|
26 | 26 | choice from the EIP pool of your account. Later if required you can reassign the IP address to a |
27 | 27 | different VM. This feature is extremely helpful during VM failure. Instead of replacing the VM |
28 | 28 | which is down, the IP address can be reassigned to a new VM in your account. </para> |
29 | | - <section id="about-eip"> |
30 | | - <title>Elastic IPs in Basic Zone</title> |
31 | | - <para>Similar to the public IP address, Elastic IP addresses are mapped to their associated |
32 | | - private IP addresses by using StaticNAT. The EIP service is equipped with StaticNAT (1:1) |
33 | | - service in an EIP-enabled basic zone. The default network offering, |
34 | | - DefaultSharedNetscalerEIPandELBNetworkOffering, provides your network with EIP and ELB network |
35 | | - services if a NetScaler device is deployed in your zone. Consider the following illustration |
36 | | - for more details.</para> |
37 | | - <mediaobject> |
38 | | - <imageobject> |
39 | | - <imagedata fileref="./images/eip-ns-basiczone.png"/> |
40 | | - </imageobject> |
41 | | - <textobject> |
42 | | - <phrase>eip-ns-basiczone.png: Elastic IP in a NetScaler-enabled Basic Zone.</phrase> |
43 | | - </textobject> |
44 | | - </mediaobject> |
45 | | - <para>In the illustration, a NetScaler appliance is the default entry or exit point for the |
46 | | - &PRODUCT; instances, and firewall is the default entry or exit point for the rest of the data |
47 | | - center. Netscaler provides LB services and staticNAT service to the guest networks. The guest |
48 | | - traffic in the pods and the Management Server are on different subnets / VLANs. The |
49 | | - policy-based routing in the data center core switch sends the public traffic through the |
50 | | - NetScaler, whereas the rest of the data center goes through the firewall. </para> |
51 | | - <para>The EIP work flow is as follows:</para> |
52 | | - <itemizedlist> |
53 | | - <listitem> |
54 | | - <para>When a user VM is deployed, a public IP is automatically acquired from the pool of |
55 | | - public IPs configured in the zone. This IP is owned by the VM's account.</para> |
56 | | - </listitem> |
57 | | - <listitem> |
58 | | - <para>Each VM will have its own private IP. When the user VM starts, Static NAT is |
59 | | - provisioned on the NetScaler device by using the Inbound Network Address Translation |
60 | | - (INAT) and Reverse NAT (RNAT) rules between the public IP and the private IP.</para> |
61 | | - <note> |
62 | | - <para>Inbound NAT (INAT) is a type of NAT supported by NetScaler, in which the destination |
63 | | - IP address is replaced in the packets from the public network, such as the Internet, |
64 | | - with the private IP address of a VM in the private network. Reverse NAT (RNAT) is a type |
65 | | - of NAT supported by NetScaler, in which the source IP address is replaced in the packets |
66 | | - generated by a VM in the private network with the public IP address.</para> |
67 | | - </note> |
68 | | - </listitem> |
69 | | - <listitem> |
70 | | - <para>This default public IP will be released in two cases:</para> |
71 | | - <itemizedlist> |
72 | | - <listitem> |
73 | | - <para>When the VM is stopped. When the VM starts, it again receives a new public IP, not |
74 | | - necessarily the same one allocated initially, from the pool of Public IPs.</para> |
75 | | - </listitem> |
76 | | - <listitem> |
77 | | - <para>The user acquires a public IP (Elastic IP). This public IP is associated with the |
78 | | - account, but will not be mapped to any private IP. However, the user can enable Static |
79 | | - NAT to associate this IP to the private IP of a VM in the account. The Static NAT rule |
80 | | - for the public IP can be disabled at any time. When Static NAT is disabled, a new |
81 | | - public IP is allocated from the pool, which is not necessarily be the same one |
82 | | - allocated initially.</para> |
83 | | - </listitem> |
84 | | - </itemizedlist> |
85 | | - </listitem> |
86 | | - </itemizedlist> |
87 | | - <para>For the deployments where public IPs are limited resources, you have the flexibility to |
88 | | - choose not to allocate a public IP by default. You can use the Associate Public IP option to |
89 | | - turn on or off the automatic public IP assignment in the EIP-enabled Basic zones. If you turn |
90 | | - off the automatic public IP assignment while creating a network offering, only a private IP is |
91 | | - assigned to a VM when the VM is deployed with that network offering. Later, the user can |
92 | | - acquire an IP for the VM and enable static NAT.</para> |
93 | | - <para condition="admin">For more information on the Associate Public IP option, see <xref |
94 | | - linkend="creating-network-offerings"/>.</para> |
95 | | - <para condition="install">For more information on the Associate Public IP option, see the |
96 | | - Administration Guide.</para> |
97 | | - <note> |
98 | | - <para>The Associate Public IP feature is designed only for use with user VMs. The System VMs |
99 | | - continue to get both public IP and private by default, irrespective of the network offering |
100 | | - configuration.</para> |
101 | | - </note> |
102 | | - <para>New deployments which use the default shared network offering with EIP and ELB services to |
103 | | - create a shared network in the Basic zone will continue allocating public IPs to each user |
104 | | - VM.</para> |
105 | | - </section> |
106 | | - <section id="portable-ip"> |
107 | | - <title>About Portable IP</title> |
108 | | - <para>Portable IPs in &PRODUCT; are nothing but elastic IPs that can be transferred across |
109 | | - geographically separated zones. As an administrator, you can provision a pool of portable IPs |
110 | | - at region level and are available for user consumption. The users can acquire portable IPs if |
111 | | - admin has provisioned portable public IPs at the region level they are part of. These IPs can |
112 | | - be use for any service within an advanced zone. You can also use portable IPs for EIP service |
113 | | - in basic zones. Additionally, a portable IP can be transferred from one network to another |
114 | | - network.</para> |
115 | | - </section> |
| 29 | + <para>Similar to the public IP address, Elastic IP addresses are mapped to their associated |
| 30 | + private IP addresses by using StaticNAT. The EIP service is equipped with StaticNAT (1:1) |
| 31 | + service in an EIP-enabled basic zone. The default network offering, |
| 32 | + DefaultSharedNetscalerEIPandELBNetworkOffering, provides your network with EIP and ELB network |
| 33 | + services if a NetScaler device is deployed in your zone. Consider the following illustration for |
| 34 | + more details.</para> |
| 35 | + <mediaobject> |
| 36 | + <imageobject> |
| 37 | + <imagedata fileref="./images/eip-ns-basiczone.png"/> |
| 38 | + </imageobject> |
| 39 | + <textobject> |
| 40 | + <phrase>eip-ns-basiczone.png: Elastic IP in a NetScaler-enabled Basic Zone.</phrase> |
| 41 | + </textobject> |
| 42 | + </mediaobject> |
| 43 | + <para>In the illustration, a NetScaler appliance is the default entry or exit point for the |
| 44 | + &PRODUCT; instances, and firewall is the default entry or exit point for the rest of the data |
| 45 | + center. Netscaler provides LB services and staticNAT service to the guest networks. The guest |
| 46 | + traffic in the pods and the Management Server are on different subnets / VLANs. The policy-based |
| 47 | + routing in the data center core switch sends the public traffic through the NetScaler, whereas |
| 48 | + the rest of the data center goes through the firewall. </para> |
| 49 | + <para>The EIP work flow is as follows:</para> |
| 50 | + <itemizedlist> |
| 51 | + <listitem> |
| 52 | + <para>When a user VM is deployed, a public IP is automatically acquired from the pool of |
| 53 | + public IPs configured in the zone. This IP is owned by the VM's account.</para> |
| 54 | + </listitem> |
| 55 | + <listitem> |
| 56 | + <para>Each VM will have its own private IP. When the user VM starts, Static NAT is provisioned |
| 57 | + on the NetScaler device by using the Inbound Network Address Translation (INAT) and Reverse |
| 58 | + NAT (RNAT) rules between the public IP and the private IP.</para> |
| 59 | + <note> |
| 60 | + <para>Inbound NAT (INAT) is a type of NAT supported by NetScaler, in which the destination |
| 61 | + IP address is replaced in the packets from the public network, such as the Internet, with |
| 62 | + the private IP address of a VM in the private network. Reverse NAT (RNAT) is a type of NAT |
| 63 | + supported by NetScaler, in which the source IP address is replaced in the packets |
| 64 | + generated by a VM in the private network with the public IP address.</para> |
| 65 | + </note> |
| 66 | + </listitem> |
| 67 | + <listitem> |
| 68 | + <para>This default public IP will be released in two cases:</para> |
| 69 | + <itemizedlist> |
| 70 | + <listitem> |
| 71 | + <para>When the VM is stopped. When the VM starts, it again receives a new public IP, not |
| 72 | + necessarily the same one allocated initially, from the pool of Public IPs.</para> |
| 73 | + </listitem> |
| 74 | + <listitem> |
| 75 | + <para>The user acquires a public IP (Elastic IP). This public IP is associated with the |
| 76 | + account, but will not be mapped to any private IP. However, the user can enable Static |
| 77 | + NAT to associate this IP to the private IP of a VM in the account. The Static NAT rule |
| 78 | + for the public IP can be disabled at any time. When Static NAT is disabled, a new public |
| 79 | + IP is allocated from the pool, which is not necessarily be the same one allocated |
| 80 | + initially.</para> |
| 81 | + </listitem> |
| 82 | + </itemizedlist> |
| 83 | + </listitem> |
| 84 | + </itemizedlist> |
| 85 | + <para>For the deployments where public IPs are limited resources, you have the flexibility to |
| 86 | + choose not to allocate a public IP by default. You can use the Associate Public IP option to |
| 87 | + turn on or off the automatic public IP assignment in the EIP-enabled Basic zones. If you turn |
| 88 | + off the automatic public IP assignment while creating a network offering, only a private IP is |
| 89 | + assigned to a VM when the VM is deployed with that network offering. Later, the user can acquire |
| 90 | + an IP for the VM and enable static NAT.</para> |
| 91 | + <para condition="admin">For more information on the Associate Public IP option, see <xref |
| 92 | + linkend="creating-network-offerings"/>.</para> |
| 93 | + <para condition="install">For more information on the Associate Public IP option, see the |
| 94 | + Administration Guide.</para> |
| 95 | + <note> |
| 96 | + <para>The Associate Public IP feature is designed only for use with user VMs. The System VMs |
| 97 | + continue to get both public IP and private by default, irrespective of the network offering |
| 98 | + configuration.</para> |
| 99 | + </note> |
| 100 | + <para>New deployments which use the default shared network offering with EIP and ELB services to |
| 101 | + create a shared network in the Basic zone will continue allocating public IPs to each user |
| 102 | + VM.</para> |
116 | 103 | </section> |
0 commit comments