Month: May 2012

With NetScaler VPX 10 now released I thought I’d upgrade the HA pair I’ve configured for the recent articles on the site.

Needless to say the pocess is fairly quick and fairly simple, click the jump to read more.

Following the XenApp 6.5 deployment in my previous article I thought I’d detail how to configure Access Gateway for Storefront 1.1, I’ll also leverage the Load Balancer I configured in a previous article so essentially users will be able to login remotely using Access Gateway, then be Load Balanced by the NetScaler to an appropriate StoreFront Server on your internal network.

This article assumes you have deployed the NetScaler Appliance (instructions here) and configured basic Network Settings including a DNS Nameserver.

In this article I’ll cover setup of an internal NetScaler VPX Load Balancer for Storefront 1.1. Note that this configuration will also work with Storefront 1.0, just the Storefront MMC snap-in doesn’t work as-of the 1st April this year!

Use the following article to install and configure Storefront for internal use first.

In this article I’ll briefly cover the deployment of XenApp 6.5 alongside the Citrix Licensing Server configuration, this is very much geared towards an article that I’m working on at the moment for Citrix Access Gateway (NetScaler VPX based) configuration for Storefront 1.1 and also Local Balancing Storefornt via the NetScaler VPX appliance.

This article is a natural progression of the recent serieis of articles I have published on deployment and configuration of NetScaler VPX devices for load balancing Exchange 2010:

• • NetScaler : Load Balancing Exchange 2010
  • NetScaler : Configuring High Availability

What are VMACs are why use them?

VMAC’s are a useful addition in the NetScaler high availability tool set. In brief a VMAC creates a virtual MAC address that can ‘failover’ between devices. VMACs can be used to compliment the built-in HA or to create an active/active NetScaler pair.

By virtualising the MAC address there is no drop in network connectivity during failovers as the MAC address is shared across NetScaler devices – this means that the CAM table in the upstream switches does not require any update. As a result, failovers between NetScaler devices should be faster and less intrusive with regards to user sessions/connections.

VMAC’s work using a ‘priority’ – the higher priority determines ownership of the VMAC between devices. In a NetScaler HA configuration the priority of the VMAC between devices is the same, without HA it is configurable. For example if we had two NetScalers not using HA, NS1 and NS2, and a single VMAC configured on each we could set NS1 to have a priority of 100 and NS2 to have a priority of 90. NS1 would have ‘ownership’ of the VMAC because of its higher priority.

There are a couple of options when configuring VMAC’s:

1. If you are using the built-in NetScaler HA then you will continue to get Active/Passive HA
2. If you chose not to use the built-in HA feature then you can get Active/Active HA

One key benefit of using HA as well is that it synchronises the session tables across devices, without HA a failover of VMACs will disconnect Outlook Web Access users as their sessions is lost at failover, with HA sessions are kept, there is just a brief interruption to the user before they can carry on.

It is also possible to assign a VMAC to a single IP address, or group multiple IP addresses into a single VMAC. The first option allows for granularity when assigning ownership as you can assign each VMAC to a device of your choice whereas grouping the IP’s into a single VMAC reduces configuration but also reduces the options you have for splitting traffic. One option could be to group the IP’s into VMACs that represent services, so if you are load balancing multiple services via your NetScalers create a VMAC per service, i.e. Exchange 2010, Citrix Access Gateway etc.