Professional Documents
Culture Documents
Netscaler 10 Learn Configure PDF
Netscaler 10 Learn Configure PDF
Page 2
Audience
Username
root
Training\administrator
nsroot
Training\administrator
netscalersql
root
Password
(Supplied)
Citrix123
nsroot
Citrix123
netscaler
c!tr!x
Page 3
Citrix
Classroom
How to Virtual
log into the
lab environment
The self-paced lab environment is hosted on a cloud-based Citrix XenServer. Connecting to your
server from the portal page is as easy as 1-2-3.
Action
Once logged in at the self-paced portal, click the Start lab button to launch a connection to
published XenCenter.
2.
When XenCenter loads, right-click the XenCenter node and select Add.
3.
On the Add New Server screen enter the XenServer IP address provided on the portal
and in the Password field enter the password provided on the portal. The user name will
always be root.
Page 4
Your lab desktop this is important!! If you dont follow the steps below,
you may experience slow mouse movements, keystrokes, and screen
updates.
When all the servers are started, you should select the Win7Client VM and click on the Console
tab. Wait for approximately 30 seconds. It should automatically switch to Remote Desktop. If it says
Switch to Default Desktop then it is already using Remote Desktop, and you can leave it as is. It
will prompt you to log in once it switches to Remote Desktop. Please use training\administrator and
Citrix123 to log in.
All of the lab exercises should be completed from within the Win7Client. You will get the best
experience if you go to console-fullscreen in XenCenter on the Win7Client VM. You can toggle this by
entering Ctrl+Alt on your keyboard when at the console. This is what it should look like:
If you see XenCenter prompting you to Switch to Remote Desktop it means you are using the
default desktop access method, which we recommend against.
Now choose saved config as the second file, and ns.conf.0 as the first file like below. This will show you
the configuration differences
between the two files, and you will
hopefully see where you went astray.
Page 6
Summary
Key
Takeaways
NOTES
Page 7
Page 8
Step
5.
Action
The profile will be created, but the window will remain open, ready to create additional
Network Profiles. Change the name from Subnet-90 to Subnet-21 and choose the IP
address ending in 21 from the dropdown.
6.
7.
8.
9.
10.
11.
Click Create well let the service bind a default monitor for now.
Navigate to Virtual Servers under the Load Balancing node and click Add.
Give the Virtual server the name Vserver-25 and the IP address 192.168.10.25.
Activate (bind) the configured service Web1. Do NOT click Create yet.
12.
Select the Profiles Tab, and choose Subnet-90 from the Net Profile drop down list.
13.
14.
Now click Create. The VServer entity will be created, but the window will remain open.
Change the Net Profile value to Subnet-21
Change the VServer IP address to 192.168.10.26.
Page 9
Step
15.
16.
17.
18.
Action
Change the Vserver name to Vserver-26.
Summary
Key
Takeaways
NOTES
They can also be bound to a service, service group, and monitor too.
The page used on the webserver is a simple page to display the incoming IP address.
There is another page in the root of the webserver called /all-headers.asp.
This does a complete dump of ALL headers and available server variables a useful
diagnostic troubleshooting page when you want to see what the web server is
receiving from the web server.
There is also a page called /all-headers.php to display the same content.
The source code of these files is located in the files folder on the Win7Client
desktop, and is yours to take away and use.
Page 10
3.
4.
5.
Open a command prompt by clicking Start, enter cmd in the searchbox and press
return.
Enter the command:
ping t 192.168.10.25
and press enter.
Navigate to Load Balancing Virtual Servers , click ONCE on Vserver-25, and click
Add. (This is how we can add a new Virtual Server, using an existing entity as a template.)
Page 11
Step
6.
Action
Change the name to VServer-25-8080, change the port to 8080, and make sure to activate
the Service Web1. Click Create and then Close.
7.
8.
9.
You now have two VServers configured on 192.168.10.25 listening for HTTP traffic.
Disable 1 VServer by right clicking it and selecting Disable and clicking Yes.
Check your command prompt you should notice that the VServer is no longer responding
to ICMP. This is because the IP address 192.168.10.25 has a DOWN VServer associated
with it.
10.
11.
Page 12
Step
12.
Action
Return to the DOS command prompt, and you will see the appliance responding to ICMP
again. This is because ICMP will now respond if at least ONE Vserver associated with the
IP address is UP.
Summary
Key
Takeaways
NOTES
Page 13
Page 14
Step Action
3. Click on Special Parameters and enter the following information:
Database: imdb
Query: select * from actors where actors.last_name = "Pacino";
Username: netscalersql
Rule: MYSQL.RES.ATLEAST_ROWS_COUNT(1)
Click Create.
How does this monitor decide on the health of the service?
4. Navigate to Load Balancing Virtual Servers. Ensure that you have not clicked on
any of the existing Virtual Servers. Click on Add. Choose MySQL as the protocol, enter
192.168.10.30 as the Virtual Server IP, 3306 for the port, and use the name MySQLVserver for the Vservername.
5. It is important that the MySQL database server receives requests over a specific IP address,
as this is how security grants are administered. Click on the Profiles tab and choose the
profile associated with the subnet IP address ending in 90.
Page 15
Step Action
6. Click the Services tab.
Click on Add at the bottom of this window to create a MySQL Service on the fly.
Choose MySQL as the protocol, enter 192.168.10.13 as the Server, 3306 as the port, and call
it MySQL-Svc.
Bind the monitor MySQL-Custom-Monitor to the service, and click Create.
7. The Service should now be visible and active in the Create VServer window, and the
service should be up. If not, then move to step 9.
Click Create and Close.
If there is an error, you may need to wait a minute for the service to re-check the health and
report the correct message as indicated above.
Close the Service Window.
Page 16
Step Action
9. Enable the Responder Feature. (Right Click the yellow circle and choose Enable).
Navigate to the Responder Feature Actions. Click on Add.
Give it a name of No-Drop and choose Respond with SQL Error from the drop down.
Enter some text into the Target window along the lines of:
The Drop command is not allowed to be executed through the Load Balanced VServer e.g.
(No quotation marks required)
Click Create and Close.
10. Click on Policies under the Responder feature, and click add.
11. Enter MySQL-Pol-No-Drop as the Responder name.
Choose No-Drop from the Action drop down list.
12. Click once in the expression field, hold down CTRL and press the space bar. Choose
MySQL and double click.
Now press the full stop (period) and use the expression builder to create the following
expression:
MYSQL.REQ.QUERY.COMMAND.EQ("drop")
13. Click Create and Close.
14. Click on the Policy Manager button at the bottom of the window.
15. Choose MySQL from the drop down in the top left hand corner of the Policy Manager
window.
Page 17
Step Action
16. Click on LB Virtual Server, and double click on MySQL-VServer so that the Insert
Policy is activated, like below.
17. Click Insert Policy and choose the Responder policy you just created, MySQL-Pol-NoDrop. There should only be ONE entry in the bind responder policy window. If you added
a second policy by mistake, ensure you remove it before clicking Apply Changes
18. Click Apply Changes and click Close. Choose Yes if prompted to save your changes.
19. The VServer is now ready to receive requests from any MySQL Client.
20. Were going to use a graphical client to connect to the LB VServer.
Click on Start Programs and scroll up to click on HeidiSQL
Page 18
Step Action
21. The Connection settings should be pre-populated. Click on Open
22. You should see a list of available tables. Click on the Query tab:
If Heidi does not connect, then you can check the troubleshooting section at the end of this
exercise.
23. Enter the following text into the text field, and click the blue Play symbol to the upper
right: drop database test;
24. This sends the command to the database. The responder policy should pick this up, and you
should see the response:
25. Click Ok and minimise the HeidiSQL Client, and return to the NetScaler configuration
Utility.
Page 19
Summary
Key Takeaways
Using Responder, you can choose to send a response to any MySQL or MSSQL request. You simply need to choose what commands\ strings\
arguments trigger the Responder in the Responder policy
Page 20
2.
3.
4.
5.
You will see a page where you can submit an IP address. This is set to the MySQL VServer
IP configured earlier by default. You can change the IP by entering a new one and clicking
Submit but there is no need to do so if youve used the suggested IP addresses in
previous labs. This IP address will be used as the Database Server IP address that the web
application will send a MySQL query to.
Once you are satisfied that your NetScaler MySQL VServer is up and listening for requests,
click the link to execute the long query. If the page displays the message MySQL Server has
gone away please hold down Shift and press F5. If it continues to display the error
message, check the status of the monitor bound to the service and call over one of the
facilitators.
Look at the bottom of the browser to check if the page is loading. If you see:
and
then you know that the page is
loading, please have patience! It will take approximately 1-2 minutes to run. You can
continue with the lab while you are waiting (step 6), but check back after a minute to make
sure there are no errors.
Once the page has full loaded you will see the table, along with the query used, and the
execution time. This value is taken using PHP which starts a counter before the query, and
after the last byte of response is received from the MySQL VServer.
Page 21
Step
6.
7.
8.
Action
Now we will set up the caching configuration. This is one of the few features we choose to
leave DISabled while we configure it. (See why in the notes at the end of this lab.)
Unlike HTTP a cache selector is mandatory for Database Response caching. In the
NetScaler configuration, browse to Integrated Caching and drill down to Cache
Selectors. Click Add.
Give it a name of DB-Query, and choose the following expression:
MYSQL.REQ.QUERY.TEXT
Click Add and then click Create, and then click Close.
9.
10.
11.
Next we will create our Content Group. Expand "Content Groups and click Add.
Choose MySQL as the type, and give it a name like MySQL-Cache.
Choose Expire Content After - 500 seconds.
12.
Click on the Paramaterization tab and choose the Hit Selector you just created from the
drop down.
Page 22
Step
13.
14.
15.
Action
Click on the Memory tab and enter 2000 for the Do Not Cache if size Exceeds value.
16.
Click once on the Integrated Cache feature on the left hand side. In the right hand pane,
you should see the global settings for this feature.
Click Change Cache Settings and set the Memory Usage Limit to 100.
Click OK.
17.
Right click the yellow circle beside Integrated Cache and choose Enable Feature.
Page 23
Step
18.
19.
Action
Expand Load Balancing Virtual Servers and open the MySQL Virtual server by double
clicking it. Click on the Policies tab, and choose Cache (Request). Click Insert Policy,
and choose the MySQL Cache policy that you just created.
Click Ok
Page 24
Summary
Key
Takeaways
NOTES
Page 25
6.
7.
8.
9.
Click on Policies under Integrated Cache. Click on Add. Give it a name like AnalyticsCache-Pol. Choose the group you just created from the drop down.
In the Expression window, enter the following expression:
ANALYTICS.STREAM("Top_URL").IS_TOP(5)
Click Create and then Close.
Right click Integrated Cache and Enable the feature once more.
Page 26
Step
10.
11.
12.
13.
Action
Navigate to Load Balancing Virtual Servers. Open the HTTP LB Server that is UP and
open it. Click on the policies tab:
14.
Click on Cache (Request), choose Insert Policy and add the Analytics-Cache-Pol
Click on Responder, choose Insert Policy, and add the Top_URL policy.
Open a new tab on FireFox and enter the IP of the Vserver to which you bound the last
two policies. E.g. http://192.168.10.26/
Click on Tools HttpFox Toggle HttpFox
15.
16.
Click on the NetScaler 10 word until you reach Page 5, and stop.
Page 27
Step
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
Action
Now click on one of the rows in HttpFox, and look at the response headers:
Note the Via Header inserted by the NetScaler as it serves the object from the cache.
Click Stop in HttpFox and close the plugin by clicking the red X in the top right hand
corner of the HttpFox window.
Return to the NetScaler administration window, and Navigate to App Expert Action
Analytics Stream Identifiers.
Click on Top_URL and click on the button Stream Sessions at the bottom of the window
to view the objects in graphical format.
Navigate to Integrated Caching and click on Cache Objects. (It takes a second to load
as this information is still accessed via java.) If the browser fails to display the content, you
could try loading the NetScaler configuration utility in Chrome, and viewing it from there.
Sometimes, when viewing Cache Objects in Firefox, the Firefox browser crashes. If this
happens, please switch to Chrome, where the issue should not occur.
Alternatively, see Step 27 for the CLI command to view the exact same data.
From the NetScaler CLI, enter the following command:
stat stream identifier Top_URL
Now enter the command:
clear stream session Top_URL
Return to the page in your browser Citrix NetScaler 10 Page 5 and click the next 5 links.
From the NetScaler CLI, enter the following command:
stat stream identifier Top_URL
Confirm that the new requests are in the cache by executing the following CLI command:
show cache objects
View the indepth details of the cache object by executing the following command:
show cache show cache object locator xxxxxxxxxxxxxxxx
Replace the xxxxxxxxs with the locator string shown in the output of show cache object.
Pay special attention to the Expiry field.
An example of the above command would be:
show cache object -locator 0x0000000e4d2900000043
Page 28
Summary
Key
Takeaways
NOTES
How to use Analytics in a NetScaler feature, e.g. Integrated Cache, and view
the analytic results graphically in the NetScaler Configuration Utility.
There are several CLI examples in this lab to demonstrate how to view additional
information. It is sometimes easier to go to the CLI to view this information as we
can grep the results.
Page 29
3.
4.
5.
6.
7.
8.
9.
10.
This opens a Create Virtual Server dialog box. Give it a name of DNS-LB-Vserver
Use the IP address 192.168.10.30. The default port is pre-selected as 53.
The Services tab is displayed by default, click Add.
Enter DNS-SVC as the service name, and enter 192.168.10.11 into the server field.
Do not choose the default DNS monitor type.
Choose DNS from the protocol dropdown box, and click Create.
The Add Service window should close and the DNS-SVC service should be activated in
your Create Vserver dialog box. Click Create. This will close the window.
You have now returned to the Create Name Server box, and your DNS LB VServer is in
the drop down box. Click Create and click Close.
Verify that your DNS LB Vserver is enabled and has an Effective State of Up.
Page 30
Step
11.
Action
You can test your DNS LB Vserver by following these steps:
a. Open a DOS Command prompt box. (Start Type cmd in the search box, and
click the link cmd.exe.)
b. Type nslookup and press enter
c. Type server 192.168.10.30 and press enter
d. Type www.citrix.com and press enter.
12.
13.
14.
15.
16.
17.
18.
19.
20.
Page 31
Step
21.
22.
23.
24.
25.
Action
In the Expression field, enter the following expression:
DNS.RES.QUESTION.DOMAIN.CONTAINS("training.lab").NOT &&
DNS.RES.HEADER.RCODE.EQ(NXDOMAIN) &&
DNS.RES.QUESTION.DOMAIN.CONTAINS("netscaler")
Page 32
Summary
Key
Takeaways
NOTES
Creating a load balancing VServer for NetScaler based name resolution (i.e.
so the NetScaler itself can resolve host records)
Creating a granular (i.e. based on the hostname of the request) DNS rewrite
action to replace negative responses with positive responses and an IP
address.
Page 33
5.
6.
7.
8.
Page 34
Step
9.
10.
Action
Click on the Advanced tab, and in the bottom right, set the Auto Scale Mode to DNS.
Click Create and then Close.
The GUI will not display the service IPs immediately, as they are being resolved. The
results, IP addresses, and state will be available in the CLI if you execute the command:
sho servicegroup DBS-Autoscale
where the service group name is DBS-Autoscale. Future builds should resolve this issue.
Summary
Key
Takeaways
NOTES
Page 35
Revision History
Revision
1.0
Change Description
Updated By
Original Version
Rnn OBrien
Date
October 2012
About Citrix
Citrix Systems, Inc. designs, develops and markets technology solutions that enable information technology (IT)
services. The Enterprise division and the Online Services division constitute its two segments. Its revenues are
derived from sales of Enterprise division products, which include its Desktop Solutions, Datacenter and Cloud
Solutions, Cloud-based Data Solutions and related technical services and from its Online Services division's Web
collaboration, remote access and support services. It markets and licenses its products directly to enterprise
customers, over the Web, and through systems integrators (Sis) in addition to indirectly through value-added
resellers (VARs), value-added distributors (VADs) and original equipment manufacturers (OEMs). In July 2012, the
Company acquired Bytemobile, provider of data and video optimization solutions for mobile network operators.
http://www.citrix.com
Page 36