Solved

How to Plan a hot Standby Gateway server for Citrix

Posted on 2013-11-19
4
392 Views
Last Modified: 2016-10-25
Hi Experts,

We have three Xenapp farms(Xenapp 4.5 and 5.0 on windows 2003 and one Xenapp 6.5 on 2008R2) at present.

All the users are connecting to Citrix via Citrix Secure Gateway. This server is on VMware with Windows 2003 OS.

We want to create another Gateway server which will act as a Hot Standby or as a load balance. Our aim is to reduce any single point of failure for getting into Citrix farms.

Can you please guide me what should be the best solutions. We dont want to invest on Netscaler at this time.

Also what about the Windows load balance options? We are into planning stage and thus we can consider anything that will suite our goal.
0
Comment
Question by:bubaibhatta
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 26

Expert Comment

by:Tony Johncock
ID: 39658710
Hi

You can indeed use NLB althought ideally it should be a hardware based load balancer.

There are some details on how to configure HA for Secure Gateway here:

http://support.citrix.com/proddocs/topic/xenapp5fp-w2k3/sg-high-availability-planning-v2.html

You don't necessarily need a Netscaler by the way - you may want to investigate CAG's (Citrix Access Gateways). You can get VPX editions which are virtual appliances (as indeed, you can get NS VPX's) which tend to be considerably less expensive than their physical counterparts.
0
 
LVL 7

Expert Comment

by:Jayanta Sarmah
ID: 39663216
Well if you are planning for load balancing the Secure Gateways , you will require a load balancing option like Windows Load balancing/F5 etc as you mentioned.

But if you simply require a Hot standby configuring DNS round robin should be good enough to ensure if user session fails on the first Secure Gateway it redirects to the Second , although preferance will be always to have it controlled through NLB / F5 etc if you already have it.

Looking at your objective to avoid single point of failure , NLB seems good .

As Tony suggested CAG ( netscaler access gateway module /VPX) is a great solution for HA/loadbalancing , ofcourse all good thing comes with a price tag :)
0
 
LVL 26

Accepted Solution

by:
Tony Johncock earned 500 total points
ID: 39665229
Personally though, I am not a fan of DNS round robin - if you have two servers and one goes down, 50% of requests still land on the failed address until such a time as someone notices and either fixes the issue or removes the DNS entry.

I know...user education should help but even after almost 20 years of working with Citrix technologies, I still see users making the same mistakes they really shouldn't be like not logging off, so I'm not a big believer they can grasp even simple ideas for the most.

 :-)

Three other, VMware-based options may be viable for you of course - if you have sufficient hosts you can rely on HA. Granted it's not an instant failover. Nor is the second - have a hot (virtual) spare running on a different host but with the network disconnected. Simply enable the network in the event of a failure. And finally if your servers could cope with a single core, single CPU you could investigate having a lockstep partner.

I am not a massive fan of any of these options either, though:

The hot spare could cause issues if someone accidentally enables the NIC at the wrong time;
HA is ok if you don't need instant failover;
Lockstep is limited to single-core, single CPU so simply may not be powerful enough to cope.
0
 

Author Comment

by:bubaibhatta
ID: 39668091
So what about this idea:

we create another clean gateway with CSG server on a VM. When there is some issue, we simply update the user to use another link till we solve the issue?
       
                                                        or

I was thinking one step ahead though. Is there any way that will redirect the link (that the users are using all the time) to the standby server link when we have some issue on the main server? This redirection should work even when the main server is dead or powered off.
0
Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

New Windows 7 Installations take days for Windows-Updates to show up and install. This can easily be fixed. I have finally decided to write an article because this seems to get asked several times a day lately. This Article and the Links apply to…
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question