Citrix Netscaler Fragmentation Issue

Gert Doering gert at
Wed Jun 8 21:44:29 CEST 2011


On Wed, Jun 08, 2011 at 12:38:37PM -0700, George Bonser wrote:
> > Are you using "NAT style" SLB-PT, or "Reverse Proxy" style SLB?
> If you are asking if we run them in transparent mode, no.  It is NAT
> style in this case because the VIP is an IPv6 and the server is IPv4.
> Besides, transparent mode wouldn't work anyway because we don't use
> standard ports for things internally.  It would have to translate the
> ports anyway.

"transparent" and "proxy" is different things.

The native mode of netscalers is "accept the TCP connection to
the netscaler, extract the HTTP request from it, open a new and
independent TCP connection (with independent keepalives etc.) to
the backend server, stuff the HTTP request in there".

No *packets* get ever translated or forwarded - HTTP requests and
responses are received from TCP stream A, and stuffed in TCP stream B,
with completely independent TCP stream lifetimes (backend TCP connects
usually always have keepalive on, no matter what the client side does).

Since there's independent TCP sessions A and B, going v6<->v4 is 
straightforward as well.

This is where Netscalers really excel, and how they want to be used.

Gert Doering
        -- NetMaster
did you enable IPv6 on something today...?

SpaceNet AG                        Vorstand: Sebastian v. Bomhard
Joseph-Dollinger-Bogen 14          Aufsichtsratsvors.: A. Grundner-Culemann
D-80807 Muenchen                   HRB: 136055 (AG Muenchen)
Tel: +49 (89) 32356-444            USt-IdNr.: DE813185279
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 306 bytes
Desc: not available
Url : 

More information about the ipv6-ops mailing list