Preface

NetScaler is a high performance Application Delivery Controller (ADC). Making the most of it requires knowledge that straddles the application and networking worlds.

As an ADC owner, you will also likely be the first person to be solicited when your business applications fail. You will need to be quick in identifying whether the problem is with the Application, the Server, the network, or NetScaler itself.

This book provides you with the vital troubleshooting knowledge needed to act fast when issues happen. It gives you a thorough understanding of the NetScaler layout, how it integrates with the network and what issues to expect when working with the Traffic Management, Authentication, NetScaler Gateway and Application Firewall features. We will also look at what information to seek out in the logs, how to use tracing and explore utilities that exist on the NetScaler to help you root cause your issues.

What this book covers

Chapter 1, NetScaler Concepts at a Glance, provides a short review of NetScaler background concepts. NetScaler runs as a User Process on top of FreeBSD and therefore its layout will unsurprisingly be familiar to Unix and Linux Administrators. However, some folders are of particular importance to NetScaler and the chapter reviews these folders. We will also look at the different types of IP addresses that NetScaler administrators need to be aware of, as well as how the various modes offered impact NetScaler behavior.

Chapter 2, Traffic Management Features, explains the concept of Traffic Management, which is the umbrella term used to describe the traffic handling features of NetScaler. These are load balancing, SSL Offloading, Content Switching, and GSLB. In this chapter, we will look at how to troubleshoot uneven distribution when using load balancing. There are also several options here that need to be considered when they are enabled. We discuss these considerations before looking at some useful counters that help understand how NetScaler is load balancing requests in greater detail and finish the section with a step-by-step approach to troubleshoot page load failures when using load balancing. We then look at SSL Offloading, which adds security on top of normal load balancing. We look at the SSL Handshake and Certificate related failures when implementing SSL offloading and also how to decrypt an SSL trace so you can see the requests in clear text, which is something you will be doing very often when troubleshooting SSL issues. We conclude this section with some SSL Best Practices. We continue on to Content Switching to discuss how to resolve some of the common errors seen with this feature. Finally, we look at troubleshooting GSLB failures using counters, nslookup, and nsmap.

Chapter 3, Integrated Caching and Compression, explains Caching and Compression which are HTTP standards-based optimization features. They help conserve bandwidth and help pages load faster in the process.

In this chapter, we discuss Caching-related terminology and how the policy evaluation process happens. This knowledge is key to troubleshooting as it helps determine whether an object should or shouldn't have been cached. We then look at caching best practices before focusing on troubleshooting. We also look at a number of wireshark examples to highlight the necessary details.

We then look at Compression starting with some guidance on which kind of content should and shouldn't be compressed before looking at how Compression works at a header level. We then conclude the chapter by looking at troubleshooting for Compression.

Chapter 4, AAA for Traffic Management, covers AAA for Traffic Management that adds AAA (Authentication Authorization and Accounting) to the otherwise un-authenticated traffic and it does so using encryption so that the exchange is also secure. In this chapter, we focus on the various protocols that NetScaler supports for Authentication and there are a few of them. Using Wireshark we will examine LDAP, RADIUS, Client Certificate, Form Based, Kerberos, and SAML authentication mechanisms in good detail. The last of these two protocols are especially gaining importance recently in the NetScaler world. Each of these protocols also has their own set of troubleshooting techniques which we look at in tandem.

Chapter 5, High Availability and Networking Issues, explains NetScaler High availability, which is how nearly all NetScaler deployments are currently done. We look at how heartbeats work and the conditions that cause a failover, how to identify them going back in time and how to remedy them.

In the second half of this chapter, we look at how NetScaler handles packets at the NIC level. This serves to explain why NetScaler has picked up or dropped a packet. We then differentiate between normal and error conditions based on interface outputs before focusing on the wider Networking-related issues that are often seen in NetScaler deployments and discuss how to troubleshoot them.

Chapter 6, Application Firewall, describes Application Firewall as a Firewall for Web Applications. Instead of regular connections that focus on TCP connection state and connection rules, Application Firewalls use input validation at layer 7. This input validation is in part set up by the Administrator based on the understanding of security risks associated with the application, for example, potentially risky SQL commands if the Application is a database a pplication. In this chapter, we cover the essential background such as what those vulnerabilities are and how Application Firewall can protect against them. We also examine changes that Application Firewall makes to requests to offer that protection. We then look at the logging mechanisms available on NetScaler for this feature and how to use them to identify why the request is failing.

Chapter 7, NetScaler Gateway, explains that NetScaler Gateway is the remote access feature of NetScaler. Apart from being an SSL VPN solution, which works with and without a Client, it is also the preferred way to extend XenApp, XenDesktop, and XenMobile access across the Internet.

In this chapter, we examine using wireshark how each of the capabilities such as VPN, XenApp, XenDesktop, and XenMobile integration work. This will provide you with good baseline information that you can use as a comparison during troubleshooting. We then discuss the common issues in each of these areas and how to troubleshoot them using the logs available on NetScaler, Wireshark, and helpful error codes where available.

Chapter 8, System Level Issues, discusses the issues that can impact the NetScaler system as a whole. These vary from issues such as features being unavailable and software bugs such as crashes and hangs, performance issues such as CPU and Memory to hardware issues.

We conclude the chapter with a brief discussion of the various types of builds available for the NetScaler, which will hopefully help you when it comes to deciding on a build for your next upgrade or deployment.

Chapter 9, Troubleshooting Tools, introduces the tools available on NetScaler to aid with troubleshooting. While the information covered here is also laced throughout the book in examples, a quick read of this chapter upfront will prove very useful as it covers all of this information in one place. We cover tools such as tracing and nsconmsg available on NetScaler itself along with external tools. We also discuss some points to consider when troubleshooting the Command Center and Insight Center tools themselves.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
3.147.28.206