- Release Notes
- NetScaler SDX Hardware and Component Compatibility Matrix
- Hardware Installation
- Getting Started with the Management Service User Interface
- Single Bundle Upgrade
Managing and Monitoring the NetScaler SDX Appliance
- Creating SDX Administrative Domains
- Managing RAID Disk Allocation on 22XXX Series SDX Appliances
- NetScaler SDX Licensing Overview
- SDX Resource Visualizer
- Managing Interfaces
- Jumbo Frames on NetScaler SDX Appliances
- Configuring SNMP on NetScaler SDX Appliances
- Configuring Syslog Notifications
- Configuring Mail Notifications
- Configuring SMS Notifications
- Monitoring and Managing the Real-Time Status of Entities Configured on NetScaler Devices
- Monitoring and Managing Events Generated on NetScaler Instances
- Call Home Support for NetScaler Instances on NetScaler SDX
- System Health Monitoring
- Configuring System Notification Settings
Configuring the Management Service
- Configuring Authentication and Authorization Settings
- Configuring the External Authentication Server
- Configuring Link Aggregation from the Management Service
- Configuring a Channel from the Management Service
- Access Control Lists
- Configuring Cluster Link Aggregation
- Configuring SSL Ciphers to Securely Access the Management Service
- Backing Up and Restoring the Configuration Data of the SDX Appliance
- Performing Appliance Reset
- Cascading External Authentication Servers
- Provisioning NetScaler Instances
- Managing Crypto Capacity
- Provisioning Third-Party Virtual Machines
- Deploying a Citrix NetScaler Secure Web Gateway Instance on an SDX Appliance
- Bandwidth Metering in NetScaler SDX
- Setting up a Cluster of NetScaler Instances
- Configuring and Managing NetScaler Instances
- Monitoring NetScaler Instances
- Using Logs to Monitor Operations and Events
Use Cases for NetScaler SDX Appliances
- Consolidation When the Management Service and the NetScaler Instances are in the Same Network
- Consolidation When the Management Service and the NetScaler Instances are in Different Networks
- Consolidation Across Security Zones
- NITRO API
Converting a NetScaler MPX Appliance to a NetScaler SDX Appliance
- Converting a NetScaler MPX 11515/11520/11530/11540/11542 Appliance to a NetScaler SDX 11515/11520/11530/11540/11542 Appliance
- Converting a NetScaler MPX 8005/8010/8015/8200/8400/8600/8800 Appliance to a NetScaler SDX 8010/8015/8400/8600 Appliance
- Converting a NetScaler MPX 24100 and 24150 Appliance to a NetScaler SDX 24100 and 24150 Appliance
- SDX Command Reference
Configuring VMACs on an Interface
May 04, 2017
A NetScaler instance uses Virtual MACs (VMACs) for high availability (active-active or active-standby) configurations. A Virtual MAC address (VMAC) is a floating entity shared by the primary and the secondary nodes in a high availability setup.
In a high availability setup, the primary node owns all of the floating IP addresses, such as the MIP, SNIP, and VIP addresses. The primary node responds to Address Resolution Protocol (ARP) requests for these IP addresses with its own MAC address. As a result, the ARP table of an external device (for example, an upstream router) is updated with the floating IP address and the primary node’s MAC address.
When a failover occurs, the secondary node takes over as the new primary node. It then uses Gratuitous ARP (GARP) to advertise the floating IP addresses that it acquired from the primary. However, the MAC address that the new primary advertises is the MAC address of its own interface.
Some devices (notably a few routers) do not accept the GARP messages generated by the NetScaler appliance. Such devices retain the old IP to MAC mapping advertised by the old primary node, and a site can go down as a result.
You can overcome this problem by configuring a VMAC on both nodes of an HA pair. Both nodes then possess identical MAC addresses. Therefore, when failover occurs, the MAC address of the secondary node remains unchanged, and the ARP tables on the external devices do not need to be updated.
To configure a VMAC, you add a VRID for an interface. The Management Service internally generates a VMAC. You must specify the same VRID when you configure active-active mode on the NetScaler instance.
- You must add a VRID from the Management Service. The same VRID must be specified in the NetScaler instance. If you add a VRID directly in the NetScaler instance, the instance cannot receive a packet that has a VMAC address as the destination MAC address.
- You can use the same VRIDs in different instances on a 10G interface if VLAN filtering is enabled on the interface and the instances associated with that interface belong to different tagged 802.1q VLANs.
- You cannot use the same VRIDs in different instances on a 1G interface.
- You can add or delete the VRIDs for an interface assigned to an instance while the Instance is running.
- In an active-active configuration, you can specify more than one VRID for an interface assigned to an instance.
- A maximum of 86 VMACs are allowed on a 10G interface, and a maximum of 16 VMACs on a 1G interface. If no more VMAC filters are available, reduce the number of VRIDs on another instance.
You can add a VRID at the time of provisioning a NetScaler instance, or you can modify an existing NetScaler instance.
In the Provision NetScaler Wizard or the Modify NetScaler Wizard, on the Network Settings page, select an interface and set one or both of the following values:
- VRID IPv4—The IPv4 VRID that identifies the VMAC. Possible values: 1 to 255.
- VRID IPv6—The IPv6 VRID that identifies the VMAC. Possible values: 1 to 255. Note: Use a comma to separate multiple VRIDs. For example, 12,24.
- Follow the instructions in the wizard.
- Click Finish, and then click Close.