Hi Admin

Here is some details on Microsoft Assessment and Planning Toolkit (MAP)

The Microsoft Assessment and Planning Toolkit (MAP) is a solution accelerator that analyzes the inventory of an organization’s server infrastructure, performs an assessment, and then creates reports that you can use for upgrade and migration plans.

MAP performs four key functions: discovery and inventory of computers and applications, hardware and software migration readiness assessments, software usage tracking, and capacity planning for virtualization, public and private cloud migration.

MAP will answer questions like: Which computer can run Windows Server 2016? Which computers cannot run Windows Server 2016 and what upgrades are needed? Which current physical servers are the best candidates for virtualization and the hosts on which you should place those virtual machines?

MS Video Link on Tool.

Content is copyright at MS.

Thanks

CCA in XenApp/XenDesktop/XenServer,Google Cloud Architect, MCSE, ITIL, Vmware Certified

Microsoft certified - Planning for Security Incident response.

https://www.linkedin.com/in/amit-kumar-gupta-5321a527/

Hi Users

Microsoft has paused the rollout of 1809 release due to some known issue.

https://support.microsoft.com/en-us/help/4464619/windows-10-update-history?irgwc=1&OCID=AID681541_aff_7792_1246483&tduid=(ir_c1eae9e6N899378436793d3aac269f4b6)(7792)(1246483)((cc460d23081e64543088c8fc6cdf9dd9)(190946)(1816154)(jn1jwi5pec00ypei05q12)())(cc460d23081e64543088c8fc6cdf9dd9)&irclickid=c1eae9e6N899378436793d3aac269f4b6

https://www.zdnet.com/article/microsoft-pulls-windows-10-october-update-version-1809/

Keep eye on latest news from MS.

Thanks

Amit Gupta

Hi Citrix Administrators

In this section, we will learn about Advanced load balancing concepts which include.

1. BackUP Vserver and URL Redirections

2. Compression

3. Global Server load balancing (GSLB)

BackUP Vserver and URL Redirections:- There are two techniques through which NS load balanced services can failover to another VIP or URL based on the event.

URL Redirection:- The site or services URL will be redirected to secondary URL in case primary URL hosted VServer fails.

Backup VServer:- The backup server load balancing will allow redirecting the user request to another existing VIP in case of down or overload.

The backup Vserver will take more priority if you have both configured.

Steps to create backup Server is quite simple like creating VIP and adding members to series.

we can define the URL redirection or backup server to handle the production VIP failover or load mgmt.

Compression:- Compression helps in reducing the size of the packet to process further.

There are 2 Major factors for using compression:-

1. Reduced the load on backend Servers

2. Conserves Bandwidth

There are multiple types of content which can be compressed:- 

HTML, XML, CSS, MS Excel, word, powerpoint, plain and Rich text.

There will be no compression happen on already compressed data like.JPG and others. compression is policy based and can be deployed on Vserver or Globally.

Compression is dependent on Browser used by client machine and what kind of compression is supported.

GZIP or Deflate - GZIP and Deflate has the same algorithm and depends on browser compatibility. deflate is little fast compression techniques in comparison to GZIP.

By default, compression is disabled on NS so you need to enable it 1st to use it.

How to change the compression Quantum size-

 How to enable compression on existing VServer:-

How to Create Policy:- The policies can be created from the policy option in HTTP Compression.

We will publish another blog about types of policy as its different deep topic.

Global site load Balancing:- GSLB works as Distributing of incoming Traffic between geographical regions hosting the same application through VServers. it uses the same load balancing method as described in previous blogs.

The GSLB work on DNS query and client IP Range. one of the Netscaler take the role of Authoritative DNS server 

Example - one client is trying to connect to GSLB based site and query reaches to one of the Authoritative NEtscaler DNS which decides redirect the incoming connection to proper NEtScaler VIP which are region wise close to Client IP range.

There are different types of GSLB topology. please refer to Citrix docs for more details which explains in more deep.

1. Active-Active Site Deployment - https://docs.citrix.com/en-us/netscaler/11-1/gslb/gslb-deployment-types/active-active-site-deployment.html

2. Active-Passive Site Deployment - https://docs.citrix.com/en-us/netscaler/11-1/gslb/gslb-deployment-types/active-passive-site-deployment.html

3. Parent-Child Topology Deployment using the MEP Protocol- https://docs.citrix.com/en-us/netscaler/11-1/gslb/gslb-deployment-types/parent-child-topology-deployment.html

In Next blog , we will read with how to configure SSL offload and NS Citrix Access Gateway.

Thanks with Regards

Amit Kumar Gupta

CCA in XenApp/XenDesktop/XenServer,Google Cloud Architect, MCSE, ITIL, Vmware Certified

Microsoft certified - Planning for Security Incident response.

https://www.linkedin.com/in/amit-kumar-gupta-5321a527/

Hello,

In this section, we will learn how to configure load balancing in NetScaler for Web Services and other balancing methods.

To configure load balancing for Web Servers, we need to have 2 Web Server which will be load balanced on NetScaler.

Method of Load Balancing 

1. Least Connection;- This is default method Netscaler uses in load balancing and maintain the equal number of Active connections on backend servers. it works with TCP, HTTP, and HTTPS protocols. 

2. Round robin:- It method send the connection in sequential order, in case of 4 WebServer.

1st incoming connection = Goto Web Server 1

2nd incoming connection = Goto Web Server 2

3rd incoming connection = Goto Web Server 3

4th incoming connection = Goto Web Server 4

5th incoming connection = Goto Web Server 1 and carry on in sequence.

it works on the same protocol as Least connection but not more efficient in load balancing as it does not take into account of backend Active connections.

3. Least Response time Method (LRTM):- It sends the incoming connection to backend Server which response quickly back to Netscaler. it only works with HTTP and HTTPs. this method is more efficient if you have slow and fast response server in the pool and want to have most connection to fast working Servers.

4. Hashing method:- it more efficient method of load balancing as Client request get backend server hash attached and every time any request is made from the same client in particular time window and will always connection back to same backend Server. the connections are distributed randomly in this method.

5. Least Bandwidth:- in this method, NetScaler sense the bandwidth connectivity for backend Servers and send the inputs connection accordingly to most bandwidth backend Server 1st.

6. Least Packets:- it works on the number of packets 

7. Custom:- in this method, Netscaler gather the backend Server information via SNMP Trap and send the connection to better performance Server (based on memory, CPU or etc).

Step to configure load balancing:-

1. Please ensure Load balancing feature is enabled. 

2. Select both and click ok

3. Create Service 

Create Service for all the backend web Server

Web Server T-1 - 192.168.1.2

Web Server T-2 - 192.168.1.3

Web Server T-3 - 192.168.1.4

Web Server T-4 - 192.168.1.5

4. Create Virtual Server which will receive the incoming connection and forward the traffic to backend Servers.

WebServer-LB 192.168.1.10, port 80 and HTTP protocol 

Click ADD Virtual Server --> Goto Services tab --> Select all the 4 available Services there.

5. Goto Method and connection Tab -

6. Select the connection method based on requirement.

7. Click Create and Save the configuration

LB VIP is Created now. Test the website load balancing by browsing the IP 192.168.1.10 over the browser and the traffic will be LB based on defined methods.

Persistence Type:- there are many persistence methods in NS and important for a web application where the requirement is to connect to the same Server where the 1st session was established for particular client.

Method Type :-

Destination IP:- It maintains the table and all the connection from this client will go to previous backend Server

SSL Session ID:- Not more used as different-2 browser uses a different method of SSL ID and can cause problem in NS 

HTTP Cookie: The Cookie is added to each request and sends to client browser so next time incoming request are checked based on Cookie received and connect to same previous backend Server

Source IP: when client ip is used to decide the backend Server connection and confusing in case of NAtting or proxy environment where all the client requests are reflecting one IP Address.

URL Passive:- The URL details are coming with incoming connection and connect to matching URL backend Server.

User-defined rules:- it depends on what value is defined in the configuration, browser version, name, cookie value ..etc.

Persistence types are protocol dependent and some methods are time limited.

Select the Persistence Type based on requirements.

 Thanks for reading the content .

Amit Kumar Gupta

CCA in XenApp/XenDesktop/XenServer,Google Cloud Architect, MCSE, ITIL, Vmware Certified

Microsoft certified - Planning for Security Incident response.

https://www.linkedin.com/in/amit-kumar-gupta-5321a527/ 

Hi Users

Here is very good article for removing MS default apps from Os.

https://www.askvg.com/guide-how-to-remove-all-built-in-apps-in-windows-10/#

Enjoy it

Thanks

Amit Gupta

Hi Citrix Admins

We will not talk about how to setup Netscaler, Licensing and High Availability

Please download the Netscaler VPX from Citrix website.  

https://www.citrix.com/lp/try/netscaler-vpx-platinum.html?utm_campaign=WWWB0511NSTRDIYDR&utm_medium=Paid+Search+(SEM)&utm_source=sem-net-adc-em-en-sea-go&utm_term=Brand&utm_content=ns-do&ctm_programid=wwwb0511nstrdiydr&gclid=CjwKCAjw-dXaBRAEEiwAbwCi5tZ3OQHyD31vNggbt-jerIsQFwhq-wV2qSqT6cnwsTq0V9cgajCAhBoCpfQQAvD_BwE#/email

Link can change in future so search on google download Citrix Netscaler VPX and will get the 1st link for download from citrix.com

The demo download will work 90 days with platinum trail license which will enable all the features and will fit for your lab testing.

Its 1st step to configure the NSIP in order to access the NetScaler GUI interface and further setting up SNIP or MIP , Root password and NTP.

As we import the VPX appliance in Vsphere Vcenter and boot up, it will ask for mgmt ip address for Ns instance.

NetScaler 1 - 10.2.1.11

NetMasK- 255.255.255.0

Gateway: 10.2.1.1

Another instance 

NetScaler 2 : 10.2.1.12

NetMasK- 255.255.255.0

Gateway: 10.2.1.1

 once done with ip --> proceed to save the configuration.

 Select option 4 and Ns configuration will start automatically. o

 Browse the IP 10.2.1.11 and 10.2.1.12 from browser or telnet via putty depends on how you want to configure and work .

Login with default details nsroot and nsroot

post login it will ask for Subnet ip details.

it best advisable to change the password from default and select time zone.

Perform the same on another NetScaler node. we will move to configuration section to perform the further operation but it will through back to the initial screen because we have not deployed licenses on NS devices.

But there is way out. Click on the right top on Skip button to reach configuration section.

if you have many team member working on NS then set up groups and users for different types of access to team members.

Create Groups --> set type of access (operator, read-only, Network or Superuser )

Create User and make the member of Groups accordingly.

as last setup NTP details.

Setting up NetScaler License:- to set up license file we need to login to Citrix.com and generate license file corresponding to NS appliance MAC address.

The file should be available on Ns at boot time so it can read it during boot time otherwise it will consider it un licensed.

Use this machine id in the Citrix portal for generating the license.

https://support.citrix.com/article/CTX130498 

https://support.citrix.com/article/CTX133147

Deploy the license files and reboot the appliance (this should be performed on both NS devices).

Setting up NS HA or Clustering:- it important that both nodes should be running the same build and version to achieve this.

HA and clustering are two different stuff.

For clustering - We would need a separate license and work in Active-Active mode. (both nodes share the load)

There can be minimum 2 and max 32 devices in cluster mode. all the configuration will replicate except SNIP or MIP 

There are 2 methods to configure the Snip / Mip in the cluster called Stripped and Spotted 

Stripped:- all the Ns share the same SNIP (Citrix don't recommend it as it created the problem with ARP as )

Spotted:- All the Ns has different SNIP and recommended by Citrix.

NetScaler HA:-

Its available with All the version and work in the Active-Passive method. (passive nodes become active in case of active node failure)

1. All the NetScaler configuration is synced to the secondary node.

2. Hart beats every 200ms over UPD 3003 port

3. Both node sync 3010 and 3008 ports

4. Command propagation 3008, 3011 ports

5. file Sync TCP / 22

Configure HA is quite simple

1. Login to any of the NetScaler with nsroot --> system configuration--> High Availability

both Ns will show node as primary so not to worrry.

Click on Add button -->

Enter theIPp of another node and nsroot & password.

that's All. sync will take place for some time and primary node configuration will replace to secondary.

force sync operation can be performed from Action option in window according to need.

Thanks for reading the article and keep visiting.

Thanks

Amit Kumar Gupta

CCA in XenApp/XenDesktop/XenServer,Google Cloud Architect, MCSE, ITIL, Vmware Certified

Microsoft certified - Planning for Security Incident response.

https://www.linkedin.com/in/amit-kumar-gupta-5321a527/