Welcome to the first chapter of this book. Throughout the course of this book, we will cover how to master Citrix NetScaler. This chapter will cover the most commonly used features of Citrix NetScaler.
Throughout this book, we will be focusing mostly on how to use the most common features of Citrix NetScaler. These features make Citrix NetScaler one of the best Application Delivery Controller (ADC). The features will be available depending on the installed license. So, to sum it up, here's what we will cover throughout this chapter:
- Load balancing
- The NetScaler Gateway
- StoreFront integration
- Authentication
During the installation, it's required to install the purchased license. Then, depending on the installed license, you will get the purchased functionality. The load balancing functionality is one of the most commonly used features in Citrix NetScaler. This is because of support from third-party vendors, which provide support and specific templates for particular services. These templates will be explained in the next chapter of this book. Besides load balancing, Citrix NetScaler is also capable of monitoring the backend that will be used to connect to, so you only connect to the backend machine if the system is healthy. This monitoring functionality is integrated in the load balancing feature. There are some monitoring configurations that are preconfigured. These can be adjusted if necessary. Also, uploading your own monitoring script is a possibility. Furthermore, the NetScaler Gateway is one of the commonly used features on Citrix NetScaler VPX. The NetScaler Gateway will be used to allow access to the Citrix XenApp/XenDesktop environment using an ICA proxy.
To configure Citrix NetScaler, it's necessary to understand the traffic flow in it. Citrix NetScaler uses a few IP addresses to operate:
- NSIP: This is the NetScaler IP address
- MIP: This is the Mapped IP address
- SNIP: This is the Subnet IP address
- VIP: This is the Virtual IP address
The NetScaler IP address is the IP address for management purposes and is also used for authentication. So, it is used as the source IP against LDAP, RADIUS, WebForm, SAML, and so on. NSIP supports SSH, HTTP, and HTTPS by default. Disabling management is possible, if necessary.
The Mapped IP address is the IP address that is used for connectivity to the backend servers. This IP is still available but it's recommended to use the SNIP. The Subnet IP is preferred by Citrix because it allows you to have connectivity between different subnets. When receiving a packet, it replaces the source IP address with a MIP address before it sends the packet to the server. With the servers abstracted from the clients, the appliance manages connections more efficiently.
The Subnet IP address is also an IP address that can be used for connectivity with the backend. A SNIP address is used in connection management and server monitoring. You can specify multiple SNIP addresses for each subnet. SNIP addresses can be bound to a VLAN. The latest firmware requires the use of SNIP during the installation wizard. Also, SNIP is used for DNS requires.
VIP is a Virtual IP address. This VIP address is used in every place where a client/server needs to communicate. The virtual IP is used in load balancing, AAA servers, access gateway virtual servers, and so on.
If you have multiple data centers that are geographically distributed, each data center can be identified by a unique GSLBIP.
Global Server Load Balancing Site IP Addresses (GSLBIPs) exist only on the NetScaler appliance.
An IP set is a set of IP addresses that are configured on the appliance as SNIP. An IP set is identified with a meaningful name that helps identify the usage of the IP addresses contained in it.
A net profile (or network profile) contains an IP address or an IP set. A net profile can be bound to load balancing or content switching virtual servers, services, service groups, or monitors. During communication with physical servers or peers, the appliance uses the addresses specified in the profile as source IP addresses.