Setting up High-availability Citrix NetScaler in Microsoft Azure ARM
I’m currently involved in a PoC on setting up a redundant NetScaler deployment in Microsoft Azure, now it’s been some time since I had a session on setting up NetScaler and Azure on the NetScaler Masterclass so I decided to do a post on setting up High-availability pair NetScaler on Azure and what you need to think about.
In a default virtual environment, setting up NetScaler HA is pretty straight forward. The most common deployment is having an Active/Passive pair which will synchronize all the settings, files and TCP sessions and persistence tables. When a failure happens or it misses 3 consecutive heartbeats a failover will occur leveraging either GARP or if it is configured with VMAC (For Firewalls or such which do not support GARP)
But network features like VMAC or GARP are not supported in Azure, because of the way it is functions using NVGRE it cannot expose L2 features directly to the network. One thing that is important to note with NetScaler in Azure is that it is in single-ip mode, which means that we share an IP for NSIP, SNIP, VIP, Also another limitation is that the regular ports 21, 22, 80, 443, 8080, 67, 161, 179, 500, 520, 3003, 3008, 3009, 3010, 3011, 4001, 5061, 9000, 7000, are not available for use as a VIP so therefore we need to do some NAT rules in place as well which we will sort out using Azure load balancing.
Read the entire article here, Setting up High-availability NetScaler in Microsoft Azure ARM
via Marius Sandbu.