How to Advertise Static Route From NetScaler to ZebOS
来源 https://support.citrix.com/article/CTX203868
Objective
This article describes how to add static route from NetScaler to ZebOS.
Background
Consider the following scenario, there is a static route from the NetScaler to the service provider. User is running OSPF between the NetScaler and the Core switches. User's requirement is to redistribute this static route into OSPF and track the static route to avoid blackhole.
LB1 and LB 2 are Citrix NetScalers.
CS01 and CS02 are core switches.
Instructions
Enable monitoring on the static route so that whenever the state of a route in NetScaler packet engine changes it is immediately communicated to ZebOS by NSPPE.
Complete the following steps:1.To advertise static routes configured on the NetScaler into the OSPF routing domain, run the following command:
enable ns mode sradv
2.Then switch to ZebOS by running the following command on the NetScaler CLI:
vtysh
#conf t
#Config# router ospf
#redistribute kernel
CLI Routing Table:
ZebOS Config:
OSPF database:
===============
Citrix ADC dynamic routing and route health injection
来源 https://www.virtualdesktopdevops.com/netscaler/netscaler-dynamic-routing.html
Route heath injection ?
Route Health Injection (RHI) delegates the control of routing protocol announcement to a server based on the health of a service and the connectivity of the server to the network :
- If the service is alive, a /32 route is injected into the network using a dynamic routing protocol announcement.
- When the service goes down because of a software issue, the /32 host route is withdrawn by the server from the network using a dynamic routing protocol triggered update.
- If the server loses it's connectivity to the network, the upstream router automatically withdraws all the /32 host routes learned from this disconnected peer.
Route Health Injection for IP Anycast deployment
Route Health Injection can be used to advertise the same IP address from different locations geographically dispersed. User is directed to the nearest server from the network perspective. Strong resiliency is achieved for critical services in this IP Anycast.
Route Health Injection in a Layer 3 Citrix ADCHA pair
Citrix ADC High Availability is usually created by pairing two netscaler nodes located in the same management subnet and sharing the same vlans. The primary node hosts the active SNIP and VIP addresses, the secondary node is synchronized with the primary node. If the primary node goes down or loses it's connectivity, the SNIP and VIP addresses move to the secondary node which gets primary. Both Netscaler nodes share the same network configuration and network resiliency is achived by using first hop reduncdancy protocols (HSRP, HSRP vPC, VRRP, ...), vPC, VSS or multi chassis etherchannel, and firewall clustering.
Failure or flapping of one of the redundancy mechanism breaks network connectivity.
In a layer 3 Citrix ADC HA deployment, each ADC instance is deployed in a separate subnet with independant internet connectivity, routers, and firewalls. All those equipments are located in separate network rooms. Connectivity in the Citrix ADC HA pair and between ADC and users / backend servers are routed and rely on dynamic routing protocols.
Dynamic IP routing in Citrix ADC
Citrix ADC support both dynamic and static routing. The main objective of running dynamic routing protocols is to enable route health injection (RHI), to enable upstream network infrastructure to choose the best path among multiple routes to a reach a geographically distributed virtual server.
Multiple routing tables in Citrix ADC
Citrix ADC embeds 3 different routing tables :
- NS Kernel routing table : Used by Citrix ADC in packet forwarding. Holds subnet routes corresponding to the NSIP and to each SNIP and MIP. Holds any static routes added through the CLI. This routing table is configured through the GUI or CLI interface.
- Network service module : Contains the advertisable routes distributed by the dynamic routing protocols to their peers in the network. This routing table is configured using the vtysh mode (ZebOS).
- FreeBSD routing table : Facilitate initiation and termination of management traffic (telnet, ssh, etc.).
Citrix ADC routing suite based on ZebOS® IP Infusion Layer 2, Layer 3, MPLS network stack. ZebOS® can be accessed using vtysh netscaler CLI command. IPv4 & IPv6 supported dynamic routing protocols are :
- Routing Information Protocol (RIP) : version 2 & RIPng for IPv6
- Open Shortest Path First (OSPF) : version 2 & version 3 for IPv6
- Border Gateway Protocol (BGP)
- ISIS Protocol
Routing tables synchronization
NS kernel routing table (GUI & CLI configuration) and Network service module (ZebOS) are ynchronized using the following vtysh commands :
- Use ns-route-install commands to push routes from ZebOS to NS Kernel routing table
- Use redistribute kernel command in ZebOS dynamic routing protocols configuration to advertise routes configured in NS Kernel routing table.
