This was a topic that came up during a discussion earlier today, and looking at the Google Search Results on my blog It seems like that this is something that some people are looking for some answers for, so therefore I decided to write a blog post on this. So can we use Citrix NetScaler/ADC in Combination with either Traffic Manager, Azure Frontdoor or Azure WVAN to provide redudancy or optimize traffic path for ICA/HDX traffic?
Remember now that with 1912 Citrix CVAD Adaptive Transport being enabled by default means that Enlightened Data Transport (EDT), UDP-based transport protocol, is also enabled by default. So to optimize traffic from end-users to Azure we need to have a service which supports UDP.
So first let’s explore the different services.
What is Azure Frontdoor?
I’ve previosly written about Azure Frontdoor here –> https://msandbu.org/azure-front-door-vs-cloudflare/ essentially it is a service that works at Layer 7 or HTTP/HTTPS layer and uses anycast protocol with split TCP and Microsoft’s global network for improving global connectivity. This essentially routes traffic from end-users trough the closest Microsoft PoP and then uses their backbone to route traffic to the region or where the frontdoor backend is placed.
What is Azure Traffic Manager?
Azure Traffic Manager is a DNS-based traffic load balancer, that uses DNS to direct client requests to service endpoint based on a traffic-routing method, such as geography, latency or other methods. Since Azure Traffic Manager is based upon DNS it can be used for any service since this is only used for the initial DNS lookup before it hits the endpoint.
What is Azure VWAN?
Azure VWAN is a middle-mile WAN service which I’ve written about here –> https://msandbu.org/azure-virtual-wan-whats-new-and-by-the-numbers/ moving forward this service is going to be core part of the networking aspect within Azure.
Now the most common setup in Azure with Citrix ADC/NetScaler is in combination with Azure Load Balancer in front to provide failover mechanisms between a ADC HA-Pair. This load balancer in front is needed to handle failover since regualr protocols such as GARP/RARP are not available in Azure.
This setup provides redudancy within a single region but does not provide geo-redudancy. So can we use some of the services above to optimize the ICA/HDX Traffic? and also provide geo-redudancy?
To make it a bit easier to summarize I decided to make a table to show the different services and how they can work together with Citrix NetScaler/ADC.
Remember that regardless if you choose Azure VWAN or Traffic Manager to optimize or provide geo-redundacy you still need Azure load balancer in front to handle failover of the NetScaler/ADC appliances.