Today, I want to spend few minutes to familiarize you with some of the major Load Balancing and Web Acceleration enhancements that we have integrated in NetScaler 10. My hope is that you get to play/try these features before you arrive at Synergy so that you can ask pertinent questions and get clarification from our top-notch engineering staff.
Key Load Balancing and Web Acceleration features in NetScaler 10:
DBS Auto-scaling ServiceGroup
NetScaler 10 now supports the DBS based auto-scaling for service group. With AutoScale (-autoScale YES), all the IPs received in the DNS response will be used to populate serviceGroup member based on server reachability. You can dynamically shrink or expand service group members based on DNS responses.
For more information, see “Configuring Automatic Domain Based Service Group Scaling” in the “Load Balancing” chapter of the Citrix NetScaler Traffic Management Guide.
String based Custom server-id persistence
With the new release, NetScaler allows string based id to have meaningful/readable (string based) server ids. The string can have up to 47 characters and contain alphanumeric characters and dashes.
For more information, see “Custom Server ID Persistence” in the “Load Balancing” chapter of the Citrix NetScaler Traffic Management Guide.
Rule persistence support for TCP/SSL_TCP
NetScaler 10 allows administrators to define persistence for TCP/SSL_TCP protocol based on TCP/IP protocol data and Layer 2 information. User can define persistence based on :
CLIENT.TCP.PAYLOAD(100).BEFORE_STR(“ccc”).AFTER_STR(“aaa”) MAC/VLAN/Interface/Src port/Dest port
For more information about rule based persistence, see “Configuring Persistence Based on User-Defined Rules” in the “Load Balancing” chapter of the Citrix NetScaler Traffic Management Guide.
DNS TXT RR support
NetScaler DNS implementation will now support DNS TXT Record type. [add dns txtRec n1.com …]. The most common use of TXT records is to store SPF records that allow mail servers to implement the SPF (Sender Policy Framework) support. SPF is used to prevent spam/email sender spoofing by having mail domains specify which server/s a mail can be sent from if it is an email from their domain.
For more information, see “Creating TXT Records for Holding Descriptive Text” in the “Domain Name System” chapter of the Citrix NetScaler Traffic Management Guide.
Preferred backup list for Static Proximity
One can now specify the list of preferred GSLB backup locations when the primary location service is DOWN. The required behaviors can be achieved by configuring proper DNS Policies and action.
For more information, see “Overriding Static Proximity Behavior by Configuring Preferred Locations” in the “Global Server Load Balancing” chapter of the Citrix NetScaler Traffic Management Guide.
Rewrite NXDOMAIN response with configured IP
NetScaler 10 allows you to rewrite a NXDOMAIN response. If NetScaler is in DNS Proxy mode and backend returns NXDOMAIN response, the appliance can be configured to return a user defined IP(s).
Telcos and ISPs can especially leverage this feature to generate additional revenue. E.g., if a user type citriz.com and it turns out that this does not resolve in DNS, the ISP doesn’t have to return an error to user’s browser, but rather return that page as an advertisement and a link to their own search engine etc.
For more information about configuring a DNS action, configuring a DNS policy, and binding a DNS policy, see “Configuring DNS Actions,” “Configuring DNS Policies,” and “Binding DNS Policies,” respectively, in the “Global Server Load Balancing” chapter of the Citrix NetScaler Traffic Management Guide.
Vserver Level Slow Start fine tuning
You can configure the NetScaler appliance to gradually increase the load on a service (the number of requests that the service receives per second) immediately after the service is either added to a load balancing configuration or has a state change from DOWN to UP. You can either increase the load manually with load values and intervals of your choice (manual slow start) or configure the appliance to increase the load at a specified interval (automated slow start) until the service is receiving as many requests as the other services in the configuration.
For more information, see “Gradually Stepping Up the Load on a New Service withVirtual Server–Level Slow Start” in the “Load Balancing” chapter of the Citrix NetScaler Traffic Management Guide.
Flush SurgeQ without having to disable the service.
With the new release, NetScaler allows to flush the SurgeQ without affecting active client transaction.
:to Flush SurgeQ for all service entities on NS
flush surgeQueue -name [vserver_name/service_name/servicegr_name]
:to Flush SurgeQ per-entity
For more information, see the “Surge Protection” chapter of the Citrix NetScaler Application Security Guide.
Multiple Firewall Load Balancing vserver support
In a firewall load balancing setup in which a set of firewalls is configured on both sides (upstream and downstream) of the NetScaler appliance, if traffic is coming though one set of firewalls (for example, upstream), you can now perform load balancing on the other set of firewalls (for example, downstream).
set lb parameter -vServerSpecificMac ENABLED; This parameter is DISABLED by default.
SIP Expression Support
The NetScaler expressions language now contains a number of new expressions for Session Initiation Protocol (SIP) connections. These expressions are intended for use in policies for any supported protocol that operates on a request/response basis, such as application firewall, content switching, rate limiting, and responder policies. The header format used by the SIP protocol is similar to that used by the HTTP protocol, so many of the new expressions look and function much like their HTTP analogs. The NetScaler operating system currently supports only SIP over UDP, so the new expressions conform to that.
For more information, see the Citrix NetScaler Policy Configuration and Reference Guide.
Multi part byte range support
The integrated cache can now serve partial content from the cache in response to multipart byte-range requests. Therefore, you can now specify multiple ranges of content to be served. For example, you can specify that, within 1024 bytes of content, the content of bytes 50-100 and bytes 450-700 is to be served in one request.
If you have any follow-up question or need more details on feature or its use-case, I strongly encourage that you use the comments field to reach out to me. I would be more than happy to talk (brag!) about the new features.
Thank you and look forward to our next blog on ‘What’s new in NetScaler 10 under Security’!