Configuring Modes of Packet Forwarding

Configuring Modes of Packet Forwarding

A NetScaler can use the following modes to forward the packets it receives:

• Layer 2 (L2) Mode

• Layer 3 (L3) Mode

• MAC-Based Forwarding Mode

Enabling and Disabling Layer 2 Mode

Layer 2 mode controls the Layer 2 forwarding (bridging) function. You can use this mode to configure a NetScaler to behave as a Layer 2 device and bridge the packets that are not destined for it. When this mode is enabled, packets are not forwarded to any of the MAC addresses, because the packets can arrive on any interface of the NetScaler and each interface has its own MAC address.

With Layer 2 mode disabled (which is the default), a NetScaler drops packets that are not destined for one of its MAC address. If another Layer 2 device is installed in parallel with a NetScaler, Layer 2 mode must be disabled to prevent bridging (Layer 2) loops. You can use either of the following procedures to enable Layer 2 mode.

To enable Layer 2 mode using the configuration utility

1. In the navigation pane, expand System and click Settings. The Settings page appears in the details pane.

2. In the Modes and Features group, click Change modes. The Configure  Modes dialog box appears.

3. Select the Layer 2 Mode check box.

4. Click OK. The Enable/Disable Feature(s)? message appears.

5. Click Yes.

To enable Layer 2 mode using the NetScaler command line

At a NetScaler command prompt, type: enable ns mode l2 You can use either of the following procedures to disable Layer 2 mode.

To disable Layer 2 mode using the configuration utility

1. In the navigation pane, expand System and click Settings. The Settings page appears in the details pane.

2. In the Modes and Features group, click Change modes. The Configure Modes dialog box appears.

3. Clear the Layer 2 Mode check box.

4. Click OK. The Enable/Disable Feature(s)? message appears.

5. Click Yes.

To disable Layer 2 mode using the NetScaler command line

At a NetScaler command prompt, type:

Enabling and Disabling Layer 3 Mode

Layer 3 mode controls the Layer 3 forwarding function. You can use this mode to configure a NetScaler to look at its routing table and forward packets that are not destined for it. With Layer 3 mode enabled (which is the default), a NetScaler performs route table lookups and forwards all packets that are not destined for any NetScaler-owned IP address. If you disable Layer 3 mode, the NetScaler drops these packets. You can use either of the following procedures to enable

Layer 3 mode.

To enable Layer 3 mode using the configuration utility

1. In the navigation pane, expand System and click Settings. The Settings page appears in the details pane.

2. In the Modes and Features group, click Change modes. The Configure Modes dialog box appears.

3. Select the Layer 3 Mode (IP Forwarding) check box.

4. Click OK. The Enable/Disable Feature(s)? message appears.

5. Click Yes.

To enable Layer 3 mode using the NetScaler command line

At a NetScaler command prompt, type: enable ns mode l3 You can use either of the following procedures to disable Layer 3 mode.

To disable Layer 3 mode using the configuration utility

1. In the navigation pane, expand System and click Settings. The Settings page appears in the details pane.

2. In the Modes and Features group, click Change modes. The Configure Modes dialog box appears.

3. Clear the Layer 3 Mode (IP Forwarding) check box.

4. Click OK. The Enable/Disable Feature(s)? message appears.

5. Click Yes.

To disable Layer 3 mode using the NetScaler command line

At a NetScaler command prompt, type:

disable ns mode l3

Enabling and Disabling MAC-Based Forwarding Mode

You can use MAC-based forwarding to process traffic more efficiently and avoid multiple-route or ARP lookups when forwarding packets, because the NetScaler remembers the MAC address of the source. To avoid multiple lookups, the NetScaler caches the source MAC address of every connection for which it performs an ARP lookup, and it returns the data to the same MAC address.

MAC-based forwarding is useful when you use VPN devices, because the NetScaler ensures that all traffic flowing through a particular VPN passes through the same VPN device.

When MAC-based forwarding is enabled, a NetScaler caches the MAC address of:

• The source (a transmitting device such as router, firewall, or VPN device) of the inbound connection.

• The server that responds to the requests.

When a server responds through a NetScaler, the NetScaler sets the destination MAC address of the response packet to the cached address, ensuring that the traffic flows in a symmetric manner, and then forwards the response to the client. The process bypasses the route table lookup and ARP lookup functions. However, when a NetScaler initiates a connection, it uses the route and ARP tables for the lookup function. To enable MAC-based forwarding, use either of the following procedures.

To enable MAC-based forwarding using the configuration utility

1. In the navigation pane, expand System and click Settings. The Settings page appears in the details pane.

2. In the Modes and Features group, click Change modes. The Configure Modes dialog box appears.

3. Select the MAC Based Forwarding check box.

4. Click OK. The Enable/Disable Feature(s)? message appears.

5. Click Yes.

To enable MAC-based forwarding using the NetScaler command line

At a NetScaler command prompt, type: enable ns mode mbf

Some deployments require the incoming and outgoing paths to flow through different routers. In these situations, MAC-based forwarding breaks the topology design. For a global server load balancing (GSLB) site that requires the incoming and outgoing paths to flow through different routers, you must disable MACbased forwarding and use the NetScaler unit’s default router as the outgoing router.

With MAC-based forwarding disabled and Layer 2 or Layer 3 connectivity enabled, a route table can specify separate routers for outgoing and incoming connections. To disable MAC-based forwarding, use either of the following procedures.

To disable MAC-based forwarding using the configuration utility

1. In the navigation pane, expand System and click Settings. The Settings page appears in the details pane.

2. In the Modes and Features group, click Change modes. The Configure Modes dialog box appears.

3. Clear the MAC Based Forwarding check box.

4. Click OK. The Enable/Disable Feature(s)? message appears.

5. Click Yes.

To disable MAC-based forwarding using the NetScaler command line

At a NetScaler command prompt, type: disable ns mode mbf