Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

How to Plan a hot Standby Gateway server for Citrix

Posted on 2013-11-19
4
Medium Priority
?
405 Views
Last Modified: 2016-10-25
Hi Experts,

We have three Xenapp farms(Xenapp 4.5 and 5.0 on windows 2003 and one Xenapp 6.5 on 2008R2) at present.

All the users are connecting to Citrix via Citrix Secure Gateway. This server is on VMware with Windows 2003 OS.

We want to create another Gateway server which will act as a Hot Standby or as a load balance. Our aim is to reduce any single point of failure for getting into Citrix farms.

Can you please guide me what should be the best solutions. We dont want to invest on Netscaler at this time.

Also what about the Windows load balance options? We are into planning stage and thus we can consider anything that will suite our goal.
0
Comment
Question by:bubaibhatta
  • 2
4 Comments
 
LVL 26

Expert Comment

by:Tony J
ID: 39658710
Hi

You can indeed use NLB althought ideally it should be a hardware based load balancer.

There are some details on how to configure HA for Secure Gateway here:

http://support.citrix.com/proddocs/topic/xenapp5fp-w2k3/sg-high-availability-planning-v2.html

You don't necessarily need a Netscaler by the way - you may want to investigate CAG's (Citrix Access Gateways). You can get VPX editions which are virtual appliances (as indeed, you can get NS VPX's) which tend to be considerably less expensive than their physical counterparts.
0
 
LVL 7

Expert Comment

by:Jayanta Sarmah
ID: 39663216
Well if you are planning for load balancing the Secure Gateways , you will require a load balancing option like Windows Load balancing/F5 etc as you mentioned.

But if you simply require a Hot standby configuring DNS round robin should be good enough to ensure if user session fails on the first Secure Gateway it redirects to the Second , although preferance will be always to have it controlled through NLB / F5 etc if you already have it.

Looking at your objective to avoid single point of failure , NLB seems good .

As Tony suggested CAG ( netscaler access gateway module /VPX) is a great solution for HA/loadbalancing , ofcourse all good thing comes with a price tag :)
0
 
LVL 26

Accepted Solution

by:
Tony J earned 1500 total points
ID: 39665229
Personally though, I am not a fan of DNS round robin - if you have two servers and one goes down, 50% of requests still land on the failed address until such a time as someone notices and either fixes the issue or removes the DNS entry.

I know...user education should help but even after almost 20 years of working with Citrix technologies, I still see users making the same mistakes they really shouldn't be like not logging off, so I'm not a big believer they can grasp even simple ideas for the most.

 :-)

Three other, VMware-based options may be viable for you of course - if you have sufficient hosts you can rely on HA. Granted it's not an instant failover. Nor is the second - have a hot (virtual) spare running on a different host but with the network disconnected. Simply enable the network in the event of a failure. And finally if your servers could cope with a single core, single CPU you could investigate having a lockstep partner.

I am not a massive fan of any of these options either, though:

The hot spare could cause issues if someone accidentally enables the NIC at the wrong time;
HA is ok if you don't need instant failover;
Lockstep is limited to single-core, single CPU so simply may not be powerful enough to cope.
0
 

Author Comment

by:bubaibhatta
ID: 39668091
So what about this idea:

we create another clean gateway with CSG server on a VM. When there is some issue, we simply update the user to use another link till we solve the issue?
       
                                                        or

I was thinking one step ahead though. Is there any way that will redirect the link (that the users are using all the time) to the standby server link when we have some issue on the main server? This redirection should work even when the main server is dead or powered off.
0
Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article explains how to install and use the NTBackup utility that comes with Windows Server.
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
This tutorial will give a an overview on how to deploy remote agents in Backup Exec 2012 to new servers. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as connecting to a remote Back…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…

886 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question