in NetScaler

Citrix ADC in HA(INC Mode) without the use of AZLB

It seems so counterintuitive to setup an LB, in front of your LB to get traffic distributed across the 2 nodes. Microsoft have recently announced their RouteServer object, which enables a dynamic way of injecting routes into the route table.

RouteServer uses BGP to establish communicate with 3rd party devices. I sense that the feature is created more to get your ip-network-routes easily imported into to Azure via an Express-Route, but luckily for us, BGP is a standard protocol, and is supported on Citrix ADC’s. RouteServer does not come as full-featured BGP router, so keep that in-mind.

Configuration of RouteServer is pretty simple, you created the required subnet (RouteServerSubnet) and add peers into your RouteServe. Name == “a good explaning name”, ASN == “The remote AS number of the 3rd party device”, ipV4 Address == “Where RouteServer” will communicate for the configured AS number”.

Citrix ADC supports BGP via’ the ZebOS deamon running in userland(the binary is acutally bgpd). That means its another terminal, and has to be configured via CLI or API – there is no GUI here. From the CLI, type “vtysh” to access the ZebOS terminal. To enable ZebOs on another SubnetIP (SNIP), the option; -dynamicRouting ENABLED (setting for the SNIP) has to be enabled. The VIP’s also needs an extra option before they are redistributed via BGP; -hostRoute ENABLED. And remember, depending on your configuration your vServer needs to be UP, before the ip is announced via BGP.

Getting traffic to the VIP; in the setup i had to do, i had a AZ FW, with a DNAT rule to send traffic to the VIP (172.16.200.10) from the public. and voila – it worked 🙂

API – just an example if you need to do this via code:

What do you think?

Comment