Product Documentation

Prerequisites for Installing NetScaler VPX Virtual Appliances on Linux-KVM Platform

Sep 30, 2015

Hardware Requirements

The following table describes the minimum system requirements for Linux-KVM servers running NetScaler VPX.

Component Requirement
CPU
  • 64-bit x86 processors with the hardware virtualization features included in the AMD-V and Intel VT-X processors.

    To test whether your CPU supports Linux host, enter the following command at the host Linux shell prompt:

    .egrep'^flags.*(vmx|svm)'/proc/cpuinfo

    If the BIOS settings for the above extension are disabled, you must enable them in BIOS.

  • Provide at least 2 CPU cores to Host Linux.
  • There is no specific recommendation for processor speed, but higher the speed, the better the performance of the VM application.
Memory (RAM)

Minimum 4 GB for the host Linux kernel. Add additional memory as required by the VMs.

Hard Disk

Calculate the space for Host Linux kernel and VM requirements. A single NetScaler VPX VM requires 20 GB of disk space.

Software Requirements

The Host kernel used must be a 64-bit Linux kernel, release 2.6.20 or later, with all virtualization tools. Citrix recommends newer kernels, such as 3.6.11-4 and later.

Many Linux distributions such as Red Hat, Centos, and Fedora, have tested kernel versions and associated virtualization tools.

Guest VM Hardware Requirements

NetScaler VPX supports only IDE hard disk type. The Hard Disk Type has been configured in the XML file which is a part of the NetScaler package.

Networking Requirements

NetScaler VPX supports only virtIO para-virtualized network interfaces.

Source Interface and Modes
The source device type can be either Bridge or MacVTap. In case of MacVTap, four modes are possible - VEPA, Bridge, Private and Pass-through.
The following tables list the types of interfaces that you can use and the supported traffic types.

For best performance by the NetScaler instance, make sure that the gro and lro capabilities are switched off on the source interfaces

Table 1. Interface Types
Interface Type Considerations
Source: Bridge
  • Linux Bridge.
  • Ebtables and iptables settings on host Linux might filter the traffic on the bridge if you do not choose the correct setting or disable IPtable services.
Source: MacVTap

Mode : VEPA

  • Better performance than a bridge.
  • Interfaces from the same lower device can be shared across the VMs.
  • Inter-VM communication using the same lower device is possible only if upstream or downstream switch supports VEPA mode.
Source: MacVTap

Mode : Private

  • Better performance than a bridge.
  • Interfaces from the same lower device can be shared across the VMs.
  • Inter-VM communication using the same lower device is not possible.
Source: MacVTap

Mode : Bridge

  • Better as compared to bridge.
  • Interfaces out of same lower device can be shared across the VMs.
  • Inter-VM communication using the same lower device is possible, if lower device link is UP.
Source: MacVTap

Mode : Pass-through

  • Better as compared to bridge.
  • Interfaces out of same lower device cannot be shared across the VMs.
  • Only one VM can use the lower device.

Table 2. Verified Traffic Types
Test Case Bridge MacVTap
VEPA Private Bridge Pass-through
Untagged IPv4 S S S S S
Tagged IPv4 S NS NS NS NS
IPv4 L3 Forwarding S S S S S
IPv4 Endpoint Traffic S S S S S
Broadcast/Multicast Traffic S S S S S
Untagged IPv6 S S S S S
Tagged IPv6 S NS NS NS NS
IPv6 L3 Forwarding S S S S S
IPv6 Endpoint Traffic S S S S S

S - Supported.

NS - Not Supported.

Properties Of Source Interfaces

Make sure that you switch off the generic-receive-offload (gro) and large-receive-offload (lro) capabilities of the source interfaces. To switch off the gro and lro capabilities, run the following commands at the host Linux shell prompt.

ethtool -K eth6 gro off

ethool -K eth6 lro off

Example

[root@localhost ~]# ethtool -K eth6 
		Offload parameters for eth6: 
				rx-checksumming: on 
				tx-checksumming: on 
				scatter-gather: on 
		tcp-segmentation-offload: on 
		udp-fragmentation-offload: off 
		generic-segmentation-offload: on 
		generic-receive-offload: off 
		large-receive-offload: off 
		rx-vlan-offload: on 
		tx-vlan-offload: on 
		ntuple-filters: off 
		receive-hashing: on 
[root@localhost ~]#

Example

If the host Linux bridge is used as a source device, as in the following example, gro and lro capabilities must be switched off on the vnet interfaces, which are the virtual interfaces connecting the host to the guest VMs.

[root@localhost ~]# brctl show eth6_br 
bridge name     bridge id        STP enabled     interfaces 
eth6_br         8000.00e0ed1861ae       no          eth6 
                                                    vnet0 
                                                    vnet2 
[root@localhost ~]#

In the above example, the two virtual interfaces are derived from the eth6_br and are represented as vnet0 and vnet2. Run the following commands to switch off gro and lro capabilities on these interfaces.

ethtool –K vnet0 gro off 
	ethtool –K vnet2 gro off 
	ethtool –K vnet0 lro off 
		ethtool –K vnet2 lro off 

Module Required

For better network performance, make sure the vhost_net module is present in the Linux host. To check the existence of vhost_net module, run the following command on the Linux host :

lsmod | grep "vhost_net"

If vhost_net is not yet running, enter the following command to run it:

modprobe vhost_net