identify a connection, the NetScaler uses the 4-tuple of client IP address,
client port, destination IP address, and destination port. When you enable the
L2 Connection option, the Layer 2 parameters of the connection (channel number,
MAC address, and VLAN ID) are used in addition to the normal 4-tuple.
L2Conn parameter for a load balancing virtual server allows multiple TCP and
non-TCP connections with the same 4-tuple (<source IP>:<source
port>::<destination IP>:<destination port>) to co-exist on the
NetScaler appliance. The appliance uses both the 4-tuple and the Layer 2
parameters to identify TCP and non-TCP connections.
You can enable
the L2Conn option in the following scenarios:
- Multiple VLANs are
configured on the NetScaler appliance, and a firewall is set up for each VLAN.
- You want the traffic
originating from the servers in one VLAN and bound for a virtual server in
another VLAN to pass through the firewalls configured for both VLANs.
an nCore NetScaler appliance on which the l2Conn parameter is set for one or
more load balancing virtual servers is downgraded to a Classic build or to an
nCore build that does not support the l2Conn parameter, the load balancing
configurations that use the l2Conn parameter become ineffective.