Professional Documents
Culture Documents
CNS-218-3I 05 Load Balancing v3.01
CNS-218-3I 05 Load Balancing v3.01
x Essentials
Load-Balancing 1 2
3 (Least Loaded)
Service WEB-1
Overview Client
Router
Citrix ADC
(HTTP)
Service-WEB-2
Load-Balancing
1
Process
Server
Back-End
Server
Monitor
Internet
Citrix ADC
Virtual Servers
Services
Servers
Persistency Groups
Servers
Persistency Groups
Virtual Servers
Persistency Groups
10
© 2019 Citrix Authorized Content
Entities: Service Monitors
Load Balancing Entities
Virtual Servers
Persistency Groups
11
© 2019 Citrix Authorized Content
Entities Servers
Load Balancing Entities
Virtual Servers
Servers represent any host defined by an IP
address, or a hostname, and contains
Services
connection information for the resource or
server.
Service Groups
Servers are:
• Typically bound to a Service or Service Group. Monitors
• A single server object that can have any number of
services associated with it. Metric Tables
• Optionally assigned a friendly name and comment during
configuration.
Servers
• Either manually created or automatically instantiated
when creating a service.
Persistency Groups
12
© 2019 Citrix Authorized Content
Entity Binding
Entities can be created Binding
Monitor
independently on Citrix ADC.
• They become usable when bound Service Server
Back-End
to another entity. Binding Binding Server
Monitor
• Below are supported bindings:
• Servers are bound to Services. Virtual Service Server
Server Back-End
• Monitors are bound to Services. Server
Client
• Services are bound to VServers.
Citrix ADC
13
© 2019 Citrix Authorized Content
• Discuss a scenario in which you need to load balance an
application in your environment.
• What would be the virtual IP, Service IP, port, and protocol
used to configure on Citrix ADC?
Group Discussion
14
© 2019 Citrix Authorized Content
Load-Balancing Methods and Monitors
15
© 2019 Citrix Authorized Content
Load-Balancing Methods
16
© 2019 Citrix Authorized Content
Load-Balancing
Method: Least • The Least Connections load-balancing method sends every
Connection new incoming connection to the service that currently has
the fewest client connections.
• Least Connections is the default load-balancing algorithm
and is associated with a newly created VServer, unless it is
changed.
17
© 2019 Citrix Authorized Content
Load-Balancing
Method: Round • Round robin distributes traffic based on a server-rotation
system, regardless of load.
Robin • This method is sufficient if all requests result in the same
load on servers.
• It is recommended that a more robust load-balancing
method be used based on metrics.
18
© 2019 Citrix Authorized Content
Load-Balancing Method: Advanced Methods
Some advanced load-balancing methods include hashing algorithms, which ensure minimal
disruption services are added or removed from a load-balancing configuration.
Below are some hash load-balancing methods that can be used:
• URL hash method
• Domain hash method
• Destination IP hash method
• Source IP hash method
• Source IP Destination IP hash method
• Source IP Source Port hash method – use case: connection mirroring and firewall load balancing
• Call ID hash method – use case: SIP load balancing
• Token-based load balancing
19
© 2019 Citrix Authorized Content
Slow Start
• During the start-up of a virtual server, or whenever the state of a virtual server changes, the
virtual server can initially use the round-robin method to distribute the client requests
among the physical servers.
• After using the round-robin method at the start-up, the virtual server switches to the load-
balancing method specified on the virtual server.
• This helps prevent unnecessary load on a single server, as the initial requests are served.
20
© 2019 Citrix Authorized Content
Virtual Server-Level Slow Start
• You can configure the Citrix ADC appliance to gradually increase the load on a service
immediately after the service is either added to a load balancing configuration, or has a state
change from DOWN to UP.
• You can either increase the load manually with load values and intervals of your choice
(manual slow start), or configure the appliance to increase the load at a specified interval
(automated slow start) until the service is receiving as many requests as the other services in
the configuration.
• Unlike standard slow start, which goes into Round Robin method, during the ramp-up period
for the new service, the appliance uses the configured load balancing method.
• This functionality is not available globally. It has to be configured for each virtual server.
21
© 2019 Citrix Authorized Content
Default Monitors
• Monitors periodically probe the servers in the service or service group member to which they
are bound and update the state of the service groups.
• When creating a service or service group, the default monitor of the type appropriate for the
group is automatically bound and can be one of the following:
• TCP-default
• Ping-default
22
© 2019 Citrix Authorized Content
Monitor Standard Parameters
• Monitors have standard parameters that define the behaviour of the monitor as it probes the
back-end server to determine its health. All monitors have the same available standard
parameters.
• Below are some of the common parameters that can be configured:
• Interval
• Response Time-out
• Down Time
• Retries
• Resp Time-out Threshold
• Success Retries
• Failure Retries
23
© 2019 Citrix Authorized Content
• What types of services do you have in your environment
where you can implement load balancing?
• Which load-balancing methods would you consider?
Group Discussion
24
© 2019 Citrix Authorized Content
Several types of monitors are available on Citrix ADC:
• Built-in monitors
Service and • Basic connectivity monitors
Service Group • ECV – Extended Content Verification
Monitor Types • EAV – Extended Application Verification
• Scriptable monitors
25
© 2019 Citrix Authorized Content
• The Citrix ADC system contains a number of built-in
monitors that can be utilized to monitor services.
• These built-in monitors handle most of the common
Built-In Monitors protocols.
• The built-in monitors cannot be removed, and it is
necessary to bind a built-in monitor to a service and
unbind it from the service.
• Some built-in monitors will not function unless modified.
26
© 2019 Citrix Authorized Content
• Extended Content Verification (ECV) monitors are used
when a response from a service is matched against an
expected response string.
• ECV monitors are used for verifying content. We support
the following:
Extended Content • HTTP-ECV
• HTTPS-ECV
Verification (ECV) • TCP-ECV
Monitoring • TCPS-ECV
• UDP-ECV
• MYSQL-ECV
• MSSQL-ECV
• ORACLE-ECV
27
© 2019 Citrix Authorized Content
Here are a few of the built-in monitor types you can use to
monitor service dependencies:
Extended • DNS
Application • FTP
Monitors (EAV) • HTTP
• RADIUS
• SIP
• CITRIX-XML-SERVICE
• DIAMETER
• RTSP
28
© 2019 Citrix Authorized Content
• Some monitors can be modified via pre-configured scripts
Scriptable to evaluate the health of your environment.
Monitors • Below are examples of scriptable monitors:
• MYSQL
• LDAP(S)
• POP3/IMAP
• SNMP
• NNTP
• Custom Citrix services
29
© 2019 Citrix Authorized Content
Scriptable Monitors
Monitor
30
© 2019 Citrix Authorized Content
Persistence and Persistence Connections
• Persistence overrides the load-balancing method and routes to the same service all
connections from the same user.
• Even though all of the transmissions are part of the same session, unless persistence is
configured, different transmissions from the same client might be directed to different
servers.
• Backup persistence can also be configured, this takes effect in the event that the primary
type of persistence configured for a load-balancing virtual server fails.
31
© 2019 Citrix Authorized Content
• Session persistence methods are determined based on the
method assigned to the service.
• Common persistence methods include:
Session • COOKIEINSERT
Persistence • SOURCEIP
Methods • SSLSESSION
• URLPASSIVE
• CUSTOMSERVERID
• RULE
32
© 2019 Citrix Authorized Content
• Session persistence information for each session is stored
on the Citrix ADC system in a persistence table.
Persistence
• Using the CLI or Configuration Utility, the following list of
Tables items can be viewed from the persistence table:
• Persistence type
• Source IP address
• Destination IP address
• Destination port
• Virtual server name
33
© 2019 Citrix Authorized Content
Persistence Group Configuration
• To create a virtual server group, you bind
different types of virtual servers into a single
group. HTTP SSL
accepts.
• A persistence type can be configured for the
entire group.
HTTP HTTP
services
34
© 2019 Citrix Authorized Content
If sessions fail to time out, view persistence sessions or
clear persistence sessions from Citrix ADC.
Utilize the CLI or GUI to manage user sessions and perform
the following tasks:
Persistence
• View the persistence table.
Sessions
• Clear all sessions for all virtual servers at once.
• Clear all sessions for a given virtual server at once.
35
© 2019 Citrix Authorized Content
When is session persistence required in the Citrix ADC
environment?
Group Discussion
36
© 2019 Citrix Authorized Content
Different Load-Balancing Traffic Types
37
© 2019 Citrix Authorized Content
Load-Balancing • Intelligently process and direct most traffic types with
Citrix ADC Load Balancing.
Deployments
• Citrix ADC load-balancing deployments:
• Support most protocols available.
• Create custom TCP/UDP port combinations.
• Do not require bound entities to be of the same traffic type.
38
© 2019 Citrix Authorized Content
Common Load Balancing Deployments
You can configure a load-balancing virtual
server to support any number of traffic types,
such as:
• Application protocols Protocol:80
• Session protocols
• General traffic VServer
Services
39
© 2019 Citrix Authorized Content
L7 Load Balancing – Application Protocols
• Citrix ADC is a L4-L7 ADC with the ability to understand and provide load balancing for most
application-level protocols.
• Below is a list of the most commonly used application protocols:
• Web servers and web applications (HTTP/SSL)
• DNS (TCP and UDP)
• DataStream (MSSQL, MYSQL and Oracle)
• Authentication (LDAP, Radius)
• Multi-Media (SIP, RTSP)
• File Transfer (FTP, TFTP)
40
© 2019 Citrix Authorized Content
Load Balancing HTTP/HTTPs
• HTTP load balancing is request based:
• A new service is chosen for each HTTP request, independent of TCP connections.
• As with all HTTP requests, after the Web server fulfils the request, the connection is closed.
• Even though all of the transmissions are part of the same session, without persistence load
balancing, a stateless protocol such as HTTP, can be difficult to run.
• Different transmissions from the same client may be directed to different servers.
41
© 2019 Citrix Authorized Content
Load Balancing HTTP/HTTPs
Citrix ADC Configuration
Service:
HTTP/SSL
VServer:
HTTP/SSL HTTP
Suggested Monitors:
http, http-ecv, http-inline, https
and https-ecv
Suggested Persistence:
cookie-insert Services
LB Method
Any
Load-balancing web servers and web applications provides acceleration and improves user
experience.
42
© 2019 Citrix Authorized Content
• Some common special parameters that can be configured
when monitoring the HTTP protocol include:
• HTTP Request
43
© 2019 Citrix Authorized Content
Load Balancing DNS
• Load balancing DNS using Citrix ADC can Citrix ADC Configuration
LB Method
Any
44
© 2019 Citrix Authorized Content
The special parameters for the DNS and DNS-TCP monitor
can be configured as follows:
DNS Monitoring
• Query
• Query type
• IP
45
© 2019 Citrix Authorized Content
DataStream Load Balancing
• The DataStream feature provides an Citrix ADC Configuration
Service:
intelligent mechanism for request switching MySQL or MSSQL
Any available
• Benefits of DataStream load balancing Persistence
include: LB Method
Least Connection
• SQL connection offload
• SQL Multiplexing
46
© 2019 Citrix Authorized Content
Database Load Balancing: Configure Database User
• The database user name and password on the Citrix ADC system must be configured by the
administrator.
• Citrix ADC uses these user credentials to authenticate the clients and then authenticate the
server connections with the database servers:
• Names are case sensitive.
• Ensure the same user is also configured on the database.
47
© 2019 Citrix Authorized Content
Database Scaling Issues
Performance Scalability
• Solutions to scale database performance cost • SQL-intelligent load balancing is not available;
effectively are lacking. load balancing is TCP-based.
• Connection capacity does not scale linearly for • Suitably robust application-level health checks
MS SQL Server. are lacking.
• Applications are getting more complex and • Use of complex scripts results in downtime and
data dependent. operational expenditures when database
clients or servers are added or removed.
• Database server resources are not used
properly.
48
© 2019 Citrix Authorized Content
Configuring Load • At least one service for each database server in the load-
balancing group must be created.
Balancing for • Once services are configured, a load-balancing virtual
DataStream server can be created and services bound to the virtual
server.
49
© 2019 Citrix Authorized Content
Configuring • In databases, a connection is always stateful, which means
that when a connection is established, the database must
Monitors for be authenticated.
DataStream • MYSQL is a scriptable monitor.
• Special parameters that can be configured for MSSQL-ECV
and MYSQL-ECV:
• Username
• Database
• Query
50
© 2019 Citrix Authorized Content
• Citrix ADC is an L4-L7 ADC. It has the ability to understand
L4 Load- and provide session-based load balancing.
Balancing • Some supported session protocols include:
Session Protocols • TCP
• UDP
• SSL_TCP
51
© 2019 Citrix Authorized Content
Load Balancing TCP
• If LDAP is running in your environment, you Citrix ADC Configuration
Persistence
NONE LDAP Monitor - 389
LB Method:
Any
52
© 2019 Citrix Authorized Content
Lightweight
Directory Access
• Create an L7 LDAP monitor and bind it to the LDAP
Protocol services, or service group, to monitor the health of LDAP in
Monitoring the environment.
• When looking for a successful response, the LDAP monitor
logs on to LDAP and performs a query.
• When using LDAPS, ensure that “secure” is selected on the
LDAP monitor.
53
© 2019 Citrix Authorized Content
Citrix ADC Configuration
Service:
UDP
VServer:
UDP
Suggested Monitors:
Ping-default
54
© 2019 Citrix Authorized Content
• For general traffic, it is possible to utilize ANY for the
protocol and a wildcard (*) for the port.
General • Typical use cases:
Load-Balancing • Link load balancing (LLB): LLB balances outbound traffic across multiple
Protocols Internet connections provided by different service providers. LLB enables the
Citrix ADC appliance to monitor and control traffic so that packets are
transmitted seamlessly over the best possible link. Unlike with server load
balancing, where a service represents a server, with LLB, a service represents
a router or the next hop. A link is a connection between the Citrix ADC
appliance and the router.
• IDS load balancing: To enable the Citrix ADC appliance to support load
balancing of intrusion detection system (IDS) servers, the IDS servers and
clients must be connected through a switch that has port mirroring enabled.
55
© 2019 Citrix Authorized Content
Advanced Monitoring and Third-Party
Service Deployment
56
© 2019 Citrix Authorized Content
Load Balancing: Enterprise Applications
• When deploying Citrix ADC with a third-party server, customize the Citrix ADC configuration
for better integration with these products.
• Citrix has created deployment guides for frequently used enterprise applications, like the
ones shown below:
• Microsoft Lync Server • Amazon Web Services
• Exchange/Outlook Web Access • Office 365
• SharePoint • Palo Alto
• Office Communication Server • Cisco ACI
• Microsoft Intune • Cisco Nexus
• Forefront TMG • Cisco VMDC
• Azure
57
© 2019 Citrix Authorized Content
Storefront
Citrix-XML-Service
Citrix-Web-Interface
Citrix-AG
Citrix Services Monitors
Citrix-AAC-LoginPage
Citrix ADC can intelligently monitor a
variety of Citrix Applications using pre-built Citrix-AAC-LAS
Layer 7 monitors for Citrix Services.
Citrix-XD-DDC
Citrix-WI-Extended
Citrix-XNC-ECV
Citrix-XDM
58
© 2019 Citrix Authorized Content
Inline • An inline monitor determines that the service to which it is
Monitoring bound is UP by checking its responses to the requests that
are sent to it.
• When no client requests are sent to the service, the inline
monitor probes the service by using the configured URL.
59
© 2019 Citrix Authorized Content
• If the no-monitor option is set, the system does not send
No-Monitor probes to check the health of the service and displays its
status as UP.
Option for
• Even if the service goes down, the system continues to
Services send traffic from the client to the service as specified by
the load-balancing method.
60
© 2019 Citrix Authorized Content
Can you think of a use case in which the No Monitor option
might be useful?
Group Discussion
61
© 2019 Citrix Authorized Content
Reverse Condition Monitoring
Reverse condition monitoring detects
whether a service is DOWN instead of UP:
• This is useful when looking for error
conditions.
• When the monitor probes and gets an error,
it takes the service DOWN.
62
© 2019 Citrix Authorized Content
Advanced Service Configuration Options
63
© 2019 Citrix Authorized Content
Disabling Services
• When a service is disabled, it can be configured with a wait time (in seconds), during which
the service continues to handle established connections but rejects new ones before
completely shutting down.
• If a wait time is not configured, the service shuts down immediately.
64
© 2019 Citrix Authorized Content
Graceful Shutdown of
Services
When the graceful shutdown option is
selected, a service is only disabled when all
the established connections are closed,
either by the server or by the client.
65
© 2019 Citrix Authorized Content
In addition to configuring virtual servers, it is possible to
configure advanced settings for services such as:
66
© 2019 Citrix Authorized Content
• In a load-balancing configuration, assign weights to
services to indicate the percentage of traffic that should be
sent to each service.
• Service weights can be configured for the following load-
balancing methods:
Service Weights • Least Connections
• Round Robin
• Least Bandwidth
• Least Packets
• Least Response Time
67
© 2019 Citrix Authorized Content
• A net profile (or network profile) contains an IP address or
an IP set.
• A net profile can be bound to:
• Load-balancing virtual servers
Network Profile • Content-switching virtual servers
• Services
• Service groups
• Monitors
68
© 2019 Citrix Authorized Content
Network Profile Network profiles can be used to:
Use Cases • Separate server farms.
• Isolate monitoring and client traffic.
• Identify multiple data paths on the server side.
69
© 2019 Citrix Authorized Content
In what scenarios would you want to use graceful shutdown
of services?
Lesson
Objective Review
70
© 2019 Citrix Authorized Content
In what scenarios would you want to use graceful shutdown
of services?
71
© 2019 Citrix Authorized Content
Load-Balancing Protection
72
© 2019 Citrix Authorized Content
Protect load-balancing setup against failure by:
Load-Balancing • Redirecting excess traffic to an alternate URL.
Configuration • Configuring a backup load-balancing virtual server.
Protection • Configuring stateful connection failover.
73
© 2019 Citrix Authorized Content
• In addition to taking over for a primary virtual server when
Diverting Excess it becomes unavailable, a backup load-balancing virtual
server can handle excess traffic when the primary virtual
Traffic to a server reaches its limit.
Backup Virtual • Four types of spillover can be configured:
• Connection-based spillover
Server • Dynamic spillover
• Bandwidth-based spillover
• Health
74
© 2019 Citrix Authorized Content
Failover It is possible to configure the connection failover in either
stateless or stateful mode:
Configuration • This allows for the connection table to be replicated on
both the members of a Citrix ADC high-availability pair.
• This prevents disruption when a failover event occurs since
the connection table is mirrored on both nodes.
75
© 2019 Citrix Authorized Content
• To have more control in your load-balancing environment,
Advanced Load- some advanced load balancing options are available.
Balancing • These include:
• Max Client
Options • Max Bandwidth
• Down State Flush
76
© 2019 Citrix Authorized Content
• It is possible to delete a server, service, service group, or
Removing Load- virtual server when it is no longer used.
Balancing • When a service or server is deleted:
Entities • It is unbound from its service or virtual server.
• It is deleted from the Citrix ADC configuration.
77
© 2019 Citrix Authorized Content
Outbound traffic Outbound traffic
Through ISP1 Through ISP2
ISP1R_svc_any ISP2R_svc_any
10.10.10.254 LB Service LB Service 20.20.20.254
78
© 2019 Citrix Authorized Content
Discuss on deploying the LB protection methods in your
environment, and how will these methods help in achieving
a stable environment.
Group Discussion
79
© 2019 Citrix Authorized Content
Troubleshooting Load Balancing
80
© 2019 Citrix Authorized Content
Load-Balancing The following load-balancing issues that may be
encountered in Citrix ADC include:
Issues • Services or virtual IP (VIP) flapping.
• Uneven load balancing.
• Slow responses when accessing applications through the
VIP.
81
© 2019 Citrix Authorized Content
The following items should be checked when trying to
explain and diagnose uneven load balancing:
• Slow start of Citrix ADC.
Uneven Load • Persistence is enabled.
Balancing • Inconsistent server performance.
• Service weights.
82
© 2019 Citrix Authorized Content
• Flapping occurs when a service or virtual server alternates
between showing as UP and DOWN.
Service or Virtual • A service most likely flaps because its monitors are failing.
Server Flapping • Correct the issue by troubleshooting monitor failure (i.e.
network latency or an incorrect monitor bound).
83
© 2019 Citrix Authorized Content
Inaccessible Content
If content located behind the Citrix ADC system is inaccessible, the following questions can aid
in troubleshooting and solving the issue:
• Have configuration changes been made to servers or network devices?
• Have configuration changes been made to server, service, or virtual server objects?
• Can the site be accessed directly (for example, bypassing the Citrix ADC system)?
• Can the server and port be accessed using Telnet?
84
© 2019 Citrix Authorized Content
Testing of
Ensure proper network connectivity between Citrix ADC and
Network back-end resources by testing the network connectivity from
Connectivity Citrix ADC through a firewall to the Internet or intranet.
• Example: For intranet connections, it is possible to
Through a configure a service object referencing the server or port,
Firewall and test the connection.
85
© 2019 Citrix Authorized Content
Load-Balancing Visualizer
86
© 2019 Citrix Authorized Content
• Ex 5-1: Load Balancing HTTP
• Ex 5-2: Load Balancing DNS
• Ex 5-3: Load Balancing LDAP
Lab Exercise • Ex 5-4: Load Balancing MYSQL Databases
87
© 2019 Citrix Authorized Content
• Citrix ADC can intelligently load balance and monitor
almost any application.
• An entity must be bound to other entities to successfully
Key Takeaways provide load-balancing support.
• Servers, services, monitors, and virtual servers are the
main entities in a load-balancing configuration.
88
© 2019 Citrix Authorized Content
Work better. Live better.
89
© 2019 Citrix Authorized Content