-
Getting Started with Citrix ADC
-
Deploy a Citrix ADC VPX instance
-
Install a Citrix ADC VPX instance on Microsoft Hyper-V servers
-
Install a Citrix ADC VPX instance on Linux-KVM platform
-
Prerequisites for Installing Citrix ADC VPX Virtual Appliances on Linux-KVM Platform
-
Provisioning the Citrix ADC Virtual Appliance by using OpenStack
-
Provisioning the Citrix ADC Virtual Appliance by using the Virtual Machine Manager
-
Configuring Citrix ADC Virtual Appliances to Use SR-IOV Network Interface
-
Configuring Citrix ADC Virtual Appliances to use PCI Passthrough Network Interface
-
Provisioning the Citrix ADC Virtual Appliance by using the virsh Program
-
Provisioning the Citrix ADC Virtual Appliance with SR-IOV, on OpenStack
-
Configuring a Citrix ADC VPX Instance on KVM to Use OVS DPDK-Based Host Interfaces
-
-
Deploy a Citrix ADC VPX instance on Microsoft Azure
-
Network architecture for Citrix ADC VPX instances on Microsoft Azure
-
Configure multiple IP addresses for a Citrix ADC VPX standalone instance
-
Configure a high-availability setup with multiple IP addresses and NICs
-
Configure a high-availability setup with multiple IP addresses and NICs by using PowerShell commands
-
Configure HA-INC nodes by using the Citrix high availability template with Azure ILB
-
Configure address pools (IIP) for a Citrix Gateway appliance
-
-
Upgrade and downgrade a Citrix ADC appliance
-
Solutions for Telecom Service Providers
-
Load Balance Control-Plane Traffic that is based on Diameter, SIP, and SMPP Protocols
-
Provide Subscriber Load Distribution Using GSLB Across Core-Networks of a Telecom Service Provider
-
Authentication, authorization, and auditing application traffic
-
Configuring authentication, authorization, and auditing policies
-
Configuring Authentication, authorization, and auditing with commonly used protocols
-
Use an on-premises Citrix Gateway as the identity provider for Citrix Cloud
-
Troubleshoot authentication issues in Citrix ADC and Citrix Gateway with aaad.debug module
-
-
-
-
-
-
Persistence and persistent connections
-
Advanced load balancing settings
-
Gradually stepping up the load on a new service with virtual server–level slow start
-
Protect applications on protected servers against traffic surges
-
Retrieve location details from user IP address using geolocation database
-
Use source IP address of the client when connecting to the server
-
Use client source IP address for backend communication in a v4-v6 load balancing configuration
-
Set a limit on number of requests per connection to the server
-
Configure automatic state transition based on percentage health of bound services
-
-
Use case 2: Configure rule based persistence based on a name-value pair in a TCP byte stream
-
Use case 3: Configure load balancing in direct server return mode
-
Use case 6: Configure load balancing in DSR mode for IPv6 networks by using the TOS field
-
Use case 7: Configure load balancing in DSR mode by using IP Over IP
-
Use case 10: Load balancing of intrusion detection system servers
-
Use case 11: Isolating network traffic using listen policies
-
Use case 12: Configure Citrix Virtual Desktops for load balancing
-
Use case 13: Configure Citrix Virtual Apps for load balancing
-
Use case 14: ShareFile wizard for load balancing Citrix ShareFile
-
-
-
-
-
Authentication and authorization
-
-
Configuring a CloudBridge Connector Tunnel between two Datacenters
-
Configuring CloudBridge Connector between Datacenter and AWS Cloud
-
Configuring a CloudBridge Connector Tunnel Between a Datacenter and Azure Cloud
-
Configuring CloudBridge Connector Tunnel between Datacenter and SoftLayer Enterprise Cloud
-
Configuring a CloudBridge Connector Tunnel Between a Citrix ADC Appliance and Cisco IOS Device
-
CloudBridge Connector Tunnel Diagnostics and Troubleshooting
This content has been machine translated dynamically.
Dieser Inhalt ist eine maschinelle Übersetzung, die dynamisch erstellt wurde. (Haftungsausschluss)
Cet article a été traduit automatiquement de manière dynamique. (Clause de non responsabilité)
Este artículo lo ha traducido una máquina de forma dinámica. (Aviso legal)
此内容已经过机器动态翻译。 放弃
このコンテンツは動的に機械翻訳されています。免責事項
이 콘텐츠는 동적으로 기계 번역되었습니다. 책임 부인
Este texto foi traduzido automaticamente. (Aviso legal)
Questo contenuto è stato tradotto dinamicamente con traduzione automatica.(Esclusione di responsabilità))
This article has been machine translated.
Dieser Artikel wurde maschinell übersetzt. (Haftungsausschluss)
Ce article a été traduit automatiquement. (Clause de non responsabilité)
Este artículo ha sido traducido automáticamente. (Aviso legal)
この記事は機械翻訳されています.免責事項
이 기사는 기계 번역되었습니다.책임 부인
Este artigo foi traduzido automaticamente.(Aviso legal)
这篇文章已经过机器翻译.放弃
Questo articolo è stato tradotto automaticamente.(Esclusione di responsabilità))
Translation failed!
Persistence settings
You must configure persistence on a virtual server if you want to maintain the states of connections on the servers represented by that virtual server (for example, connections used in e-commerce). The appliance then uses the configured load balancing method for the initial selection of a server, but forwards to that same server all subsequent requests from the same client.
If persistence is configured, it overrides the load balancing methods once the server has been selected. If the configured persistence applies to a service that is down, the appliance uses the load balancing methods to select a new service, and the new service becomes persistent for subsequent requests from the client. If the selected service is in an Out Of Service state, it continues to serve the outstanding requests but does not accept new requests or connections. After the shutdown period elapses, the existing connections are closed. The following table lists the types of persistence that you can configure.
Persistence Type | Persistent Connections |
---|---|
Source IP, SSL Session ID, Rule, DESTIP, SRCIPDESTIP | 250K |
CookieInsert, URL passive, Custom Server ID | Memory limit. In case of CookieInsert, if time out is not 0, any number of connections is allowed until limited by memory. |
Table 1. Limitations on Number of Simultaneous Persistent Connections
If the configured persistence cannot be maintained because of a lack of resources on an appliance, the load balancing methods are used for server selection. Persistence is maintained for a configured period of time, depending on the persistence type. Some persistence types are specific to certain virtual servers. The following table shows the relationship.
Persistence TypeHeader 1 | HTTP | HTTPS | TCP | UDP/IP | SSL_Bridge |
---|---|---|---|---|---|
Source IP | YES | YES | YES | YES | YES |
CookieInsert | YES | YES | NO | NO | NO |
SSL Session ID | NO | YES | NO | NO | YES |
URL Passive | YES | YES | NO | NO | NO |
Custom Server ID | YES | YES | NO | NO | NO |
Rule | YES | YES | NO | NO | NO |
SRCIPDESTIP | N/A | N/A | YES | YES | N/A |
DESTIP | N/A | N/A | YES | YES | N/A |
Table 2. Persistence Types Available for Each Type of Virtual Server
You can also specify persistence for a group of virtual servers. When you enable persistence on the group, the client requests are directed to the same selected server regardless of which virtual server in the group receives the client request. When the configured time for persistence elapses, any virtual server in the group can be selected for incoming client requests.
Two commonly used persistence types are persistence based on cookies and persistence based on server IDs in URLs.
Configure persistence based on cookies
When you enable persistence based on cookies, the the Citrix ADC appliance adds an HTTP cookie into the Set-Cookie header field of the HTTP response. The cookie contains information about the service to which the HTTP requests must be sent. The client stores the cookie and includes it in all subsequent requests, and the ADC uses it to select the service for those requests. You can use this type of persistence on virtual servers of type HTTP or HTTPS.
The Citrix ADC appliance inserts the cookie <NSC_XXXX>= <ServiceIP> <ServicePort>
where:
- <<NSC_XXXX> is the virtual server ID that is derived from the virtual server name.
- <<ServiceIP> is the hexadecimal value of the IP address of the service.
- <<ServicePort> is the hexadecimal value of the port of the service.
If the useEncryptedPersistenceCookie
option is enabled, the ADC encrypts ServiceIP and ServicePort using the SHA2 hash algorithm when it inserts a cookie and decrypts when it receives a cookie.
Note: If the client is not allowed to store the HTTP cookie, the subsequent requests do not have the HTTP cookie, and persistence is not honored.
By default, the ADC appliance sends HTTP cookie version 0, in compliance with the Netscape specification. It can also send version 1, in compliance with RFC 2109.
You can configure a timeout value for persistence that is based on HTTP cookies. Note the following:
- <If HTTP cookie version 0 is used, the Citrix ADC appliance inserts the absolute Coordinated Universal Time (GMT) of the cookie’s expiration (the expires attribute of the HTTP cookie), calculated as the sum of the current GMT time on an ADC appliance, and the timeout value.
- <If an HTTP cookie version 1 is used, the ADC appliance inserts a relative expiration time (Max-Age attribute of the HTTP cookie). In this case, the client software calculates the actual expiration time.
Note: Most client software currently installed (Microsoft Internet Explorer and Netscape browsers) understand HTTP cookie version 0; however, some HTTP proxies understand HTTP cookie version 1.
If you set the timeout value to 0, the ADC appliance does not specify the expiration time, regardless of the HTTP cookie version used. The expiration time then depends on the client software, and such cookies are not valid if that software is shut down. This persistence type does not consume any system resources. Therefore, it can accommodate an unlimited number of persistent clients.
An administrator can change the HTTP cookie version.
To change the HTTP cookie version by using the CLI
At the command prompt, type;
set ns param [-cookieversion ( 0 | 1 )]
<!--NeedCopy-->
Example:
set ns param -cookieversion 1
<!--NeedCopy-->
To change the HTTP cookie version by using the GUI
- <Navigate to System > Settings.
- <In the details pane, click Change HTTP Parameters.
- <In the Configure HTTP Parameters dialog box, under Cookie, select Version 0 or Version 1.
Note: For information about the parameters, see Configure persistence based on cookies.
To configure persistence based on cookies by using the CLI
At the command prompt, type the following commands to configure persistence based on cookies and verify the configuration:
set lb vserver <name> -persistenceType COOKIEINSERT
show lb vserver <name>
<!--NeedCopy-->
Example:
set lb vserver vserver-LB-1 -persistenceType COOKIEINSERT
Done
show lb vserver vserver-LB-1
vserver-LB-1 (10.102.29.60:80) - HTTP Type: ADDRESS
.
.
.
Persistence: COOKIEINSERT (version 0)
Persistence Timeout: 2 min
.
.
.
Done
<!--NeedCopy-->
To configure persistence based on cookies by using the GUI
- Navigate to Traffic Management > Load Balancing > Virtual Servers.
- In the details pane, select the virtual server for which you want to configure persistence (for example, vserver-LB-1), and then click Open.
- In the Configure Virtual Server (Load Balancing) dialog box, on the Method and Persistence tab, in the Persistence list, select COOKIEINSERT.
- In the Time-out (min) text box, type the time-out value (for example, 2).
- Click OK.
- Verify that the virtual server for which you configured persistence is correctly configured by selecting the virtual server and viewing the Details section at the bottom of the pane.
Configure persistence based on server IDs in URLs
The Citrix ADC appliance can maintain persistence based on the server IDs in the URLs. In a technique called URL passive persistence, the ADC extracts the server ID from the server response and embeds it in the URL query of the client request. The server ID is an IP address and port specified as a hexadecimal number. The ADC extracts the server ID from subsequent client requests and uses it to select the server.
URL passive persistence requires configuring either a payload expression or a policy infrastructure expression specifying the location of the server ID in the client requests. For more information about expressions, see Policy Configuration and Reference.
Note: If the server ID cannot be extracted from the client requests, server selection is based on the load balancing method.
Example: Payload Expression
The expression, URLQUERY contains sid= configures the system to extract the server ID from the URL query of a client request, after matching token sid=. Thus, a request with the URL http://www.citrix.com/index.asp?\&sid;=c0a864100050
is directed to the server with the IP address10.102.29.10 and port 80.
The timeout value does not affect this type of persistence, which is maintained as long as the server ID can be extracted from the client requests. This persistence type does not consume any system resources, so it can accommodate an unlimited number of persistent clients.
Note: For information about the parameters, see Load Balancing.
To configure persistence based on server IDs in URLs by using the CLI
At the command prompt, type the following commands to configure persistence based on server IDs in URLs and verify the configuration:
set lb vserver <name> -persistenceType URLPASSIVE
<show lb vserver <name>
<!--NeedCopy-->
Example:
set lb vserver vserver-LB-1 -persistenceType URLPASSIVE
Done
show lb vserver vserver-LB-1
vserver-LB-1 (10.102.29.60:80) - HTTP Type: ADDRESS
.
.
.
Persistence: URLPASSIVE
Persistence Timeout: 2 min
.
.
.
Done
<!--NeedCopy-->
To configure persistence based on server IDs in URLs by using the GUI
- Navigate to Traffic Management > Load Balancing > Virtual Servers.
- In the details pane, select the virtual server for which you want to configure persistence (for example, vserver-LB-1), and then click Open.
- In the Configure Virtual Server (Load Balancing) dialog box, on the Method and Persistence tab, in the Persistence list, select URLPASSIVE.
- In the Time-out (min) text box, type the time-out value (for example, 2).
- In the Rule text box, enter a valid expression. Alternatively, click Configure next to the Rule text box and use the Create Expression dialog box to create an expression.
- Click OK.
- Verify that the virtual server for which you configured persistence is correctly configured by selecting the virtual server and viewing the Details section at the bottom of the pane.
Share
Share
This Preview product documentation is Cloud Software Group Confidential.
You agree to hold this documentation confidential pursuant to the terms of your Cloud Software Group Beta/Tech Preview Agreement.
The development, release and timing of any features or functionality described in the Preview documentation remains at our sole discretion and are subject to change without notice or consultation.
The documentation is for informational purposes only and is not a commitment, promise or legal obligation to deliver any material, code or functionality and should not be relied upon in making Cloud Software Group product purchase decisions.
If you do not agree, select I DO NOT AGREE to exit.