%BOOK_ENTITIES; ]>

Citrix NetScaler is supported as an external network element for load balancing in zones that use isolated networking in advanced zones. Set up an external load balancer when you want to provide load balancing through means other than &PRODUCT;’s provided virtual router. In a Basic zone, load balancing service is supported only if Elastic IP or Elastic LB services are enabled. When NetScaler load balancer is used to provide EIP or ELB services in a Basic zone, ensure that all guest VM traffic must enter and exit through the NetScaler device. When inbound traffic goes through the NetScaler device, traffic is routed by using the NAT protocol depending on the EIP/ELB configured on the public IP to the private IP. The traffic that is originated from the guest VMs usually goes through the layer 3 router. To ensure that outbound traffic goes through NetScaler device providing EIP/ELB, layer 3 router must have a policy-based routing. A policy-based route must be set up so that all traffic originated from the guest VM's are directed to NetScaler device. This is required to ensure that the outbound traffic from the guest VM's is routed to a public IP by using NAT.For more information on Elastic IP, see . The NetScaler can be set up in direct (outside the firewall) mode. It must be added before any load balancing rules are deployed on guest VMs in the zone. The functional behavior of the NetScaler with &PRODUCT; is the same as described in the &PRODUCT; documentation for using an F5 external load balancer. The only exception is that the F5 supports routing domains, and NetScaler does not. NetScaler can not yet be used as a firewall. To install and enable an external load balancer for &PRODUCT; management, see . External Guest Load Balancer Integration in the Installation Guide. The Citrix NetScaler comes in three varieties. The following table summarizes how these variants are treated in &PRODUCT;. NetScaler ADC Type Description of Capabilities &PRODUCT; Supported Features MPX Physical appliance. Capable of deep packet inspection. Can act as application firewall and load balancer In advanced zones, load balancer functionality fully supported without limitation. In basic zones, static NAT, elastic IP (EIP), and elastic load balancing (ELB) are also provided. VPX Virtual appliance. Can run as VM on XenServer, ESXi, and Hyper-V hypervisors. Same functionality as MPX Supported on ESXi and XenServer. Same functional support as for MPX. &PRODUCT; will treat VPX and MPX as the same device type. SDX Physical appliance. Can create multiple fully isolated VPX instances on a single appliance to support multi-tenant usage &PRODUCT; will dynamically provision, configure, and manage the life cycle of VPX instances on the SDX. Provisioned instances are added into &PRODUCT; automatically – no manual configuration by the administrator is required. Once a VPX instance is added into &PRODUCT;, it is treated the same as a VPX on an ESXi host.