Book Image

Troubleshooting NetScaler

By : Raghu Varma Tirumalaraju
Book Image

Troubleshooting NetScaler

By: Raghu Varma Tirumalaraju

Overview of this book

NetScaler is a high performance Application Delivery Controller (ADC). Making the most of it requires knowledge that straddles the application and networking worlds. As an ADC owner you will also likely be the first person to be solicited when your business applications fail. You will need to be quick in identifying if the problem is with the application, the server, the network, or NetScaler itself. This book provides you with the vital troubleshooting knowledge needed to act fast when issues happen. It gives you a thorough understanding of the NetScaler layout, how it integrates with the network, and what issues to expect when working with the traffic management, authentication, NetScaler Gateway and application firewall features. We will also look at what information to seek out in the logs, how to use tracing, and explore utilities that exist on NetScaler to help you find the root cause of your issues.

Related Content you might be interested in

Current Title:

Small book image
Troubleshooting NetScaler
Raghu Varma Tirumalaraju
Apr, 2016 | 270 pages
Small book image
Business Intelligence Career Master Plan
Danny Moncada | Eduardo Chavez
Aug, 2023 | 284 pages
Small book image
Mastering NLP from Foundations to LLMs
Meysam Ghaffari | Lior Gazit
Apr, 2024 | 340 pages
Small book image
Principles of Data Science
Sinan Ozdemir
Jan, 2024 | 326 pages
Table of Contents (17 chapters)
Troubleshooting NetScaler
Troubleshooting NetScaler
Credits
Credits
Notice
Notice
About the Author
About the Author
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
NetScaler Concepts at a Glance
NetScaler Concepts at a Glance
The NetScaler filesystem
A brief look at NetScaler address types
Request Switching and Connection Multiplexing
User interface options
NetScaler modes
The mode switches on the NetScaler
Summary
2
Traffic Management Features
Traffic Management Features
Load balancing
SSL
Content switching
Global Server Load Balancing
Summary
3
Integrated Caching and Compression
Integrated Caching and Compression
Integrated Caching
Compression
Summary
4
AAA for Traffic Management
AAA for Traffic Management
Lightweight Directory Access Protocol
RADIUS protocol
Client Certificate Based Authentication protocol
NTLM SSO (401 Based Authentication)
Form-based Authentication
Kerberos authentication
Configuration checklist
Kerberos authentication with Protocol Transition
Security Assertion Markup Language
Verifying a successful exchange using counters
Summary
5
High Availability and Networking
High Availability and Networking
High Availability
Ports used for High Availability
Configurations kept independent in High Availability
HA pairing requirements
Setting up and verifying High Availability
Troubleshooting HA Failovers
Summary
6
Application Firewall
Application Firewall
Deployment considerations
HTTP changes that occur when using AppFirewall
Configuring logging
Application attacks and AppFirewall protections
Troubleshooting
Performance issues when enabling AppFirewall
Summary
7
NetScaler Gateway™
NetScaler Gateway™
Basic and Smart Access Modes
NetScaler Gateway™ VPNs
NetScaler Gateway™ Integration with XenApp and XenDesktop
NetScaler Gateway™ integration with XenMobile
Troubleshooting XenMobile and NetScaler integration
Summary
8
System-Level Issues
System-Level Issues
Licensing issues
NTP issues
SNMP issues
CPU and memory issues
Disk issues
Crash and hang issues
Summary
9
Troubleshooting Tools
Troubleshooting Tools
The nsconmsg utility
Using nstrace to capture a packet trace
The Showtechsupport utility
Dashboard and Reporting tabs
Web-based analysis with Citrix Insight Services
Citrix Command Center
Insight center
Summary
Index
Index

Configuring logging

Logs are crucial when troubleshooting AppFirewall issues. For AppFirewall to log any requests when one of the configured protections receives a hit, logging needs to be enabled for that specific protection. These logs are written to /var/log/ns.log. In the interest of preserving them for longer than the NetScaler logging process permits, you can also consider sending them to a syslog server through a syslog policy.

Logging works independent of blocking. To explain this, consider the following screenshot:

As a result of this configuration:

  • CSRF violations will both be blocked and all blocking will be logged

  • XSS attacks will not be blocked but you will still see log entries to warn you

  • SQL injection attacks will be blocked silently (not useful if you are trying to troubleshoot)

Note

Note that AppFirewall also supports CEF (Common Event Format) logging, a popular open standard for logging. Using CEF logging helps when you want to use third-party applications to aggregate your...

Previous Section
End of Section 4
Next Section