Product Documentation

VMAC Based Traffic Domains

Sep 01, 2016

You can associate a traffic domain with a VMAC address instead of with VLANs. The NetScaler ADC then sends the traffic domain’s VMAC address in all responses to ARP queries for network entities in that domain. As a result, the ADC can segregate subsequent incoming traffic for different traffic domains on the basis of the destination MAC address, because the destination MAC address is the VMAC address of a traffic domain. After creating entities on a traffic domain, you can easily manage and monitor them by performing traffic domain level operations.

Following are points to consider before you configure VMAC based traffic domain:
  1. VMAC based traffic domains are easiest way to achieve network traffic segregation.
  2. Because VMAC based traffic domains segregate network traffic based on VMAC addresses and not VLANS, you cannot create duplicate IP addresses on different VMAC based traffic domains on a NetScaler ADC.
  3. VMAC based traffic domains do not work when the NetScaler is deployed only in L2 Mode.
  4. Both VLAN and VMAC based traffic domains can coexist on a NetScaler ADC. VMAC based traffic domains actually runs on all VLANs that are not bound to any VLAN based traffic domain.

Consider an example in which two traffic domains, with IDs 1 and 2, are configured on NetScaler appliance NS1. The NetScaler creates a VMAC address VMAC1 and associates it with traffic domain 1. Similarly, the NetScaler created another VMAC address VMAC2 and associates with traffic domain 2.

In traffic domain 1, load balancing virtual server LBVS-TD1 is configured to load balance traffic across servers S1 and S2. On the NetScaler appliance, servers S1 and S2 are represented by services SVC1-TD1 and SVC2-TD1, respectively. A subnet IP address (SNIP) SNIP1 is configured for enabling the NetScaler to communicate with S1 and S2. Because VMAC1 is associated with traffic domain 1, the NetScaler sends VMAC1 as the MAC address in all ARP announcements and ARP responses for LBVS-TD1 and SNIP1.

Similarly in traffic domain 2, load balancing virtual server LBVS-TD2 is configured to load balance traffic across S3 and S4. On the NetScaler appliance, servers S3 and S4 are represented by services SVC3-TD2 and SVC4-TD2, respectively. A SNIP address SNIP2 is configured for enabling the NetScaler to communicate with S3 and S4. Because VMAC2 is associated with traffic domain 2, the NetScaler sends VMAC2 as the MAC address in all ARP announcements and ARP responses for LBVS-TD2 and SNIP2.

The NetScaler segregate subsequent incoming traffic for traffic domains 1 or 2 on the basis of the destination MAC address, if the destination MAC address is VMAC1 or VMAC2.

The following table lists the settings used in the example.
Entity Name Details
Settings in traffic domain 1
VMAC Address VMAC1 (for reference purposes only) NS1 automatically creates VMAC1 and associates with traffic domain 1
SNIP address SNIP1 (for reference purposes only) 192.0.2.5
Services on NS1 representing servers S1 and S2 SVC-S1-TD1
  • IP address: 192.0.2.10
  • Protocol: HTTP
  • Port: 80
SVC-S2-TD1
  • IP address: 192.0.2.20
  • Protocol: HTTP
  • Port: 80
Load balancing virtual server LBVS-TD1
  • IP address: 203.0.113.15
  • Protocol: HTTP
  • Port: 80
  • Bound services: SVC-S1, SVC-S2
Settings in traffic domain 2
VMAC Address VMAC2 (for reference purposes only) NS1 automatically creates VMAC2 and associates with traffic domain 2
SNIP address SNIP2(for reference purposes only) 192.0.2.6
Services on NS1 representing servers S1 and S2 SVC-S3-TD2
  • IP address: 192.0.2.30
  • Protocol: HTTP
  • Port: 80
SVC-S4-TD2
  • IP address: 192.0.2.40
  • Protocol: HTTP
  • Port: 80
Load balancing virtual server LBVS-TD2
  • IP address: 203.0.113.16
  • Protocol: HTTP
  • Port: 80
  • Bound services: SVC-S3, SVC-S4
Configuration Steps
Configuring a VMAC based traffic domain on a NetScaler appliance consists of the following tasks:
  • Create a traffic domain entity and enable the VMAC option. Create a traffic domain entity uniquely identified by an ID, which is an integer value, and then enable the VMAC option. After creating the traffic domain entity, the NetScaler ADC creates a virtual MAC address and then associates it to the traffic domain entity.
  • Create feature entities on the traffic domain. Create the required feature entities in the traffic domain by specifying the traffic domain identifier (td) when configuring these feature entities. NetScaler owned network entities created in a VMAC based traffic domain are associated with the VMAC address, which is associated with the traffic domain. The NetScaler ADC then sends the traffic domain’s VMAC address in ARP announcements and ARP responses for these network entities.
To create a VMAC based traffic domain by using the command line interface
At the command prompt, type:
  • add ns trafficDomain <td> [-vmac ( ENABLED | DISABLED )]
  • show ns trafficdomain <td>
To configure a SNIP address by using the command line interface
At the command prompt, type:
  • add ns ip <IPAddress> <netmask> -type SNIP –td <id>
  • show ns ip <IPAddress> -td <id>
To create a service by using the command line interface
At the command prompt, type:
  • add service <name> <IP> <serviceType> <port> -td <id>
  • show service <name> -td <id>
To create a load balancing virtual server and bind services to it by using the command line interface
At the command prompt, type:
  • add lb vserver <name> <serviceType> <IPAddress> <port> -td <id>
  • bind lb vserver <name> <serviceName>
  • show lb vserver <name> -td <id>
Example
> add ns trafficDomain 1 -vmac ENABLED 
 Done 
> add ns trafficDomain 2 -vmac ENABLED 
 Done 
 
> add ns ip 192.0.2.5 255.255.255.0 -type -SNIP -td 1 
 Done 
> add service  SVC-S1-TD1  192.0.2.10 HTTP 80 -td 1 
 Done 
> add service  SVC-S2-TD1  192.0.2.20 HTTP 80 -td 1 
 Done 
> add lb vserver  LBVS-TD1 HTTP   203.0.113.15 80 -td 1 
 Done 
> bind lb vserver  LBVS-TD1 SVC-S1-TD1 
 Done 
> bind lb vserver  LBVS-TD1 SVC-S2-TD1 
 Done 
 
> add ns ip 192.0.2.6 255.255.255.0 -type -SNIP -td 2 
 Done 
> add service  SVC-S3-TD2  192.0.2.30 HTTP 80 -td 2 
 Done 
> add service  SVC-S4-TD2  192.0.2.40 HTTP 80 -td 2 
 Done 
> add lb vserver  LBVS-TD1 HTTP   203.0.113.16 80 -td 1 
 Done 
> bind lb vserver  LBVS-TD2 SVC-S3-TD2 
 Done 
> bind lb vserver  LBVS-TD2 SVC-S3-TD2 
 Done
To create a VMAC based traffic domain by using the configuration utility
  1. Navigate to System > Network > Interfaces.
  2. In the details pane, click Add.
  3. On the Create Traffic Domain page, set the following parameters:
    • Traffic Domain ID*
    • Enable Mac
  4. Click Create.
To configure a SNIP address by using the configuration utility
  1. Navigate to System > Network > IPs > IPv4
  2. Navigate to Network > IPs > IPv4
  3. In the details pane, click Add
  4. In the Create IP page, set the following parameters. For a description of a parameter, hover the mouse cursor over the corresponding field.
    • IP Address
    • Netmask
    • IP Type
    • Traffic Domain ID
  5. Click Create.
To create a service by using the configuration utility
  1. Navigate to Traffic Management > Load Balancing > Services.
  2. In the details pane, click Add.
  3. In the Basic Settings Page, set the following parameters. For a description of a parameter, hover the mouse cursor over the corresponding field.
    • Service Name
    • Server
    • Protocol
    • Port
    • Traffic Domain ID
  4. Click Continue, and click Done.
  5. Repeat steps 2-4 to create another service.
  6. Click Close.
To create a load balancing virtual server and bind services to it by using the configuration utility
  1. Navigate to Traffic Management > Load Balancing > Virtual Servers.
  2. In the Load Balancing Virtual Servers pane, click Add.
  3. In the Create Virtual Servers (Load Balancing) dialog box, set the following parameters. For a description of a parameter, hover the mouse cursor over the corresponding field.
    • Name
    • IP Address
    • Protocol
    • Port
    • Traffic Domain ID
  4. Click Continue, on the Service Pane, click >.
  5. On the Service page, click Insert, and then select the check box for the services that you want to bind to the virtual server.
  6. Click Continue, and click Done.
  7. Repeat steps 2-5 to create another virtual server