Troubleshooting NetScaler
eBook - ePub

Troubleshooting NetScaler

  1. 270 pages
  2. English
  3. ePUB (mobile friendly)
  4. Available on iOS & Android
eBook - ePub

Troubleshooting NetScaler

About this book

Gain essential knowledge and keep your NetScaler environment in top formAbout This Book• Learn how the main features - Load Balancing, Content Switching, GSLB, SSL offloading, AAA, AppFirewall, and Gateway work under the hood using vividly explained flows and traces• Explore the NetScaler layout and the various logs, tools and methods available to help you when it's time to debug• An easy-to-follow guide, which will walk you through troubleshooting common issues in your NetScaler environmentWho This Book Is ForThis book is aimed at NetScaler administrators who have a basic understanding of the product but are looking for deeper exposure and guidance in identifying and fixing issues to keep their application environment performing optimally.What You Will Learn• Troubleshoot traffic management features such as load balancing, SSL, GSLB and content switching• Identify issues with caching and compression• Deal with authentication issues when using LDAP, RADIUS, certificates, Kerberos and SAML• Diagnose NetScaler high availability and networking issues• Explore how application firewall protections work and how to avoid false positives• Learn about NetScaler Gateway integration issues with XenApp, XenDesktop, and XenMobile• Deal with NetScaler system-level issues• Discover the NetScaler troubleshooting toolsIn DetailNetScaler is a high performance Application Delivery Controller (ADC). Making the most of it requires knowledge that straddles the application and networking worlds.As an ADC owner you will also likely be the first person to be solicited when your business applications fail. You will need to be quick in identifying if the problem is with the application, the server, the network, or NetScaler itself.This book provides you with the vital troubleshooting knowledge needed to act fast when issues happen. It gives you a thorough understanding of the NetScaler layout, how it integrates with the network, and what issues to expect when working with the traffic management, authentication, NetScaler Gateway and application firewall features. We will also look at what information to seek out in the logs, how to use tracing, and explore utilities that exist on NetScaler to help you find the root cause of your issues.Style and approachThis helpful guide to troubleshooting NetScaler is delivered in a comprehensive and easy-to-follow manner. The topics in the book adopt a step-by-step approach.

Tools to learn more effectively

Saving Books

Saving Books

Keyword Search

Keyword Search

Annotating Text

Annotating Text

Listen to it instead

Listen to it instead

Information

Publisher
Packt Publishing
Year
2016
eBook ISBN
9781785280757
Edition
1
Topic
Computer Science
Subtopic
Computer Networking
Index
Computer Science

Troubleshooting NetScaler

Table of Contents

Troubleshooting NetScaler
Credits
Notice
About the Author
About the Reviewers
www.PacktPub.com
eBooks, discount offers, and more
Why subscribe?
Preface
What this book covers
What you need for this book
Who this book is for
Conventions
Reader feedback
Customer support
Errata
Piracy
Questions
1. NetScaler Concepts at a Glance
The NetScaler filesystem
Folders on /flash
Folders on /var
A brief look at NetScaler address types
NetScaler IP
Virtual IP
Mapped IP
Subnet IP
GSLB Site IP
Request Switching and Connection Multiplexing
User interface options
GUI
CLI
Console
Shell
Nitro
SFTP
NetScaler modes
Endpoint and Nonend point mode
ANY, L4, or L7 modes
The mode switches on the NetScaler
Modes that are enabled by default
Fast Ramp
Edge Configuration
Using Subnet IP
The Layer 3 mode
Path MTU Discovery
Modes that are disabled by default
Summary
2. Traffic Management Features
Load balancing
Considerations
Startup RR factor
To USIP or not to USIP
Choosing a VIP type
Special considerations for load balancing Firewalls or CloudBridge appliances
Prefer Direct Route
vServer specific MAC – when daisy chaining FW VIPs or CloudBridge appliances
Services or ServiceGroups
Common LB issues
Troubleshooting – unable to access a newly created VIP
Troubleshooting application failures where VIP is UP
Troubleshooting VIP performance issues
Troubleshooting VIP distribution issues
Why is the table empty when I configure cookie persistency?
What is the difference between established and open established?
Troubleshooting intermittent issues
SSL
SSL deployment considerations
Certificates
Using Wireshark to examine the handshake
SSL handshake
A session-reused handshake
Session reuse and troubleshooting
Decrypting a trace using Wireshark
What if I needed to share this key with the Citrix tech support for troubleshooting?
Troubleshooting SSL issues
Wireshark troubleshooting for SSL failures
SSL card failures
SSL security concerns
Engaging with Citrix
Content switching
Troubleshooting service unavailable errors
Content switching timeout errors
Global Server Load Balancing
GSLB flow
Metric Exchange Protocol
MEP versus monitors
RPC considerations
Troubleshooting GSLB
DNS caching and GSLB
MEP down issues
RPC related issues
Troubleshooting proximity-based methods
Summary
3. Integrated Caching and Compression
Integrated Caching
Understanding HTTP headers as they relate to caching
Evaluating cache policies
A sample cache response
What kind of content should I cache and not cache?
NetScaler's default caching behavior
Handling dynamic content
Considerations for caching dynamic content
How's my cache doing?
Getting a closer look at objects in the cache
Flushing versus expiring an object
Flash cache
Troubleshooting caching issues
Compression
The NetScaler's default compression behavior
Impact of using Compression
Verifying and monitoring Compression
Understanding the packet flow
Troubleshooting considerations
Summary
4. AAA for Traffic Management
Lightweight Directory Access Protocol
Authentication flow
Troubleshooting LDAP
RADIUS protocol
Authentication flow
Troubleshooting RADIUS authentication
Client Certificate Based Authentication protocol
Client versus Server Certificates
Authentication Flow when using Client Certificates
NTLM SSO (401 Based Authentication)
NTLM Authentication flow
Troubleshooting NTLM
Form-based Authentication
Authentication flow
Kerberos authentication
Kerberos parties
Configuration checklist
Kerberos deployment options
Authentication flow
Kerberos authentication with Protocol Transition
Troubleshooting Kerberos
Security Assertion Markup Language
Certificates in SAML
Canonicalization in SAML
SP Initiated SSO
IDP initiated SSO
Verifying a successful exchange using counters
Troubleshooting
Summary
5. High Availability and Networking
High Availability
Ports used for High Availability
Configurations kept independent in High Availability
HA pairing requirements
Setting up and verifying High Availability
Troubleshooting HA Failovers
HA Node state issues
Heartbeats not being seen
Identifying Failovers in events
VLAN issues causing heartbeat failures
New primary doesn't take over traffic after Failover
ARP issues
Stay secondary being set
Both nodes unhealthy
Split brain issues
Synchronization and propagation issues
Networking issues
NetScaler packet handling
Error conditions that contribute to packet drops
NIC buffer issues
Network loops
VLAN issues
Unsupported SFPs
Link aggregation issues
USIP networking issues
Network issues from blocked source IPs
Summary
6. Application Firewall
Deployment considerations
HTTP changes that occur when using AppFirewall
Configuring logging
Application attacks and AppFirewall protections
Cross-site scripting
To protect against XSS attacks
SQL injection
To protect against SQL injection attacks
Forceful browsing attacks
To protect against forceful browsing
Attacks base...

Table of contents

  1. Troubleshooting NetScaler

Frequently asked questions

Yes, you can cancel anytime from the Subscription tab in your account settings on the Perlego website. Your subscription will stay active until the end of your current billing period. Learn how to cancel your subscription
No, books cannot be downloaded as external files, such as PDFs, for use outside of Perlego. However, you can download books within the Perlego app for offline reading on mobile or tablet. Learn how to download books offline
Perlego offers two plans: Essential and Complete
  • Essential is ideal for learners and professionals who enjoy exploring a wide range of subjects. Access the Essential Library with 800,000+ trusted titles and best-sellers across business, personal growth, and the humanities. Includes unlimited reading time and Standard Read Aloud voice.
  • Complete: Perfect for advanced learners and researchers needing full, unrestricted access. Unlock 1.4M+ books across hundreds of subjects, including academic and specialized titles. The Complete Plan also includes advanced features like Premium Read Aloud and Research Assistant.
Both plans are available with monthly, semester, or annual billing cycles.
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 990+ topics, we’ve got you covered! Learn about our mission
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more about Read Aloud
Yes! You can use the Perlego app on both iOS and Android devices to read anytime, anywhere — even offline. Perfect for commutes or when you’re on the go.
Please note we cannot support devices running on iOS 13 and Android 7 or earlier. Learn more about using the app
Yes, you can access Troubleshooting NetScaler by Raghu Varma Tirumalaraju in PDF and/or ePUB format, as well as other popular books in Computer Science & Computer Networking. We have over one million books available in our catalogue for you to explore.