How to solve IP Exhaustion problem in AWS using Netscalers

[Guest Farhan Ali]

AWS has a limitation on number of interfaces and number of ip address. Now to increase the limit we have to increase the instance type and that increases cost.. Is there any simpler solution

[Guest Farhan Ali]

There are 2 ways this can be achieved

1. If the client connecting are internal to AWS ( i.e coming via Transit gateway or VPN or they exist internally). Then in this case you can have unlimited ip address assigned to the netscaler and just create a route to the client ENI and disable src/dst check. You can also have HA enabled to it. You can take suggestion from https://docs.netscaler.com/en-us/citrix-adc/current-release/deploying-vpx/deploy-aws/vpx-ha-pip-different-aws-zones.html
2. If the client are connecting via internet then the possible ways are

• Port to port mapping. i.e you can send traffic to ipaddress:80 send to backend 1 or ipadress:8080 send to backend 2 etc
• The other way is based on URL filtering. i.e you can create a CS Vserver with single ip address and then bind policy to CS stating if the request contains ipaddress/abc send to backend1. or ipaddress/def send to backend 2 etc