Embedded Files
Introduction
Introduction
Laymen explanation
Laymen explanation
If you have worked with firewall, you might be aware that firewall policy is based on source IP. If you want to load balance these firewall, load balancer must not change source IP. A typical load balancer does change it. However transparent mode doesn't . This article tries to explain this.
Technical explanation
Technical explanation
Wildcard approach is used for transparent mode.
The following cases may require using a wildcard:
If the NetScaler appliance is configured as a transparent pass through, which must accept all traffic that is sent to it regardless of the IP or port to which it is sent.
If one or more services listen on ports that are not well known.
If one or more services, over time, change the ports that they listen on.
If you reach the limit for the number of IP addresses and ports that you can configure on a single NetScaler appliance.
If you want to create virtual servers that listen for all traffic on a specific virtual LAN.
When a wildcard-configured virtual server or service receives traffic, the NetScaler appliance determines the actual IP address or port and creates new records for the service and associated load balanced application server. These dynamically created records are called dynamically learned server and service records.
For example, a firewall load balancing configuration can use wildcards for both the IP address and port. If you bind a wildcard TCP service to this type of load balancing virtual server, the virtual server receives and processes all TCP traffic that does not match any other service or virtual server.
Reference
Reference
https://docs.citrix.com/en-us/netscaler/11/traffic-management/load-balancing/load-balancing-how-it-works.html
Page updated
Google Sites
Report abuse