Consolidation When the Management Service and the Citrix NetScaler instances are in Different Networks
In certain cases, the appliance administrator might allow other administrators to perform administration tasks on individual instances. This can be safely done by giving an individual instance administrator login rights to just that instance. But, for security reasons, the appliance administrator might not want to allow the instance to be on the same network as the Management Service. This is a very common scenario in service provider environments, and it is becoming increasingly common in enterprises as they adopt virtualization and cloud architectures.
In the following example, the Management Service is in the 10.1.1.x network and the Citrix NetScaler instances are in the 10.1.2.x network. Interfaces 0/1 and 0/2 are the management interfaces, 1/1 to 1/8 are 1G data interfaces, and 10/1 to 10/4 are 10G data interfaces. Each instance has its own dedicated administrator and its own dedicated physical interface. Therefore, the number of instances is limited to the number of physical interfaces available on the appliance. VLAN filtering is not required, because each instance has its own dedicated interface. Optionally, disable VLAN filtering to configure up to 4096 VLANs per instance per interface. In this example, you do not need to configure an NSVLAN, because instances are not sharing a physical interface and there are no tagged VLANs. For more information about NSVLANs, see Adding a Citrix NetScaler instance.
The following figure illustrates the above use case.
Figure 1. Network topology of an SDX appliance with Management Service and NSIPs for Instances in different networks
As the appliance administrator, you have the option to keep the traffic between the Management Service and the NSIP addresses on the SDX appliance, or to force the traffic off the device if, for example, you want traffic to go through an external firewall or some other security intermediary and then return to the appliance.
The following table lists the names and values of the parameters used for provisioning Citrix NetScaler instance 1 in this example.
|Parameter Name||Values for Instance 1|
|Total Memory (MB)||2048|
|Packets per second||1000000|
|Interface||0/2 and 1/1|
To provision Citrix NetScaler instance 1 as shown in this example
- On the Configuration tab, in the navigation pane, expand NetScaler Configuration, and then click Instances.
- In the Citrix NetScaler instances pane, click Add.
- In the Provision NetScaler Wizard follow the instructions in the wizard to set the parameters to the values shown in the above table.
- Click Create, and then click Close. The Citrix NetScaler instance you provisioned appears in the Citrix NetScaler instances pane.