Internet protocol version 6 (IPv6)
A Citrix ADC appliance supports both server-side and client-side IPv6 and can therefore function as an IPv6 node. It can accept connections from IPv6 nodes (both hosts and routers) and from IPv4 nodes, and can perform Protocol Translation (RFC 2765) before sending traffic to the services.
The following table lists some of the IPv6 features that the Citrix ADC appliance supports.
Table 1. Some Supported IPv6 Features
| IPv6 features |
|---|
| IPv6 addresses for SNIPs (NSIP6, VIP6, and SNIP6) |
| 不ighbor Discovery (Address Resolution, Duplicated Address Detection, Neighbor Unreachability Detection, Router Discovery) |
| Management Applications (ping6, telnet6, ssh6) |
| Static Routing and Dynamic routing (OSPF, BGP, RIPng, and ISIS) |
| Port Based VLANs |
| Access Control Lists for IPv6 addresses (ACL6) |
| IPv6 Protocols (TCP6, UDP6, ICMP6) |
| Server Side Support (IPv6 addresses for virtual server, services) |
| USIP (Use source IP) and DSR (Direct Server Return) for IPv6 |
| SNMP and Clientless VPN for IPv6 |
| High Availability with native IPv6 node address |
| IPv6 addresses for MIPs |
| Path-MTU discovery for IPv6 |
Implementing IPv6 support
You must enable IPv6 feature on a Citrix ADC appliance before you can use or configure it. If IPv6 is disabled, the Citrix ADC does not process IPv6 packets. It displays the following warning when you run an unsupported command:
"Warning: Feature(s) not enabled [IPv6PT]" Use either of the following procedures to enable or disable IPv6.
CLI procedures
To enable or disable IPv6 by using the CLI:
At the command prompt, type one of the following commands:
enable ns feature ipv6ptdisable ns feature ipv6pt
GUI procedures
To enable or disable IPv6 by using the GUI:
- Navigate toSystem>Settings, in theModes and Featuresgroup, clickConfigure Advanced Features.
- Select or clear theIPv6 Protocol Translationoption.
VLAN support
If you need to send broadcast or multicast packets without identifying the VLAN (for example, during DAD for NSIP, or ND6 for the next hop of the route), you can configure the Citrix ADC appliance to send the packet on all the interfaces with appropriate tagging. The VLAN is identified by ND6, and a data packet is sent only on the VLAN. For more information about ND6 and VLANs, seeConfiguring Neighbor Discovery.
Port-based VLANs are common for IPv4 and IPv6. Prefix-based VLANs are supported for IPv6.
Simple deployment scenario
Following is an example of a simple load balancing set-up consisting of an IPv6 virtual server and IPv4 services, as illustrated in the following topology diagram.
Figure 1. IPv6 Sample Topology
The following table summarizes the names and values of the entities that must be configured on the Citrix ADC.
Table 2. Sample Values for Creating Entities
| Entity type | Name | Value |
|---|---|---|
| LB virtual server | VS1_IPv6 | 2002::9 |
| Services | SVC1 | 10.102.29.1 |
| SVC2 | 10.102.29.2 |
The following figure shows the entities and values of the parameters to be configured on the Citrix ADC.
Figure 2. IPv6 Entity Diagram
To configure this deployment scenario, you need to do the following:
- 创建一个IPv6服务。
- Create an IPv6 LB virtual server.
- Bind the services to the virtual server.
CLI procedures
To create IPv4 services by using the CLI:
At the command prompt, type:
- add service
- show service
Example:
add service SVC1 10.102.29.1 HTTP 80 add service SVC2 10.102.29.2 HTTP 80 To create IPv6 virtual server by using the CLI:
At the command prompt, type:
- add lb vserver
- sh lb vserver
Example:
add lb vserver VS1_IPv6 2002::9 HTTP 80 To bind a service to an LB virtual server by using the CLI:
At the command prompt, type:
- bind lb vserver
- sh lb vserver
Example:
bind lb vserver VS1_IPv6 SVC1 GUI procedures
To create IPv4 services by using the GUI:
Navigate toTraffic Management>Load Balancing>Services, clickAdd, and then set the following parameters:
- Service Name
- IP Address
- Protocol
- Port
To create IPv6 virtual server by using the GUI:
- Navigate toTraffic Management>Load Balancing>Virtual Servers, clickAdd, and select theIPv6check box.
- Set the following parameters:
- Name
- Protocol
- IP Address Type
- IP Address
- Port
To bind a service to an LB virtual server by using the GUI:
- Navigate toTraffic Management>Load Balancing>Virtual Servers.
- In theLoad Balancing Virtual Serverspage, select the virtual server for which you want to bind the service (for example, VS1_IPv6).
- ClickOpen.
- In theConfigure Virtual Server (Load Balancing)dialog box, on theServicestab, select theActivecheck box corresponding to the service that you want to bind to the vserver (for example, SVC1).
- ClickOK.
- Repeat steps 1-4 to bind the service (for example, SVC2 to the virtual server).
Host header modification
当一个HTTP请求在何氏IPv6地址st header, and the server does not understand the IPv6 address, you must map the IPv6 address to an IPv4 address. The IPv4 address is then used in the host header of the HTTP request sent to the virtual server.
CLI procedures
To change the IPv6 address in the host header to an IPv4 address by using the CLI:
At the command prompt, type:
- set ns ip6
-map - sh ns ip6
Example:
set ns ip6 2002::9 -map 200.200.200.200 GUI procedures
To change the IPv6 address in the host header to an IPv4 address by using the GUI:
- Navigate toSystem>不twork>IPsand, on theIPV6stab, select the IP address for which you want to configure a mapped IP address, for example, 2002:0:0:0:0:0:0:9, and click Edit.
- In theMapped IPtext box, type the mapped IP address that you want to configure, for example, 200.200.200.200.
VIP insertion
如果IPv6地址发送到一个IPv4-based服务器, the server may not understand the IP address in the HTTP header, and may generate an error. To avoid this, you can map an IPv4 address to the IPv6 VIP. Then, you can enable VIP insertion feature to enable insertion of the IPv4 VIP address and port number in the HTTP requests sent to the servers.
CLI procedures
To configure a map IPv6 address by using the CLI:
At the command prompt, type:
set ns ip6
Example:
set ns ip6 2002::9 -map 200.200.200.200 To enable VIP insertion by using the CLI:
At the command prompt, type:
- set lb vserver
-insertVserverIPPort - sh lb vserver
Example:
set lb vserver VS1_IPv6 -insertVserverIPPort ON GUI procedures
To configure a map IPv6 address by using the GUI:
- Navigate toSystem>不twork>IPs, on theIPV6stab, select the IP address for which you want to configure a map IP address, for example, 2002:0:0:0:0:0:0:9, and clickEdit.
- In theMapped IPtext box, type the map IP address that you want to configure, for example, 200.200.200.200.
To enable VIP insertion feature by using the GUI:
- Navigate toTraffic Management>Load Balancing>Virtual Servers, select the virtual server that you want to enable port insertion, and selectEdit.
- In theAdvancedtab, underTraffic Settings, in theVserver IP Port Insertionlist, clickVIPADDR.
- In theVserver IP Port Insertiontext box, type the vip header.