefix> <mask> -type VIP -decrementTTL ENABLED
    • show ns ip6 <VIP6/prefix>
  • To enable the decrement TTL option for an existing VIP6 address, at the command prompt, type:
    • set ns ip6 <ip6/prefix> <mask> -decrementTTL ENABLED
    • show ns ip6 <VIP6 address>
> add ns ip 203.0.113.30 -type VIP -decrementTTL ENABLED
 Done

> add ns ip6  2001:DB8:5001::30 -type VIP -decrementTTL ENABLED
 Done

NetScaler GUI Procedures

To enable the decrement TTL option for a VIP address by using the NetScaler GUI:

Navigate to System > Network > IPs > IPv4s, and enable the Decrement TTL parameter while adding a new VIP address or editing an existing address.

To enable the decrement TTL option for a VIP6 address by using the NetScaler GUI:

Navigate to System > Network > IPs > IPv6s, and enable the Decrement TTL parameter while adding a new VIP6 address or editing an existing address.

Configuring and Managing Virtual IP (VIP) Addresses