Note: The current NetScaler 1000V release does not support this feature.
What is SDX?
SDX is a true service delivery networking platform for enterprises and cloud datacenters. SDX features an advanced virtualization architecture that supports multiple NetScaler instances on a single hardware appliance.
When do I need SDX?
If you have multiple enterprise applications that have independent life cycle needs for L4–L7 networking services, or if you have a need to consolidate multiple underutilized load balancing appliances, you benefit from SDX.
What's unique about SDX?
SDX uniquely delivers key benefits from advancements in server hardware virtualization, hardware-assisted SSL acceleration, and the market-proven, award-winning NetScaler product line. The Management Service features an advanced control plane to unify provisioning, monitoring, and management in the most demanding multitenant environments, while providing full resource isolation for data separation and to meet service level agreement guarantees, such as availability, reliability, and performance.
How will I benefit from SDX?
SDX delivers isolated multitenancy with up to 40:1 consolidation. As a key pillar in Citrix's TriScale technology framework, SDX addresses the growing need to "scale in" within virtual data centers and cloud network infrastructures. The TriScale scale-in factor enables IT to provide the foundation for consolidating L4–L7 network services today, thereby simplifying the build-out of cloud based services down the line, in accordance with business requirements.
Will I need to go outside my normal procurement procedure to purchase SDX?
SDX is a fully contained networking appliance, designed for network deployment. SDX is not designed to be managed through standard hypervisor management tools such as XenCenter.
How do I purchase an SDX?
An SDX order has three basic product components: SDX appliance SKU, SDX support contract SKU, and Add-On Instance Packs. SKUs are also available for platform conversion (MPX-to-SDX) and platform upgrade (SDX-to-SDX). SDX today is available in Platinum Edition only.
The editions do not apply from a packaging perspective. NetScaler SDX appliances and the instance 5-packs are priced the same regardless of the edition. However, when provisioning new instances, the administrator is free to deploy the Standard, Enterprise, or Platinum edition of the NetScaler software.
memory can I assign to each instance?
There is no
maximum limit to the memory that can be assigned to each instance. Minimum
memory required per instance is 2GB.
migrate the existing configuration (ns.conf) from the MPX platform to SDX VPX
some configuration, such as RBA policies and SNMP community configuration, is
NetScaler features do I get with SDX?
NetScaler features are available on SDX.
accelerate SSL in hardware like MPX does?
Yes. You can
assign SSL cores to an instance during provisioning.
to my network are required for me to deploy SDX?
SDX fits into
your network environment through standard Ethernet interfaces. You must disable
link aggregation control protocol (LACP) on any external switch ports connected
to the appliance.
interoperable with my routing and switching infrastructure?
although link aggregation control protocol (LACP) is currently not supported.
However, SDX supports manual link aggregation.
interoperable with my existing NetScaler deployment?
although standard VPX-to-MPX limitations apply. For example, high availability
is supported only across homogeneous devices (you cannot pair a virtual device
with a physical device), some configuration, such as RBA policies and SNMP
configuration, is deleted, and license transfer is not supported.
manage SDX from Command Center?
can identify SDX appliances and provision and de-provision VPX instances by
using Command Center.
How does SDX
instance runs as a separate virtual machine with its own dedicated NetScaler
kernel, CPU resources, memory resources, address space, and bandwidth
allocation. Network I/O is done in a way that not only maintains aggregate
system performance but also enables complete segregation of each tenant's
data-plane and management-plane traffic.
Do I need to
manage an SDX through XenCenter?
XenCenter is not supported. Use the Management Service to manage XenServer.
We are a
VMware shop. We have no infrastructure available to support XenServer, do you
have a VMware variant of SDX?
additional XenServer infrastructure is necessary. SDX is a fully contained
networking appliance with its own control plane, and the virtualization layer
is transparent to the deployment.
Why is the
system health monitoring page not showing any data?
How do I
verify that the supplemental pack installation was successful?
installation, a pop up window shows whether installation was successful or if
there was an error.
Why is the
VPX instance not reachable after interfaces on the appliance are modified?
provision a NetScaler VPX instance with L2VLAN configuration, physical
interfaces on the SDX appliance are mapped to virtual interfaces on the VPX
instance. If you remove an interface, you might change the mapping between the
physical interfaces and VPX instances, and therefore you might lose
connectivity to the VPX instance.
You provision a VPX
instance, by using the Management Service, with interfaces 10/1, 10/2, 10/7,
and tag VLAN 512 to interface 10/2. When you log on to that VPX instance, you
see that interfaces 10/1, 10/2, and 10/3 are configured.
If you later modify the
instance and remove interface 10/1, you lose connectivity to the instance,
because interface 10/2 is renamed to 10/1 in the VPX instance.
addresses supported on the NetScaler SDX appliance?
NetScaler-supported IPv6 functionality is available on the SDX appliance.
link parameters, such as speed and duplex, configured?
parameters are configured from the Management Service.
appliance be restarted if the platform license is upgraded?
No. You do
not need to restart the appliance for the new license to apply.
Do I need to
restart the appliance to upgrade the device-level firmware?
upgrade is handled through the Management Service and requires that the
appliance be restarted. This is the only time that the SDX appliance needs a
Do I need to
restart the appliance when I upgrade it by using a Pay-As-You-Grow license?
the appliance upgrades the platform license. Restart the Management Service but
not the instances running on the SDX appliance. Once upgraded, the Management
Service detects the higher throughput available for the instances. If you
decide to increase the bandwidth limit for an instance, restart that instance
after modifying the bandwidth limit.
to production instances if I remove my platform license?
There is no
change to the production instances. However, you cannot add new instances.
How can we
readd a gadget to the Home page?
<< button in the top-right corner of the Home page. Then, type the name
of the gadget, or press Enter for all gadgets. Click "Add to Dashboard".
interfaces in manual link aggregation be part of same VLAN?
interfaces in manual link aggregation should be part of the same VLAN.
VLANs are supported per interface with VLAN filtering enabled? What happens if
I configure more?
filtering enabled, 10G interfaces support up to 63 VLANs, and 1G interfaces
suppport up to 31 VLANs. This is a hard limit based on the number of the queues
supported by the NIC. An error message appears if the limit is exceeded.
instances can be shared on a single NIC?
For a 10G
interface, SDX supports up to 63 virtual functions per physical port, which
translates to 63 instances per 10G NIC. For 1G interfaces, the maximum number
of shared instances per NIC is 7.
Why is the
XenServer password the same as the Management Service password?
XenServer password and the Management Service password are the same to maintain
administrative consistency. Changing the XenServer password causes the internal
communication between the Management Service and XenServer to fail.
If I have
separate management networks, do I need to manually add these networks to the
Communication is over an external device.
Why can't I
modify the default administrator profile?
administrator profile enables multiple administrative roles to exist on the
SDX. You cannot change the password of the nsroot administrator profile, but
you can create a new administrator profile and make it the default profile.
Why does Core
usage show 50% when I'm not passing any traffic through my NetScaler instance?
usage shows, from the hypervisor perspective, the CPU utilization of one
physical CPU, which has two hyperthreads: one for the packet engine and one for
the management CPU. For example, assume a single instance with one dedicated
core. Even if you are not passing any traffic through your appliance, PE CPU
utilization will be 100%, and average core utilization will be 50%.
restarting the Management Service interrupt my production instances?
production instances will continue to pass traffic without interruption while
the Management Service restarts. The same applies when you upgrade the
configure the Management Service to send syslog?
through the Management Service is currently not supported.
Am I required
to upgrade all VPX instances if I upgrade the Management Service?
life cycles can be managed independently of one other and of the life cycle of
the Management Service.
Management Service and VPX instances are on different networks, how can I
manage the VPX instance through HTTPS?
way as if they are on the same network.
Management Service and VPX instances are on different networks, how can I
manage the VPX instance through the Management Service?
Management Service and the VPX instance are in different networks but the
instance can be reached from Management Service, the Management Service shows
the instance as UP. If an instance is UP, you can manage it from the Management
Service. However, if communication between the two fails, the Management
Service shows the instance as "Out of Service".
the IP address of my Management Service. What can I do?
Log on to
XenServer, and then use the default IP address (169.254.0.10) to log on to the
Management Service. At the shell prompt, type
networkconfig to view or modify the IP address of the
specify VLANs on management interfaces?
management interfaces are currently not supported.
How do I
supported method for restarting XenServer is from the Management Service. It is
equivalent to restarting the appliance.
instances can I provision on the SDX appliance? How much aggregate throughput
can I expect?
is dependent on the hardware and the license that you purchased, as shown
11500, 13500, 14500,
16500, 18500, 20500—5 to 20 instances. Throughput ranges from 8 to 42 Gbps.
17500, 19500, 21500—5 to
20 instances. Throughput ranges from 20 to 50 Gbps.
17550, 19550, 20550,
21550—5 to 40 instances. Throughput ranges from 20 to 50 Gbps.
8400, 8600—2 to 5
instances. Throughput ranges from 4 to 6 Gbps.
restrict functionality on the VPX instances?
functionality can be restricted by specifying the license (Standard,
Enterprise, or Platinum) when you provision the instance.
SDX models are there, and how do they differ?
NetScaler SDX appliance comes in the following variants:
11500/13500/14500/16500/18500/20500—8 to 42 Gbps, maximum 20 instances, 8x1G
ports, 4x10G ports.
to 50 Gbps, maximum 20 instances, 8x10G ports.
Note: This platform is going EOS this year.
21550—20 to 50 Gbps, maximum 40 instances, 8x10G ports.
8400/8600—4 to 6 Gbps, maximum 5 instances, (6x10/100/1000Base-T copper
Ethernet ports + 6x1G SFP) and (6x10/100/1000Base-T copper Ethernet ports +
the minimum NetScaler software version required for SDX instances?
VPX instances should run release 9.3 and later to be able to work on SDX.
physical interfaces will I need to use?
have a single management network, you'll need on an average 1 or 2 physical
NICs per instance. For 2 or more management networks (multiple VLANs for
NetScaler IP addresses), you'll need a dedicated separate physical NIC for each
management VLAN trunk. You can share physical NICs among multiple instances
with L2 separation. Therefore, depending on your topology, you can offset the
management VLAN trunk count with multiple instances sharing a physical NIC.
upgrade my MPX to an SDX? What about my MPX FIPS platform?
MPX platform that supports the SDX architecture can be converted to a similar
class of SDX platform. The MPX platform must have a platinum license to be
eligible for this upgrade. This is a one way upgrade, and it wipes out the
entire configuration on that MPX platform.
For more information about this upgrade, see
SSL cards (cores) are supported on a NetScaler SDX appliance?
of SSL cards supported varies by the platform as follows:
Note: Instances cannot share SSL cores. Any SSL cores that are
allocated at the time of provisioning an instance are dedicated to that
Can I apply
my VPX license to SDX?
NetScaler SDX and NetScaler VPX have different licensing models. One license
cannot be used for the other.
the hardware sensors not displayed on the NetScaler SDX 17500/19500/21500
NetScaler SDX 17500/19500/21500 is built on the MPX 17500/19500/21500 hardware
platform. These appliance configurations do not support monitoring of hardware
upgraded my MPX to an SDX, the LCD panel went dark. Is that expected?
is normal behavior. SDX does not support the LCD panel.
RX and TX errors on the NetScaler SDX appliance?
RX and TX
errors include cyclic redundancy check (CRC) errors and small or runt packet
happens if a hardware component is removed from the SDX appliance?
hardware component is physically removed from the appliance, it no longer
appears in the Management Service user interface.
Do I need
to restart my appliance after I reconfigure VLAN filtering?
However, you need to restart the VPX instances that are affected by this
change. The Management Service restarts the affected instances if you select
"Reboot associated Instances" in the
Enable/Disable VLAN Filter dialog box.
What is the
NMI button for on the SDX appliance?
button is not operational on the SDX appliance.