NetScaler SDX

Jumbo Frames on SDX Appliances

NetScaler SDX appliances support receiving and transmitting jumbo frames containing up to 9216 bytes of IP data. Jumbo frames can transfer large files more efficiently than it is possible with the standard IP MTU size of 1500 bytes.

A NetScaler SDX appliance can use jumbo frames in the following deployment scenarios:

  • Jumbo to Jumbo: The appliance receives data as jumbo frames and sends it as jumbo frames.
  • Non-Jumbo to Jumbo: The appliance receives data as non-jumbo frames and sends it as jumbo frames.
  • Jumbo to Non-Jumbo: The appliance receives data as jumbo frames and sends it as non-jumbo frames.

The Citrix ADC instances provisioned on SDX appliance support jumbo frames in a load balancing configuration for the following protocols:

  • TCP
  • Any other protocol over TCP
  • SIP

For more information about jumbo frames, see the use cases.

Use Case: Jumbo to Jumbo Setup

Consider an example of a jumbo to jumbo setup in which SIP load balancing virtual server LBVS-1, configured on Citrix ADC instance NS1, is used to load balance SIP traffic across servers S1 and S2. The connection between client CL1 and NS1, and the connection between NS1 and the servers support jumbo frames.

Interface 10/1 of NS1 receives or sends traffic from or to client CL1. Interface 10/2 of NS1 receives or sends traffic from or to server S1 or S2. Interfaces 10/1 and 10/2 of NS1 are part of VLAN 10 and VLAN 20, respectively.

For supporting jumbo frames, the MTU is set to 9216 for interfaces 10/1, 10/2, and VLANs VLAN 10, VLAN 20.

All other network devices, including CL1, S1, S2, in this setup example are also configured for supporting jumbo frames.

Jumbo-jumbo

The following table lists the settings used in the example.

Entity Name Details
IP address of client CL1 CL1 192.0.2.10
IP address of servers S1 198.51.100.19
S2
MTUs specified for interfaces (by using the Management Service interface) and VLANs on NS1 (by using the CLI). 10/1 9000
10/2
VLAN 10
VLAN 20
Services on NS1 representing servers SVC-S1 IP address: 198.51.100.19; Protocol: SIP; Port: 5060
Services on NS1 representing servers SVC-S2 IP address: 198.51.100.20; Protocol: SIP; Port: 5060
Load balancing virtual server on VLAN 10 LBVS-1 IP address: 203.0.113.15; Protocol: SIP; Port: 5060;SVC-S1, SVC-S2

Following is the traffic flow of CL1’s request to NS1:

  1. CL1 creates a 20000-byte SIP request for LBVS1.
  2. CL1 sends the request data in IP fragments to LBVS1 of NS1. The size of each IP fragment is either equal to or less than the MTU (9000) set on the interface from which CL1 sends these fragments to NS1.
    • Size of the first IP fragment = [IP header + UDP header + SIP data segment] = [20 + 8 + 8972] = 9000
    • Size of the second IP fragment = [IP header + SIP data segment] = [20 + 8980] = 9000
    • Size of the last IP fragment=[IP header + SIP data segment] = [20 + 2048] = 2068
  3. NS1 receives the request IP fragments at interface 10/1. NS1 accepts these fragments, because the size of each of these fragments is equal to or less than the MTU (9000) of interface 10/1.
  4. NS1 reassembles these IP fragments to form the 27000-byte SIP request. NS1 processes this request.
  5. LBVS-1’s load balancing algorithm selects server S1.
  6. NS1 sends the request data in IP fragments to S1. The size of each IP fragment is either equal or less than the MTU (9000) of the interface 10/2, from which NS1 sends these fragments to S1. The IP packets are sourced with a SNIP address of NS1.
    • Size of the first IP fragment = [IP header + UDP header + SIP data segment] = [20 + 8 + 8972] = 9000
    • Size of the second IP fragment = [IP header + SIP data segment] = [20 + 8980] = 9000
    • Size of the last IP fragment=[IP header + SIP data segment] = [20 + 2048] = 2068

Following is the traffic flow of S1’s response to CL1 in this example:

  1. Server S1 creates a 30000-byte SIP response to send to the SNIP address of NS1.
  2. S1 sends the response data in IP fragments to NS1. The size of each IP fragment is either equal to or less than the MTU (9000) set on the interface from which S1 sends these fragments to NS1.
    • Size of the first IP fragment = [IP header + UDP header + SIP data segment] = [20 + 8 + 8972] = 9000
    • Size of the second and third IP fragment = [IP header + SIP data segment] = [20 + 8980] = 9000
    • Size of the last IP fragment=[IP header + SIP data segment] = [20 + 3068] = 3088
  3. NS1 receives the response IP fragments at interface 10/2. NS1 accepts these fragments, because the size of each fragment is equal to or less than the MTU (9000) of interface 10/2.
  4. NS1 reassembles these IP fragments to form the 27000-byte SIP response. NS1 processes this response.
  5. NS1 sends the response data in IP fragments to CL1. The size of each IP fragment is either equal or less than the MTU (9000) of the interface 10/1, from which NS1 sends these fragments to CL1. The IP fragments are sourced with LBVS-1’s IP address. These IP packets are sourced from LBVS-1’s IP address and destined to CL1’s IP address.
    • Size of the first IP fragment = [IP header + UDP header + SIP data segment] = [20 + 8 + 8972] = 9000
    • Size of the second and third IP fragment = [IP header + SIP data segment] = [20 + 8980] = 9000

Size of the last IP fragment=[IP header + SIP data segment] = [20 + 3068] = 3088

Configuration Tasks:

On the SDX Management Service, navigate to Configuration > System > Interfaces page. Select the required interface and click Edit. Set the MTU value and click OK.

Example:

Set the MTU value for interface 10/1 as 9000 and for interface 10/2 as 9000.

Log on to the Citrix ADC instance and use the ADC command line interface to complete the remaining configuration steps.

The following table lists the tasks, commands, and examples for creating the required configuration on the Citrix ADC instances.

Tasks ADC Command Syntax Examples
Create VLANs and set the MTU of the desired VLANs for supporting jumbo frames. add vlan <id> -mtu <positive_integer>;show vlan <id> add vlan 10 -mtu 9000; add vlan 20 -mtu 9000
Bind interfaces to VLANs. bind vlan <id> -ifnum <interface_name>; show vlan <id> bind vlan 10 -ifnum 10/1; bind vlan 20 -ifnum 10/2
Add a SNIP address. add ns ip <IPAddress> <netmask> -type SNIP; show ns ip add ns ip 198.51.100.18 255.255.255.0 -type SNIP
Create services representing SIP servers. add service <serviceName> <ip> SIP_UDP <port>; show service <name> add service SVC-S1 198.51.100.19 SIP_UDP 5060; dd service SVC-S2 198.51.100.20 SIP_UDP 5060
Create SIP load balancing virtual servers and bind the services to it add lb vserver <name> SIP_UDP <ip> <port>; bind lb vserver <vserverName> <serviceName>; show lb vserver <name> add lb vserver LBVS-1 SIP_UDP 203.0.113.15 5060; bind lb vserver LBVS-1 SVC-S1;bind lb vserver LBVS-1 SVC-S2
bind lb vserver LBVS-1 SVC-S2 save ns config; show ns config

Use Case: Non-Jumbo to Jumbo Setup

Consider an example of a non-jumbo to jumbo setup in which the load balancing virtual server LBVS1, configured on a Citrix ADC instance NS1, is used to load balance traffic across servers S1 and S2. The connection between client CL1 and NS1 supports non-jumbo frames, and the connection between NS1 and the servers supports jumbo frames.

Interface 10/1 of NS1 receives or sends traffic from or to client CL1. Interface 10/2 of NS1 receives or sends traffic from or to server S1 or S2.

Interfaces 10/1 and 10/2 of NS1 are part of VLAN 10 and VLAN 20, respectively. For supporting only non-jumbo frames between CL1 and NS1, the MTU is set to the default value of 1500 for both interface 10/1 and VLAN 10.

For supporting jumbo frames between NS1 and the servers, the MTU is set to 9000 for interface 10/2 and VLAN 20.

Servers and all other network devices between NS1 and the servers are also configured for supporting jumbo frames. Since HTTP traffic is based on TCP, MSSs are set accordingly at each end point for supporting jumbo frames:

  • For the connection between CL1 and virtual server LBVS1 of NS1, the MSS on NS1 is set in a TCP profile, which is then bound to LBVS1.
  • For the connection between a SNIP address of NS1 and S1, the MSS on NS1 is set in a TCP profile, which is then bound to the service (SVC-S1) representing S1 on NS1.

Nonjumbo

The following table lists the settings used in this example:

Entity Name Details
IP address of client CL1 CL1 192.0.2.10
IP address of servers S1 198.51.100.19
S2
MTU for interface 10/1 (by using the Management Service interface). 1500
MTU set for interface 10/2(by using the Management Service interface). 9000
MTU for VLAN 10 on NS1 (by using the ADC command line interface). 1500
MTU set for VLAN 20 on NS1 (by using the ADC command line interface). 9000
Services on NS1 representing servers SVC-S1 IP address: 198.51.100.19; Protocol: HTTP; Port: 80; MSS: 8960
SVC-S2
Load balancing virtual server on VLAN 10 LBVS-1 IP address: 203.0.113.15; Protocol: HTTP; Port: 80. Bound services: SVC-S1, SVC-S2; MSS: 1460

Following is the traffic flow of CL1’s request to S1 in this example:

  1. Client CL1 creates a 200-byte HTTP request to send to virtual server LBVS-1 of NS1.
  2. CL1 opens a connection to LBVS-1 of NS1. CL1 and NS1 exchange their respective TCP MSS values while establishing the connection.
  3. Because NS1’s MSS is larger than the HTTP request, CL1 sends the request data in a single IP packet to NS1. 1.

    <div id="concept_57AEA1C9D3DA47948B6D834341388D29__d978e142">
    
    Size of the request packet = [IP Header + TCP Header + TCP Request] = [20 + 20 + 200] = 240
    
    </div>
    
  4. NS1 receives the request packet at interface 10/1 and then processes the HTTP request data in the packet.
  5. LBVS-1’s load balancing algorithm selects server S1, and NS1 opens a connection between one of its SNIP addresses and S1. NS1 and CL1 exchange their respective TCP MSS values while establishing the connection.
  6. Because S1’s MSS is larger than the HTTP request, NS1 sends the request data in a single IP packet to S1.
    1. Size of the request packet = [IP Header + TCP Header + [TCP Request] = [20 + 20 + 200] = 240

Following is the traffic flow of S1’s response to CL1 in this example:

  1. Server S1 creates an 18000-byte HTTP response to send to the SNIP address of NS1.
  2. S1 segments the response data into multiples of NS1’s MSS and sends these segments in IP packets to NS1. These IP packets are sourced from S1’s IP address and destined to the SNIP address of NS1.
    • Size of the first two packet = [IP Header + TCP Header + (TCP segment=NS1’s MSS size)] = [20 + 20 + 8960] = 9000
    • Size of the last packet = [IP Header + TCP Header + (remaining TCP segment)] = [20 + 20 + 2080] = 2120
  3. NS1 receives the response packets at interface 10/2.
  4. From these IP packets, NS1 assembles all the TCP segments to form the HTTP response data of 18000 bytes. NS1 processes this response.
  5. NS1 segments the response data into multiples of CL1’s MSS and sends these segments in IP packets, from interface 10/1, to CL1. These IP packets are sourced from LBVS-1’s IP address and destined to CL1’s IP address.
    • Size of all the packet except the last = [IP Header + TCP Header + (TCP payload=CL1’s MSS size)] = [20 + 20 + 1460] = 1500
    • Size of the last packet = [IP Header + TCP Header + (remaining TCP segment)] = [20 + 20 + 480] = 520

Configuration Tasks:

On the SDX Management Service, navigate to Configuration > System > Interfaces page. Select the required interface and click Edit. Set the MTU value and click OK.

Example:

Set the following MTU values:

  • For 10/1 interface as 1500
  • For 10/2 interface as 9000

Log on to the Citrix ADC instance and use the ADC command line interface to complete the remaining configuration steps.

The following table lists the tasks, commands, and examples for creating the required configuration on the Citrix ADC instances.

Tasks ADC Command Line Syntax Example
Create VLANs and set the MTU of the desired VLANs for supporting jumbo frames. add vlan <id> -mtu <positive_integer>; show vlan <id> add vlan 10 -mtu 1500; add vlan 20 -mtu 9000
Bind interfaces to VLANs. bind vlan <id> -ifnum <interface_name>; show vlan <id> bind vlan 10 -ifnum 10/1; bind vlan 20 -ifnum 10/2
Add a SNIP address. add ns ip <IPAddress> <netmask> -type SNIP; show ns ip add ns ip 198.51.100.18 255.255.255.0 -type SNIP
Create services representing HTTP servers add service <serviceName> <ip> HTTP <port>; show service <name> add service SVC-S1 198.51.100.19 http 80; add service SVC-S2 198.51.100.20 http 80
Create HTTP load balancing virtual servers and bind the services to it add lb vserver <name> HTTP <ip> <port>; bind lb vserver <vserverName> <serviceName>; show lb vserver <name> add lb vserver LBVS-1 http 203.0.113.15 80; bind lb vserver LBVS-1 SVC-S1
Create a custom TCP profile and set its MSS for supporting jumbo frames. add tcpProfile <name> -mss <positive_integer>; show tcpProfile <name> add tcpprofile NS1-SERVERS-JUMBO -mss 8960
Bind the custom TCP profile to the desired services. set service <Name> -tcpProfileName <string>; show service <name> set service SVC-S1 -tcpProfileName NS1-SERVERS-JUMBO; set service SVC-S2 -tcpProfileName NS1-SERVERS-JUMBO
Save the configuration save ns config; show ns config  

Use Case: Coexistence of Jumbo and Non-Jumbo flows on Same Set of Interfaces

Consider an example in which load balancing virtual servers LBVS1 and LBVS2 are configured on Citrix ADC instance NS1. LBVS1 is used to load balance HTTP traffic across servers S1 and S2, and global is used to load balance traffic across servers S3 and S4.

CL1 is on VLAN 10, S1 and S2 are on VLAN20, CL2 is on VLAN 30, and S3 and S4 are on VLAN 40. VLAN 10 and VLAN 20 support jumbo frames, and VLAN 30 and VLAN 40 support only non-jumbo frames.

In other words, the connection between CL1 and NS1, and the connection between NS1 and server S1 or S2 support jumbo frames. The connection between CL2 and NS1, and the connection between NS1 and server S3 or S4 support only non-jumbo frames.

Interface 10/1 of NS1 receives or sends traffic from or to clients. Interface 10/2 of NS1 receives or sends traffic from or to the servers.

Interface 10/1 is bound to both VLAN 10 and VLAN 20 as a tagged interface. Interface 10/2 is bound to both VLAN 30 and VLAN 40 as a tagged interface.

For supporting jumbo frames, the MTU is set to 9216 for interfaces 10/1 and 10/2.

On NS1, the MTU is set to 9000 for VLAN 10 and VLAN 30 for supporting jumbo frames. The MTU is set to the default value of 1500 for VLAN 20 and VLAN 40 for supporting only non-jumbo frames.

The effective MTU on an ADC interface for VLAN tagged packets is of the MTU of the interface or the MTU of the VLAN, whichever is lower. For example:

  • The MTU of interface 10/1 is 9216. The MTU of VLAN 10 is 9000. On interface 10/1, the MTU of VLAN 10 tagged packets is 9000.
  • The MTU of interface 10/2 is 9216. The MTU of VLAN 20 is 9000. On interface 10/2, the MTU of VLAN 20 tagged packets is 9000.
  • The MTU of interface 10/1 is 9216. The MTU of VLAN 30 is 1500. On interface 10/1, the MTU of VLAN 30 tagged packets is 1500.
  • The MTU of interface 10/2 is 9216. The MTU of VLAN 40 is 1500. On interface 10/2, the MTU of VLAN 40 tagged packets is 9000.

CL1, S1, S2, and all network devices between CL1 and S1 or S2 are configured for jumbo frames.

Since HTTP traffic is based on TCP, MSSs are set accordingly at each end point for supporting jumbo frames.

  • For the connection between CL1 and virtual server LBVS-1 of NS1, the MSS on NS1 is set in a TCP profile, which is then bound to LBVS1.
  • For the connection between a SNIP address of NS1 and S1, the MSS on NS1 is set in a TCP profile, which is then bound to the service (SVC-S1) representing S1 on NS1.

Jumbo-nonjumbo

The following table lists the settings used in this example.

Entity Name Details
IP address of clients CL1 192.0.2.10
CL2
IP address of servers S1 198.51.100.19
S2
S3
S4
SNIP addresses on NS1 198.51.100.18; 198.51.101.18
MTU specified for interfaces and VLANs on NS1 10/1 9216
10/2
VLAN 10 9000  
VLAN 20 9000  
VLAN 30 9000  
VLAN 40 1500  
Default TCP profile nstcp_default_profile MSS: 1460
Custom TCP profile ALL-JUMBO MSS: 8960
Services on NS1 representing servers SVC-S1 IP address: 198.51.100.19; Protocol: HTTP; Port: 80; TCP profile: ALL-JUMBO (MSS: 8960)
SVC-S2
SVC-S3
SVC-S4
Load balancing virtual servers on NS1 LBVS-1 IP address = 203.0.113.15; Protocol: HTTP; Port: 80. Bound services: SVC-S1, SVC-S2; TCP profile: ALL-JUMBO (MSS: 8960)
LBVS-2

Following is the traffic flow of CL1’s request to S1:

  1. Client CL1 creates a 20000-byte HTTP request to send to virtual server LBVS-1 of NS1.
  2. CL1 opens a connection to LBVS-1 of NS1. CL1 and NS1 exchange their TCP MSS values while establishing the connection.
  3. Because NS1’s MSS value is smaller than the HTTP request, CL1 segments the request data into multiples of NS1’s MSS and sends these segments in IP packets tagged as VLAN 10 to NS1.
    • Size of the first two packets = [IP Header + TCP Header + (TCP segment=NS1 MSS)] = [20 + 20 + 8960] = 9000
    • Size of the last packet = [IP Header + TCP Header + (remaining TCP segment)] = [20 + 20 + 2080] = 2120
  4. NS1 receives these packets at interface 10/1. NS1 accepts these packets because the size of these packets is equal to or less than the effective MTU (9000) of interface 10/1 for VLAN 10 tagged packets.
  5. From the IP packets, NS1 assembles all the TCP segments to form the 20000-byte HTTP request. NS1 processes this request.
  6. LBVS-1’s load balancing algorithm selects server S1, and NS1 opens a connection between one of its SNIP addresses and S1. NS1 and CL1 exchange their respective TCP MSS values while establishing the connection.
  7. NS1 segments the request data into multiples of S1’s MSS and sends these segments in IP packets tagged as VLAN 20 to S1.
    • Size of the first two packets = [IP Header + TCP Header + (TCP payload=S1 MSS)] = [20 + 20 + 8960] = 9000
    • Size of the last packet = [IP Header + TCP Header + (remaining TCP segment)] = [20 + 20 + 2080] = 2120

Following is the traffic flow of S1’s response to CL1:

  1. Server S1 creates a 30000-byte HTTP response to send to the SNIP address of NS1.
  2. S1 segments the response data into multiples of NS1’s MSS and sends these segments in IP packets tagged as VLAN 20 to NS1. These IP packets are sourced from S1’s IP address and destined to the SNIP address of NS1.
    • Size of first three packet = [IP Header + TCP Header + (TCP segment=NS1’s MSS size)] = [20 + 20 + 8960] = 9000
    • Size of the last packet = [IP Header + TCP Header + (remaining TCP segment)] = [20 + 20 + 3120] = 3160
  3. NS1 receives the response packets at interface 10/2. NS1 accepts these packets, because their size is equal to or less than the effective MTU value (9000) of interface 10/2 for VLAN 20 tagged packets.
  4. From these IP packets, NS1 assembles all the TCP segments to form the 30000-byte HTTP response. NS1 processes this response.
  5. NS1 segments the response data into multiples of CL1’s MSS and sends these segments in IP packets tagged as VLAN 10, from interface 10/1, to CL1. These IP packets are sourced from LBVS’s IP address and destined to CL1’s IP address.
    • Size of first three packet = [IP Header + TCP Header + [(TCP payload=CL1’s MSS size)] = [20 + 20 + 8960] = 9000
    • Size of the last packet = [IP Header + TCP Header + (remaining TCP segment)] = [20 + 20 + 3120] = 3160

Configuration Tasks:

On the SDX Management Service, navigate to Configuration > System > Interfaces page. Select the required interface and click Edit. Set the MTU value and click OK.

Example:

Set the following MTU values:

  • For 10/1 interface as 9216
  • For 10/2 interface as 9216

Log on to the Citrix ADC instance and use the ADC command line interface to complete the remaining configuration steps.

The following table lists the tasks, commands, and examples for creating the required configuration on the Citrix ADC instances.

Task Syntax Example
Create VLANs and set the MTU of the desired VLANs for supporting jumbo frames. add vlan <id> -mtu <positive_integer>; show vlan <id> add vlan 10 -mtu 9000;add vlan 20 -mtu 9000;add vlan 30 -mtu 1500;add vlan 40 -mtu 1500
Bind interfaces to VLANs. bind vlan <id> -ifnum <interface_name>;show vlan <id> bind vlan 10 -ifnum 10/1 -tagged;bind vlan 20 -ifnum 10/2 -tagged;bind vlan 30 -ifnum 10/1 -tagged;bind vlan 40 -ifnum 10/2 -tagged
Add a SNIP address. add ns ip <IPAddress> <netmask> -type SNIP;show ns ip add ns ip 198.51.100.18 255.255.255.0 -type SNIP;add ns ip 198.51.101.18 255.255.255.0 -type SNIP
Create services representing HTTP servers. add service <serviceName> <ip> HTTP <port>;show service <name> add service SVC-S1 198.51.100.19 http 80;add service SVC-S2 198.51.100.20 http 80;add service SVC-S3 198.51.101.19 http 80;add service SVC-S4 198.51.101.20 http 80
Create HTTP load balancing virtual servers and bind the services to it add lb vserver <name> HTTP <ip> <port>;bind lb vserver <vserverName> <serviceName>;show lb vserver <name> add lb vserver LBVS-1 http 203.0.113.15 80;bind lb vserver LBVS-1 SVC-S1;bind lb vserver LBVS-1 SVC-S2
Create a custom TCP profile and set its MSS for supporting jumbo frames. add tcpProfile <name> -mss <positive_integer>;show tcpProfile <name> add tcpprofile ALL-JUMBO -mss 8960
Bind the custom TCP profile to the desired load balancing virtual server and services. set service <Name> -tcpProfileName <string>;show service <name> set lb vserver LBVS-1 - tcpProfileName ALL-JUMBO;set service SVC-S1 - tcpProfileName ALL-JUMBO;set service SVC-S2 - tcpProfileName ALL-JUMBO
Save the configuration save ns config; show ns config  
Jumbo Frames on SDX Appliances