万本电子书0元读

万本电子书0元读

顶部广告

Troubleshooting NetScaler电子书

售       价:¥

37人正在读 | 0人评论 9.8

作       者:Raghu Varma Tirumalaraju

出  版  社:Packt Publishing

出版时间:2016-04-01

字       数:249.2万

所属分类: 进口书 > 外文原版书 > 电脑/网络

温馨提示:此类商品不支持退换货,不支持下载打印

为你推荐

  • 读书简介
  • 目录
  • 累计评论(0条)
  • 读书简介
  • 目录
  • 累计评论(0条)
Gain essential knowledge and keep your NetScaler environment in top form About This Book Learn how the main features - Load Balancing, Content Switching, GSLB, SSL offloading, AAA, AppFirewall, and Gateway work under the hood using vividly explained flows and traces Explore the NetScaler layout and the various logs, tools and methods available to help you when it’s time to debug An easy-to-follow guide, which will walk you through troubleshooting common issues in your NetScaler environment Who This Book Is For This book is aimed at NetScaler administrators who have a basic understanding of the product but are looking for deeper exposure and guidance in identifying and fixing issues to keep their application environment performing optimally. What You Will Learn Troubleshoot traffic management features such as load balancing, SSL, GSLB and content switching Identify issues with caching and compression Deal with authentication issues when using LDAP, RADIUS, certificates, Kerberos and SAML Diagnose NetScaler high availability and networking issues Explore how application firewall protections work and how to avoid false positives Learn about NetScaler Gateway integration issues with XenApp, XenDesktop, and XenMobile Deal with NetScaler system-level issues Discover the NetScaler troubleshooting tools In Detail NetScaler is a high performance Application Delivery Controller (ADC). Making the most of it requires knowledge that straddles the application and networking worlds. As an ADC owner you will also likely be the first person to be solicited when your business applications fail. You will need to be quick in identifying if the problem is with the application, the server, the network, or NetScaler itself. This book provides you with the vital troubleshooting knowledge needed to act fast when issues happen. It gives you a thorough understanding of the NetScaler layout, how it integrates with the network, and what issues to expect when working with the traffic management, authentication, NetScaler Gateway and application firewall features. We will also look at what information to seek out in the logs, how to use tracing, and explore utilities that exist on NetScaler to help you find the root cause of your issues. Style and approach This helpful guide to troubleshooting NetScaler is delivered in a comprehensive and easy-to-follow manner. The topics in the book adopt a step-by-step approach.
目录展开

Troubleshooting NetScaler

Table of Contents

Troubleshooting NetScaler

Credits

Notice

About the Author

About the Reviewers

www.PacktPub.com

eBooks, discount offers, and more

Why subscribe?

Preface

What this book covers

What you need for this book

Who this book is for

Conventions

Reader feedback

Customer support

Errata

Piracy

Questions

1. NetScaler Concepts at a Glance

The NetScaler filesystem

Folders on /flash

Folders on /var

A brief look at NetScaler address types

NetScaler IP

Virtual IP

Mapped IP

Subnet IP

GSLB Site IP

Request Switching and Connection Multiplexing

User interface options

GUI

CLI

Console

Shell

Nitro

SFTP

NetScaler modes

Endpoint and Nonend point mode

ANY, L4, or L7 modes

The mode switches on the NetScaler

Modes that are enabled by default

Fast Ramp

Edge Configuration

Using Subnet IP

The Layer 3 mode

Path MTU Discovery

Modes that are disabled by default

Summary

2. Traffic Management Features

Load balancing

Considerations

Startup RR factor

To USIP or not to USIP

Choosing a VIP type

Special considerations for load balancing Firewalls or CloudBridge appliances

Prefer Direct Route

vServer specific MAC – when daisy chaining FW VIPs or CloudBridge appliances

Services or ServiceGroups

Common LB issues

Troubleshooting – unable to access a newly created VIP

Troubleshooting application failures where VIP is UP

Troubleshooting VIP performance issues

Troubleshooting VIP distribution issues

Why is the table empty when I configure cookie persistency?

What is the difference between established and open established?

Troubleshooting intermittent issues

SSL

SSL deployment considerations

Certificates

Using Wireshark to examine the handshake

SSL handshake

A session-reused handshake

Session reuse and troubleshooting

Decrypting a trace using Wireshark

What if I needed to share this key with the Citrix tech support for troubleshooting?

Troubleshooting SSL issues

Wireshark troubleshooting for SSL failures

SSL card failures

SSL security concerns

Engaging with Citrix

Content switching

Troubleshooting service unavailable errors

Content switching timeout errors

Global Server Load Balancing

GSLB flow

Metric Exchange Protocol

MEP versus monitors

RPC considerations

Troubleshooting GSLB

DNS caching and GSLB

MEP down issues

RPC related issues

Troubleshooting proximity-based methods

Summary

3. Integrated Caching and Compression

Integrated Caching

Understanding HTTP headers as they relate to caching

Evaluating cache policies

A sample cache response

What kind of content should I cache and not cache?

NetScaler's default caching behavior

Handling dynamic content

Considerations for caching dynamic content

How's my cache doing?

Getting a closer look at objects in the cache

Flushing versus expiring an object

Flash cache

Troubleshooting caching issues

Compression

The NetScaler's default compression behavior

Impact of using Compression

Verifying and monitoring Compression

Understanding the packet flow

Troubleshooting considerations

Summary

4. AAA for Traffic Management

Lightweight Directory Access Protocol

Authentication flow

Troubleshooting LDAP

RADIUS protocol

Authentication flow

Troubleshooting RADIUS authentication

Client Certificate Based Authentication protocol

Client versus Server Certificates

Authentication Flow when using Client Certificates

NTLM SSO (401 Based Authentication)

NTLM Authentication flow

Troubleshooting NTLM

Form-based Authentication

Authentication flow

Kerberos authentication

Kerberos parties

Configuration checklist

Kerberos deployment options

Authentication flow

Kerberos authentication with Protocol Transition

Troubleshooting Kerberos

Security Assertion Markup Language

Certificates in SAML

Canonicalization in SAML

SP Initiated SSO

IDP initiated SSO

Verifying a successful exchange using counters

Troubleshooting

Summary

5. High Availability and Networking

High Availability

Ports used for High Availability

Configurations kept independent in High Availability

HA pairing requirements

Setting up and verifying High Availability

Troubleshooting HA Failovers

HA Node state issues

Heartbeats not being seen

Identifying Failovers in events

VLAN issues causing heartbeat failures

New primary doesn't take over traffic after Failover

ARP issues

Stay secondary being set

Both nodes unhealthy

Split brain issues

Synchronization and propagation issues

Networking issues

NetScaler packet handling

Error conditions that contribute to packet drops

NIC buffer issues

Network loops

VLAN issues

Unsupported SFPs

Link aggregation issues

USIP networking issues

Network issues from blocked source IPs

Summary

6. Application Firewall

Deployment considerations

HTTP changes that occur when using AppFirewall

Configuring logging

Application attacks and AppFirewall protections

Cross-site scripting

To protect against XSS attacks

SQL injection

To protect against SQL injection attacks

Forceful browsing attacks

To protect against forceful browsing

Attacks based on Parameter tampering

Cookie tampering

To protect against cookie tampering

Hidden field tampering

To protect against hidden field tampering

Buffer overflow attacks via long URLs and queries

To protect against buffer overflow attacks

Cross Site Request Forgery

To protect against CSRF attacks

XML protections

Signatures

Troubleshooting

Identifying application Firewall blocks

Users reporting XXXX patterns in web pages

Performance issues when enabling AppFirewall

Ruling out AppFirewall as a potential cause

Summary

7. NetScaler Gateway™

Basic and Smart Access Modes

Basic mode

Smart Access mode

NetScaler Gateway™ VPNs

Examining VPN session launch using Wireshark

Phase 1 – The EPA exchange

Phase 2 – The authentication exchange

Phase 3 – Post-login exchange

Troubleshooting NetScaler Gateway™ VPNs

Collecting debug logs from the client's PC

Diagnosing EPA failures

Using aaad.debug for authentication issues

Using ns.log to see authorization and session information

Using the pol_hits counter to examine policy hits

Seeing and managing the users who are logged in

Capturing traces for troubleshooting

NetScaler Gateway™ Integration with XenApp® and XenDesktop®

Published application/desktop launch process

Phase 1 – steps involved in desktop enumeration

Phase 2 – Steps leading to the launch of the published desktop

Troubleshooting XenApp® and XenDesktop® launch issues

NetScaler Gateway™ integration with XenMobile®

XenMobile components

XenMobile launch process with NetScaler Gateway

Phase 1 – Authentication and discovery

Phase 2 – App enumeration and Launch

Troubleshooting XenMobile® and NetScaler integration

Using the wizard for configuration

Using the connectivity checks

Knowing where the logs are

Common integration issue areas

Licenses

Network settings for the application

Account services address

Persistence issues when Load Balancing XenMobile servers

ShareFile SSO issues

Summary

8. System-Level Issues

Licensing issues

NTP issues

Troubleshooting NTP synchronization

SNMP issues

Troubleshooting SNMP on a NetScaler

CPU and memory issues

Types of NetScaler CPU

Exploring high memory issues

Troubleshooting high memory issues

Disk issues

Crash and hang issues

Understanding crashes

Working with crashes

Working with hang issues

Dumping a core on a VPX/MPX when console is available

Dumping a core when NetScaler is completely unresponsive

Understanding NetScaler Build names

Summary

9. Troubleshooting Tools

The nsconmsg utility

nsconmsg syntax and options

Using nstrace to capture a packet trace

Steps to run a trace

The Showtechsupport utility

Running the utility

What does it contain?

The shell directory

The var directory

The nsconfig directory

Dashboard and Reporting tabs

Web-based analysis with Citrix Insight® Services

Citrix Command Center

Troubleshooting tips

Insight center

Troubleshooting insight center

Summary

Index

累计评论(0条) 0个书友正在讨论这本书 发表评论

发表评论

发表评论,分享你的想法吧!

买过这本书的人还买过

读了这本书的人还在读

回顶部