sample copy. not for distribution. - educreation

Sample Copy. Not For Distribution.

i

Citrix Netscaler 11x


ii

Publishing-in-support-of,

EDUCREATION PUBLISHING

RZ 94, Sector - 6, Dwarka, New Delhi - 110075 Shubham Vihar, Mangla, Bilaspur, Chhattisgarh - 495001

Website: www.educreation.in

________________________________________________________________

© Copyright, Authors

All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted, in any form by any means, electronic, mechanical, magnetic, optical, chemical, manual, photocopying, recording or otherwise, without the prior written consent of its writer.

ISBN: 978-1-61813-841-5

Price: ` 565.00

The opinions/ contents expressed in this book are solely of the authors and do not represent the opinions/ standings/ thoughts of Educreation or the Editors . The book is released by using the services of self-publishing house.

Printed in India


iii


Unofficial Lab Guide - For Beginners

Hitesh Popat

EDUCREATION PUBLISHING (Since 2011)

www.educreation.in


iv


v

Prerequisites

Windows 2008/2012 Administrators with at least 2-3 years of experience

with Basic Networking , Active directory, Basic security concepts and

IIS are eligible to attain this course.

One can follow instructions given in the lab Guide with Zero or No

experience with Netscaler and master certain basic concepts on Netscaler

*****


vi

Index

Content Page No

Introduction 1

Preparing Lab For Netscaler VPX 4

Deploying Netscaler 11

Configuring Netscaler 14

Load Balancing 18

High Availability 28

Content Filtering: AppExpert Policies 34

Rewrite & Responder: AppExpert Policies 38

HTTP Compression 44

Integrated Caching 49

Content Switching 55

Securing Netscaler 60

Netscaler Gateway & SSL Offloading 67

Global Server Load Balancing- GSLB 81

Command Line Interface 94

Monitoring Netscaler & Best Practices 96



1

1 . Introduction

Netscaler is a Citrix product mainly known for its load balancing

capabilities, although it would be wrong to define Netscaler as

merely a load balancer.

Netscaler is an appliance which is capable of doing much

more than load balancing. It has various features and

functionalities such as Content filtering , HTTP Compression,

Cloud Bridge, Content Switching, Rewrite , Responder ,URL

Redirection, Integrated Caching, GSLB to name a few.

NetScaler is one of the best application delivery solution, and

boosts the availability and performance of all applications and

data.

Netscaler appliance is available in following types -

MPX - Multiprocessor Xen. This is a hardware box with only

One instance of netscaler running on it.

SDX - Software Delivery Xen. This is a hardware box with

multiple instances of Netscaler running on it -Multi tenant

functionality.

VPX - Virtual Processer Xen. This is available as a virtual

appliance which can run as a virtual machine/appliance on ESX

Server, XenServer, Hyper-V, et

Netscaler is available in the following editions : (Source -

Netscaler data Sheet- Citrix®)

Feature Platinu

m

Edition

Enterpr

ise

Edition

Standar

d

Edition

NetScal

er

Gatewa

y

*Univer

sal

License


Hitesh Popat

2

Application availability

L4 load

balancing and

L7 content

switching

• • •

Microsoft

SQL,

MYSQL

• • •

AppExpert

rate controls • • •

IPv6 support • • •

Traffic

domains • • •

Subscriber-

aware traffic

steering

• • •

Global server

load

balancing

(GSLB)

• • •

Carrier-Grade

Network Address

Translation

(CGNAT)

• •

Dynamic routing

protocols • •

Surge protection

and priority

queuing

• •

TriScale Clustering • •

Application acceleration

Client and

server TCP

optimizations

• • •

AppCompres

s • • •

AppCache • •

Application security



3

*****

L4 DoS

defences • • •

L7 DoS defences • •

L7 rewrite

and responder • • •

NetScaler

Gateway,

SSL VPN

• • •

XenMobile

NetScaler

connector

• •

SAML2

support • • •

AAA for traffic

management • •

NetScaler

AppFirewall with

XML security

• •

IP Reputation • •

nFactor

authentication • • •

NetScaler Cloud Connector •

Front-end optimization**

Content layout • •

Domain sharding • •

Image optimization • •

Style sheets and

JavaScript

optimization

• •

TCP Protocol Optimization

Multi-path

TCP • • •

BIC and

cubic TCP • • •


Hitesh Popat

4

2 . Preparing Lab For Netscaler VPX

Lab -Hardware Requirements –

You would require a 16 GB RAM PC or laptop with windows

installed to practice all labs. 200 GB HDD or more should be

available on c:\

Lab -Software requirements –

You need VMware Workstation 11x , Winrar, Acrobat Reader,

Microsoft office and Netscaler OVF and Google Chrome.

Also you would need windows 2008 R2 ISO which you can

download from Microsoft website - trail version. Also Netscaler

OVF for VMware which can be downloaded from Citrix Website -

trail version. Also Licenses for netscaler platinum are available on

Citrix website for 90 days - Evaluation Licenses for Platinum

Edition should be downloaded.

Note-It might ask for Mac id of Netscalers. you may give

following Mac IDs while downloading licenses-

000c29e83be8 - we will assign this to NetscalerA.

000c29e83be9 - we will assign this to NetscalerB.

Design Lab this way –

Local/base Machine - Turn off firewalls and IE-ESC (Internet

Explorer- Enhanced Security Configuration) from Server Manager.

You may Go to Computers Properties- Device Manager - Add

legacy Device - Network Adaptors and add a Microsoft loopback

adaptor.

Go to Network properties and set following properties for

loopback adaptor.

IP - 192.168.10.1

Subnet - 255.255.255.0

DNS - 192.168.10.100

Install VMware workstation 11.x if not already installed.



5

Install windows 2008 R2 as virtual machine(s) on VMware

Workstation using windows 2008 R2 ISO. We need 5 instances of

the same.

You may name the instances and computer names as

following-

1> Instructor3 - This will be your AD / DNS .

Specifications - 2GB RAM. 40 GB HDD. network adaptor -

Bridged. Firewalls turned off. IE-ESC Turned Off. administrator

password - admin@123.


Hitesh Popat

6

Password-admin@123



7

Virtual machine Name - Instructor3

Store as a single file


Hitesh Popat

8

network adaptor - Bridged.

Post installation do the following settings -

Turn Off firewalls and IE-ESC from Server manager.

Network adaptor -

IP - 192.168.10.100

Subnet - 255.255.255.0

Gateway - 192.168.10.100

DNS - 192.168.10.100

2> WS1 - This will be your Web Server1. Follow similar steps to

install as mentioned above.



password - admin@123

IP - 192.168.10.101

Subnet - 255.255.255.0

Gateway - 192.168.10.100

DNS - 192.168.10.100



9






IP - 192.168.10.102

Subnet - 255.255.255.0

Gateway - 192.168.10.100

DNS - 192.168.10.100






IP - 192.168.10.103

Subnet - 255.255.255.0

Gateway - 192.168.10.100

DNS - 192.168.10.100






IP - 192.168.10.104

Subnet - 255.255.255.0

Gateway - 192.168.10.100

DNS - 192.168.10.100

Make sure that all machines are pinging with each-other and

firewalls are off on all the VMs. Also ensure that base machines

and all VMs are having proper date/time and time zone. Also

ensure network adaptor is bridged in all cases.

Make sure Computer names of machines are changed as per

list given above and also VMware tools are installed.

Now, install Active Directory and DNS on Instructor3.

Domain name - education.ctx.


Hitesh Popat

10

Server Roles - Active Directory Services followed by

DCPROMO.

Once Instructor3 becomes domain controller, reboot it.

Now add all web servers to domain- education.ctx, reboot and

login with domain Ids on respective machines.

Your Lab is ready and should look like below diagram:-

Five VMs running on VMware-Workstation. Lab is Ready.

You may use c:\whoami command on all VMs to ensure that

you have logged in as education\administrator (Domain Admin).

*****

Base PC (Windows) - 16 GB RAM

Instructor3 2GB RAM

ws1 2GB RAM

ws2 2GB RAM

ws3 2GB RAM

WS4 2GB RAM



11

Get Complete Book At Educreation Store

www.educreation.in


sample copy. not for distribution. - educreation

Documents