Home >Documents >Enterprise Cloud 2.0 Tutorial v2.7.0 > 11. Using Load Balancer > 11.2. Configuration example of Citrix NetScaler VPX > 11.2.3. Network setting >11.2.3.2. Redundancy setting by VRRP

11.2.3.2. Redundancy setting by VRRP

Operation Confirmed Version:
 Citrix Netscaler VPX Version11.0 Build67.12 Standard Edition

  • Method to make the Load Balancer redundant will be introduced here.

  • VRRP is a redundancy protocol that makes two routers (the Load Balancers here) recognized virtually as a single router by a connected terminal and the like.

  • Two Load Balancers share the role in the conditions called as MASTER and BACKUP.

  • Connected terminals can communicate by specifying the default gateway not to the real IP address of the Load Balancer’s interface, but to the Virtual IP address created by VRRP.

  • Also when the firewall in Master state cannot forward packets due to any failure, the firewall in Backup state automatically shifts to Master state, so that communications from the terminal can be continued.

Note

  • For the restrictions, refer to “Restrictions” section of Load Balancer Service Descriptions .

  • The customer needs to execute the [ Registration of communication approval setting for VRRP ] from ECL2.0 Customer Portal, before configuring VRRP on Citrix Netscaler VPX.

  • After making VRRP settings, enable DHCP (address setting function) of the logical network. If the DHCP setting has been disabled, an ARP request is made with source address 0.0.0.0 with respect to the network of NTT Communications. It has been confirmed that in this case, ARP replies are not performed by some appliances.

  • As the default, preempt of VRRP has been enabled (True). This setting is recommended considering that when two interfaces are placed in Master state at the time of recovery from failure or due to unstable network or board, switching back is automatically performed.

  • This service does not support asymmetric communications. By the product specification, NetScaler VPX cannot synchronize VRRP status in multiple interfaces. Therefore, by adding redundancy only in the client side with VRRP and enabling Source NAT of the Citrix NetScaler VPX, configure that communication to go and return take the same route.

  • In case of VRRP setting, please also check Validated use model <https://ecl.ntt.com/en/documents/tutorials/rsts/networkfunction/index.html>.

Presumed case for sample setting

  • Assume that we want to set VRRP to the interface in the client network (192.168.1.0/24) side of the two Load Balancers (VRRP-LB1, VRRP-LB2).

Configuration diagram
Fig12101

On the product specification of VRRP function of NetScaler VPX

  • If VRRP setting of NetScaler VPX is made to both interfaces of client side and server side, VRRP status (MASTER/BACKUP) of each interface cannot be synchronized.

  • Therefore, VRRP setting only to the interface of the client side is recommended. Also by enabling SourceNAT function, communication from the client to the server can take the same route for both go and return. SourceNAT is enabled by default with Netscaler VPX.

Note

For settings of SourceNAT function, refer to “Disabling SourceNAT” in Examples of Validated Setting.

Notes on VRRP Settings

1.With the Load Balancer(NetScaler VPX) of ECL2.0, the number of VRRP settings (pairs of Virtual IP and Virtual Router ID) that can be registered is 1.
In case of VRRP setting, DHCP should be enabled in the Subnet of the Logical Network to which the interface setting the VRRP is connected. If DHCP is disabled, there may be cases where communication to a Virtual IP address of the Load Balancer that set VRRP becomes impossible. If this problem occurs, the customer has to reboot the Load Balancer of the Active system.
2.VRRP setting needs not only the setting of the Load Balancer itself, but also procedures to be executed from the Customer Portal. Those procedures are also described in the following documents for your reference.

VRRP-LB1 Settings

Setting on ECL2.0 Portal

In the scenario of sample setting, following setting will be applied to VRRP-LB1.

Setting Items

Setting value

Interface to set

 Interface 1/1

Virtual IP Address

 192.168.1.20
VRID 30
Login to the Control Panel and move to [ Network” ] → [ Load Balancer ].
Fig12102
The Load Balancer screen will be displayed. Click [ VRRP-LB1 ] from [ Name ].
Fig12103
The Load Balancer details screen will be displayed. Click [ Load Balancer Interface ].
Fig12104
The Load Balancer details screen will be displayed. Open the pull-menu of [ Edit Load Balancer Interface ] from Action of [ Interface 1/1 ], and click [ Register Communication Setting for VRRP ].
Fig12105
Registration screen for VRRP Communication will be displayed. Enter 192.168.1.20 to [ Virtual IP Address ] and 30 to [ VRID ]. When the input is complete, click [ Register Communication Setting for VRRP ].
Fig12106
The Load Balancer Interface screen will be displayed. Check that [ 192.168.1.20 ] is displayed in the Virtual IP Address of [ Interface 1/1 ] and the [ Status ] is [ Up ].
Fig12107

Setting in the Load Balancer (VRRP-LB1) Management Portal

From the [ Configuration ] menu, move to [ System ] → [ Network ].
Fig12108
Move to [ Network ] → [ VMAC ].
Fig12109
After the [ VMAC ] screen is displayed, click [ Add ].
Fig12110
The Create VMAC screen will be displayed. As the scenario of sample setting, input the information as the table below.

Setting Items

Setting value
Virtual Router ID 30
Priority 200
Tracking NONE
Preemption

Check mark
Track Interface Priority 0
Interfaces bound to this vrid

Check mark
Input the set values.
Fig12111
Click [ Create ].
Fig12112
The VMAC screen will be displayed. Check that the set VMAC is displayed.
Fig12113
From the [ Configuration ] menu, move to [ System ] → [ Network ] → [ IPs ]. After the [ IPs ] screen is displayed, click [ Add ].
Fig12114
The Create IP Address screen will be displayed. As the scenario of sample setting, input the information as the table below.

Setting Items

Setting value
IP Address 192.168.1.20
Netmask 255.255.255.0
IP Type Virtual IP
Virtual Router ID 30
ICMP Response NONE
ARP Response NONE
Traffic Domain

10 (10 is mandatory)
State

Check mark
ARP

Check mark
ICMP

Check mark
Virtual Server

Check mark
Enable Management Access control to support the below listed applications

Check mark
SNMP

Check mark
Input the set values.
Fig12127
Click [ Create ].
Fig12115
The IPs screen will be displayed. Check that the set IP Address is displayed and [ State ] is [ Enabled ].
Fig12116

VRRP-LB2 Settings

Setting on ECL2.0 Portal

In the scenario of sample setting, following setting will be applied to VRRP-LB2.

Interface to set

 Interface 1/1

Virtual IP Address

 192.168.1.20
VRID 30
Login to the Control Panel and move to [ Network” ] → [ Load Balancer ].
Fig12117
The Load Balancer screen will be displayed. Click [ VRRP-LB2 ] from [ Name ].
Fig12118
The Load Balancer details screen will be displayed. Click [ Load Balancer Interface ].
Fig12119
The Load Balancer details screen will be displayed. Open the pull-menu of [ Edit Load Balancer Interface ] from Action of [ Interface 1/1 ], and click [ Register Communication Setting for VRRP ].
Fig12120
Registration screen for VRRP Communication will be displayed. Enter 192.168.1.20 to [ Virtual IP Address ] and 30 to [ VRID ]. When the input is complete, click [ Register Communication Setting for VRRP ].
Fig12121
The Load Balancer Interface screen will be displayed. Check that [ 192.168.1.20 ] is displayed in the Virtual IP Address of [ Interface 1/1 ] and the [ Status ] is [ Up ].
Fig12122

Setting in the Load Balancer (VRRP-LB2) Management Portal

From the [ Configuration ] menu, move to [ System ] → [ Network ].
Fig12108
Move to [ Network ] → [ VMAC ].
Fig12109
After the [ VMAC ] screen is displayed, click [ Add ].
Fig12110
The Create VMAC screen will be displayed. As the scenario of sample setting, input the information as the table below.

Setting Items

Setting value
Virtual Router ID 30
Priority 100
Tracking NONE
Preemption

Check mark
Track Interface Priority 0
Interfaces bound to this vrid

Check mark
Input the set values.
Fig12123
Click [ Create ].
Fig12124
The VMAC screen will be displayed. Check that the set VMAC is displayed.
Fig12125
From the [ Configuration ] menu, move to [ System ] → [ Network ] → [ IPs ]. After the IPs screen is displayed, click [ Add ].
Fig12123
The Create IP Address screen will be displayed. As the scenario of sample setting, input the information as the table below.

Setting Items

Setting value
IP Address 192.168.1.20
Netmask 255.255.255.0
IP Type Virtual IP
Virtual Router ID 30
ICMP Response NONE
ARP Response NONE
Traffic Domain

10 (10 is mandatory)
State

Check mark
ARP

Check mark
ICMP

Check mark
Virtual Server

Check mark
Enable Management Access control to support the below listed applications

Check mark
SNMP

Check mark
Input the set values.
Fig12127
Click [ Create ].
Fig12115
The IPs screen will be displayed. Check that the set IP Address is displayed and [ State ] is [ Enabled ].
Fig12128
This completes the VRRP Setting to the Load Balancer Interface.

Checking VRRP switching

With two Load Balancers, we could confirm the Status of MASTER/BACKUP. Therefore, we have confirmed that VRRP setting is correctly made.

Checking Load Balancer (VRRP-LB1) Setting

From the [ Configuration ] menu, move to [ System ] → [ Network ] → [ VMAC ]. After the VMAC screen is displayed, we can check that [ State ] of the set VMAC is [ MASTER(1) ].
Fig12129

Checking Load Balancer (VRRP-LB2) Setting

From the [ Configuration ] menu, move to [ System ] → [ Network ] → [ VMAC ]. After the VMAC screen is displayed, we can check that [ State ] of the set VMAC is [ BACKUP(2) ].
Fig12130

Verification Result of Operations at the Time of Failure

**Operation Check at the Time of Load Balancer (VRRP-LB1) Failure

Change the VRRP Priority of the Load Balancer (VRRP-LB1), which is MASTER(1), to simulate its operation its operation at the time of failure and confirm that it is switched to BACKUP(2).
From the [ Configuration ] menu of the Load Balancer (VRRP-LB1), move to [ System ] → [ Network ] → [ VMAC ]. After the VMAC screen is displayed, select [ VRID ] [ 30 ] that are created in this scenario and click [ Edit ].
Fig12131
The Configure VMAC screen will be displayed. Input [ 90 ] to [ Priority ] field and click [ OK ].
Fig12132
After the setting change, you can check that VMAC [ State ] of the Load Balancer (VRRP-LB1) is changed to [ BACKUP(2) ].
Fig12133

Note

If the VRRP status will not change, click the [ Update ] button in the upper area of the screen.

Similarly, you can check that VMAC [ State ] of the Load Balancer (VRRP-LB2) is changed to [ BACKUP(1) ]. Therefore, we have confirmed that VRRP function is operating correctly.
Fig12134

Note

If the VRRP status will not change, click the [ Update ] button in the upper area of the screen.

11.2.3.1. How to set a Static Routing
11.2.4. Load Balancing function