Citrix Systems and Cisco are working together to take the pain out of pairing an application delivery controller with a data center router. Thanks to the Cisco RISE protocol, Citrix NetScaler can operate as a remote Nexus 7000 line card.
In the days when the Catalyst 6500 was Cisco's flagship core switch and router, the company built services modules -- such as the venerable Firewall Services Module -- that engineers could slide into an empty slot on the 6500 chassis. Services line cards removed the need to route traffic between a router and an appliance and also freed engineers from the pain of having to rack and stack a separate appliance. But with the Nexus 7000 series, Cisco has declined to build services line cards and instead announced the Remote Integrated Service Engine (RISE) protocol, which automates much of the configuration required to pair a Layer 4-7 appliance with a Nexus 7000. This week Citrix announced support for RISE on its NetScaler application delivery controllers (ADCs) -- the first third-party vendor to support the protocol.
RISE turns a standalone appliance into a remote Nexus 7000 line card by automating the routing configurations needed to pair a Nexus 7000 with an ADC or firewall.
When an engineer connects a Nexus 7000 and a NetScaler together via Ethernet, RISE allows the Nexus 7000 to recognize "the NetScaler as a load balancing component that can be mapped to any VPC [Virtual Port Channel] on the Nexus 7000," said Steve Shah, senior director of product management at Citrix. "From a Cisco administrator's perspective, they can log into the Nexus 7000 and see the NetScaler as an available entity that they can configure with and tie into the rest of the ecosystem."
Tying together a Nexus 7000 and an ADC has always been a complex task often fraught with error, according to Eric Hanselman, chief analyst for New York-based 451 Research. That's why some customers prefer deploying services line cards in a chassis.
"If you had a standalone ADC, you had to make sure you had content redirection from within your routing environment -- so that everything was going through your ADC. And you had to make sure you had path redirection in the ADC configured correctly so it passed all that traffic back through the same path," Hanselman said. "A classic problem with ADC performance happens when someone misconfigures the return path so your traffic starts scattering all over the place."
Cisco RISE simplifies that configuration process, he said. "You don't have to worry about configuring a return path and it allows you to spin up an entire chunk of connectivity to the ADC for a particular application from within a Nexus 7000. [RISE] is completely integrating all of the path control pieces that previously had to be done separately in the Nexus 7000 and the ADC."
RISE may automate the process of turning a NetScaler into a remote Nexus 7000 line card, but it does not eliminate the headache of racking, stacking, cabling and powering a standalone ADC, said Andrew Lerner, research director for Stamford, Conn.-based Gartner Inc. Lerner said some enterprises were hoping for more integration between Citrix and Cisco, which have formed a tight partnership ev er since Cisco retired its Application Control Engine and exited the ADC industry. He blogged that Citrix and Cisco should collaborate on an actual NetScaler services line card that could slot right into a Nexus 7000.
Despite the tight relationship between Citrix and Cisco, Lerner thinks Cisco needs to offer RISE integration to other ADC vendors as well. "I think they have to make this available to other [ADC vendors] to drive adoption of their architecture, not just the RISE ecosystem but everything around ACI [Application Centric Infrastructure]," he said. "In almost every data center there is an ADC [and not all of them have NetScaler]."