advanced troubleshooting of citrix netscaler

of 50/50
Jacob Salassi Sr. Escalation Engineer / TRM (TECH307: Deploying and Troubleshooting the Citrix NetScaler with XenApp and Web Interface)

Post on 30-Oct-2014

927 views

Category:

Documents

28 download

Embed Size (px)

TRANSCRIPT

(TECH307: Deploying and Troubleshooting the Citrix NetScaler with XenApp and Web Interface)Jacob Salassi Sr. Escalation Engineer / TRM

AgendaTroubleshooting Techniques for NetScaler Deploying XenApp and Web Interface with NetScaler Troubleshooting and Best Practices for XenApp / Web Interface with NetScaler

Troubleshooting Techniques: Key NetScaler ProcessesProcessns_master nsvpnd

DescriptionRuns Citrix NetScaler OS SSL VPN File Transfers { Samba }

nsaaadnsconf nsauthd nslog.sh

RBA and SSL VPN External AuthWrites the ns.conf file CLI Authentication Controls Logging for newnslog

nssyncnsreadfile nscrlrefresh

HA syncUsed to read SSL Cert Files SSL CRL list update

Troubleshooting Techniques: Key NetScaler Processes (cont)Processnslcd

DescriptionRuns the front panel LCD

nsfsyncdnsnetsvc nsumond nsconmsg nscollect

Sync bookmarks and ssl certsUsed by the GUI for config changes Runs the scriptable monitors Controls writing of newnslog Statistics gathering for historical reporting

nsdynrouting, nsdreventimi, ripd, ospfd, bgpd

Handle events, HA syncsRouting processes

Troubleshooting Techniques: NetScaler File System /var - Hard Drive Logs - /var/log and /var/nslog Install - /var/nsinstall Trace - /var/nstrace Core Dumps - /var/crash and /var/core /flash - Flash Drive Config - /flash/nsconfig SSL Certificates - /flash/nsconfig/ssl User Monitors - /flash/nsconfig/monitors Custom options - /flash/nsconfig NS Kernel - /flash / - RAM Drive OS

Troubleshooting Techniques: /var/log Important files in /var/log Ns.log Messages Other files in /var/log Httperror.log cron Dr_error.log Httpaccess.log License.log Nscollect.log Nsvpn.log Nsvpnd.log Snmpd.log

Troubleshooting Techniques: /var/nslog Important files in /var/nslog newnslog newnslog.*.gz Other files in /var/nslog ns.log nsumond.log nslog.nextfile

Troubleshooting Techniques: Show CommandsCommon show commands for system information: show node show info show license Common show commands for vserver and service: show lb vserver show cs vserver show service show persistencesession show connectiontable Other common show commands: show route show ip show dns addrec -type proxy

Show node

Show feature

Show ns mode

Show lb vserver

Show lb vserver [name]

Show service [name]

Troubleshooting Techniques: stat commandCommon stat commands for system information: Stat ns Stat cpu Stat interface Common stat commands for vserver and service: Stat lb vserver Stat cs vserver Stat service Other common stat commands: Stat dns Stat ssl Stat http

Stat interface [name]

Stat lb vserver [name]

Stat service [name]

Troubleshooting Techniques: nsconmsgNsconmsg common use cases View events View console messages View statistics Debug system counters Debug load balancing issues Debug CPU/Memory utilization Nsconmsg common syntax Nsconmsg K /var/nslog/newnslog Nsconmsg K /var/nslog/newnslog Nsconmsg K /var/nslog/newnslog Nsconmsg K /var/nslog/newnslog Nsconmsg K /var/nslog/newnslog

-d event -d consmsg -d oldconmsg -s ConLb=2 d oldconmsg -s ConDebug=1 d oldconmsg

MAKE SURE TO USE K, NOT -k

Nsconmsg K /var/nslog/newnslog -d event

Nsconmsg K /var/nslog/newnslog d consmsg

Nsconmsg K /var/nslog/newnslog d oldconmsg

Nsconmsg K newnslog s ConLB=2 d oldconmsg

Troubleshooting Techniques: nstrace & nstcpdumpNstrace Common syntax: Nstrace.sh sz 0 Nstrace.sh sz 0 filter SOURCEIP = 10.198.4.10 link enabled Filter qualifiers and operators: SOURCEIP, SOURCEPORT, DESTIP, DESTPORT, SVCNAME, VSVRNAME, STATE ==, eq, !=, neq, >, gt, =, ge,