Home >Documents >Enterprise Cloud 2.0 Tutorial v2.43.3 > 11. Using Load Balancer > 11.2. Configuration example of Citrix NetScaler VPX > 11.2.3. Network setting >11.2.3.2. Redundancy setting by VRRP

11.2.3.2. Redundancy setting by VRRP

Operation Confirmed Version:
 Citrix Netscaler VPX Version11.0 Build67.12 Standard Edition

  • Method to make the Load Balancer redundant will be introduced here.

  • VRRP is a redundancy protocol that makes two routers (the Load Balancers here) recognized virtually as a single router by a connected terminal and the like.

  • Two Load Balancers share the role in the conditions called as MASTER and BACKUP.

  • Connected terminals can communicate by specifying the default gateway not to the real IP address of the Load Balancer’s interface, but to the Virtual IP address created by VRRP.

  • Also when the firewall in Master state cannot forward packets due to any failure, the firewall in Backup state automatically shifts to Master state, so that communications from the terminal can be continued.

Note

  • For the restrictions, refer to “Restrictions” section of Load Balancer Service Descriptions .

  • Before setting up VRRP on Netscaler VPX, you need to perform ** Registering VRRP communication settings ** from the ECL2.0 customer portal.

  • If VRRP is set, please make sure that DHCP (address setting function) of the Logical Network is “enabled”. If the DHCP setting is Disabled, an ARP request is made with the source address 0.0.0.0 on our network. In this case, it has been confirmed that some appliances do not ARP reply. NetScaler VPX has been confirmed not to reply with Version 11.0 Build67.12 Standard Edition.

  • As for preempt of VRRP, keep the default (True) unchanged. With preempt made invalid, status inconsistency among the interfaces can occur, resulting in continuation of communication disconnection.

  • This service does not support asymmetric communication. NetScaler VPX cannot synchronize VRRP status of multiple interfaces due to product specifications. Make the configuration that the communication goes through the same route on the way to and from the way by making redundancy with VRRP only on the client side and enabling Source NAT of NetScaler VPX. If Source NAT cannot be set due to the configuration, use the preempt function to always match the status of each interface.

Presumed case for sample setting

  • Assume that we want to set VRRP to the interface in the client network (192.168.1.0/24) side of the two Load Balancers (VRRP-LB1, VRRP-LB2).

Configuration diagram
Fig12101

On the product specification of VRRP function of NetScaler VPX

  • If VRRP setting of NetScaler VPX is made to both interfaces of client side and server side, VRRP status (MASTER/BACKUP) of each interface cannot be synchronized.

  • Therefore, it is recommended to set "Preemption" to "Yes" when configuring VRRP on both the client side and the server side. Please also check the configuration guide as a setting example.

Note

For settings of SourceNAT function, refer to “Disabling SourceNAT” in Examples of Validated Setting.

Notes on VRRP Settings

1.With the Load Balancer(NetScaler VPX) of ECL2.0, the number of VRRP settings (pairs of Virtual IP and Virtual Router ID) that can be registered is 1.
In case of VRRP setting, DHCP should be enabled in the Subnet of the Logical Network to which the interface setting the VRRP is connected. If DHCP is disabled, there may be cases where communication to a Virtual IP address of the Load Balancer that set VRRP becomes impossible. If this problem occurs, the customer has to reboot the Load Balancer of the Active system.
2.VRRP setting needs not only the setting of the Load Balancer itself, but also procedures to be executed from the Customer Portal. Those procedures are also described in the following documents for your reference.
3.When setting VRRP, please set the IP address of Virtual Server and the virtual IP address in different segments. If you set it to the same segment, Master / Backup may not function properly. Please also check as a setting example, operation confirmed usage model as it will be helpful.

VRRP-LB1 Settings

Setting on ECL2.0 Portal

In the scenario of sample setting, following setting will be applied to VRRP-LB1.

Setting Items

Setting value

Interface to set

 Interface 1/1

Virtual IP Address

 192.168.1.20
VRID 30
Login to the Control Panel and move to [ Network” ] → [ Load Balancer ].
The Load Balancer screen will be displayed. Click [ VRRP-LB1 ] from [ Name ].
The Load Balancer details screen will be displayed. Click [ Load Balancer Interface ].
The Load Balancer details screen will be displayed. Open the pull-menu of [ Edit Load Balancer Interface ] from Action of [ Interface 1/1 ], and click [ Register Communication Setting for VRRP ].
Registration screen for VRRP Communication will be displayed. Enter 192.168.1.20 to [ Virtual IP Address ] and 30 to [ VRID ]. When the input is complete, click [ Register Communication Setting for VRRP ].
The Load Balancer Interface screen will be displayed. Check that [ 192.168.1.20 ] is displayed in the Virtual IP Address of [ Interface 1/1 ] and the [ Status ] is [ Up ].
Fig12107

Setting in the Load Balancer (VRRP-LB1) Management Portal

From the [ Configuration ] menu, move to [ System ] → [ Network ].
Move to [ Network ] → [ VMAC ].
After the [ VMAC ] screen is displayed, click [ Add ].
The Create VMAC screen will be displayed. As the scenario of sample setting, input the information as the table below.

Setting Items

Setting value
Virtual Router ID 30
Priority 200
Tracking NONE
Preemption

Check mark
Track Interface Priority 0
Interfaces bound to this vrid

Check mark
Input the set values.
Click [ Create ].
The VMAC screen will be displayed. Check that the set VMAC is displayed.
From the [ Configuration ] menu, move to [ System ] → [ Network ] → [ IPs ]. After the [ IPs ] screen is displayed, click [ Add ].
The Create IP Address screen will be displayed. As the scenario of sample setting, input the information as the table below.

Setting Items

Setting value
IP Address 192.168.1.20
Netmask 255.255.255.0
IP Type Virtual IP
Virtual Router ID 30
ICMP Response NONE
ARP Response NONE
Traffic Domain

10 (10 is mandatory)
State

Check mark
ARP

Check mark
ICMP

Check mark
Virtual Server

Check mark
Enable Management Access control to support the below listed applications

Check mark
SNMP

Check mark
Input the set values.
Click [ Create ].
The IPs screen will be displayed. Check that the set IP Address is displayed and [ State ] is [ Enabled ].

VRRP-LB2 Settings

Setting on ECL2.0 Portal

In the scenario of sample setting, following setting will be applied to VRRP-LB2.

Interface to set

 Interface 1/1

Virtual IP Address

 192.168.1.20
VRID 30
Login to the Control Panel and move to [ Network” ] → [ Load Balancer ].
The Load Balancer screen will be displayed. Click [ VRRP-LB2 ] from [ Name ].
The Load Balancer details screen will be displayed. Click [ Load Balancer Interface ].
The Load Balancer details screen will be displayed. Open the pull-menu of [ Edit Load Balancer Interface ] from Action of [ Interface 1/1 ], and click [ Register Communication Setting for VRRP ].
Registration screen for VRRP Communication will be displayed. Enter 192.168.1.20 to [ Virtual IP Address ] and 30 to [ VRID ]. When the input is complete, click [ Register Communication Setting for VRRP ].
The Load Balancer Interface screen will be displayed. Check that [ 192.168.1.20 ] is displayed in the Virtual IP Address of [ Interface 1/1 ] and the [ Status ] is [ Up ].

Setting in the Load Balancer (VRRP-LB2) Management Portal

From the [ Configuration ] menu, move to [ System ] → [ Network ].
Move to [ Network ] → [ VMAC ].
After the [ VMAC ] screen is displayed, click [ Add ].
The Create VMAC screen will be displayed. As the scenario of sample setting, input the information as the table below.

Setting Items

Setting value
Virtual Router ID 30
Priority 100
Tracking NONE
Preemption

Check mark
Track Interface Priority 0
Interfaces bound to this vrid

Check mark
Input the set values.
Click [ Create ].
The VMAC screen will be displayed. Check that the set VMAC is displayed.
From the [ Configuration ] menu, move to [ System ] → [ Network ] → [ IPs ]. After the IPs screen is displayed, click [ Add ].
The Create IP Address screen will be displayed. As the scenario of sample setting, input the information as the table below.

Setting Items

Setting value
IP Address 192.168.1.20
Netmask 255.255.255.0
IP Type Virtual IP
Virtual Router ID 30
ICMP Response NONE
ARP Response NONE
Traffic Domain

10 (10 is mandatory)
State

Check mark
ARP

Check mark
ICMP

Check mark
Virtual Server

Check mark
Enable Management Access control to support the below listed applications

Check mark
SNMP

Check mark
Input the set values.
Click [ Create ].
The IPs screen will be displayed. Check that the set IP Address is displayed and [ State ] is [ Enabled ].
This completes the VRRP Setting to the Load Balancer Interface.

Checking VRRP switching

With two Load Balancers, we could confirm the Status of MASTER/BACKUP. Therefore, we have confirmed that VRRP setting is correctly made.

Checking Load Balancer (VRRP-LB1) Setting

From the [ Configuration ] menu, move to [ System ] → [ Network ] → [ VMAC ]. After the VMAC screen is displayed, we can check that [ State ] of the set VMAC is [ MASTER(1) ].

Checking Load Balancer (VRRP-LB2) Setting

From the [ Configuration ] menu, move to [ System ] → [ Network ] → [ VMAC ]. After the VMAC screen is displayed, we can check that [ State ] of the set VMAC is [ BACKUP(2) ].

Verification Result of Operations at the Time of Failure

**Operation Check at the Time of Load Balancer (VRRP-LB1) Failure

Change the VRRP Priority of the Load Balancer (VRRP-LB1), which is MASTER(1), to simulate its operation its operation at the time of failure and confirm that it is switched to BACKUP(2).
From the [ Configuration ] menu of the Load Balancer (VRRP-LB1), move to [ System ] → [ Network ] → [ VMAC ]. After the VMAC screen is displayed, select [ VRID ] [ 30 ] that are created in this scenario and click [ Edit ].
The Configure VMAC screen will be displayed. Input [ 90 ] to [ Priority ] field and click [ OK ].
After the setting change, you can check that VMAC [ State ] of the Load Balancer (VRRP-LB1) is changed to [ BACKUP(2) ].

Note

If the VRRP status will not change, click the [ Update ] button in the upper area of the screen.

Similarly, you can check that VMAC [ State ] of the Load Balancer (VRRP-LB2) is changed to [ BACKUP(1) ]. Therefore, we have confirmed that VRRP function is operating correctly.

Note

If the VRRP status will not change, click the [ Update ] button in the upper area of the screen.

11.2.3.1. How to set a Static Routing
11.2.4. Load Balancing function