Netscaler Knowledgebase

Summary

The purpose of this document is to outline the installation of a new NetScaler device into a High Availability (HA) pair configuration. The primary NetScaler device should already be running in a production environment.

Requirements

The requirement for completing this task includes an existing NetScaler device currently configured and running in a production environment.

Procedure

1. Ensure the new NetScaler device (NS2) is running the same version of code as the existing NetScaler (NS1) currently running in the production environment.

      Type the following command below to show the running version of software.
      >show version
      NetScaler NS6.X: Build XX.X, Date: Jan 28 2006, 17:57:52
      If the two builds are not identical, proceed with the upgrade procedure outlined in the 6.1 Migration Guide. Customers can obtain this document from www.mycitrix.com or by contacting Citrix Technical Support.

2. When the new NetScaler device (NS2) is running the same software build as the existing NetScaler device (NS1), you can proceed to configure the basic setup information on the new NetScaler (NS2). This will enable network connectivity and manageability. When you first log on to the new NetScaler (NS2) you will be guided through the initial configuration script.

      Refer to the configurations scripts for version 6.1 and 6.0 captured below.
      Initial configuration script for the NetScaler device running version 6.1
      NSCONFIG NS6.1.
      REVIEW CONFIGURATION PARAMETERS MENU
      ------------------------------------
      This menu allows you to view and/or modify the NetScaler's configuration.
      Each configuration parameter displays its current value within brackets
      if it has been set. To change a value, enter the number that is displayed
      next to it.
      ------------------------------------
            1. NetScaler's IP address: [10.251.30.50]
            2. Netmask: [255.255.255.0]
            3. Advanced Network Configuration.
            4. Time zone.
            5. Cancel all the changes and exit.
            6. Apply changes and exit.
      Note: Version 6.1 no longer has the default gateway and MIP configuration in the script. These entities will have to be manually added using the commands displayed below:
      >add ns route 0.0.0.0 0.0.0.0 <Default Gateway IP address>
      >add ns ip <Mapped IP address><Netmask> -type MIP
      Note: The Mapped IP address is used for initiating backend server side connections.
      Initial configuration script for the NetScaler device running version 6.0
      NSCONFIG NS6.0.
      Reading the NetScaler configuration from the file /nsconfig/ns.conf
      REVIEW CONFIGURATION PARAMETERS MENU
      ------------------------------------
      This menu allows you to view and/or modify the NetScaler's configuration.
      Each configuration parameter displays its current value within brackets
      if it has been set. To change a value, enter the number that is displayed
      next to it.
      ------------------------------------
            1. NetScaler's IP address: [192.168.10.33]
            2. Netmask: [255.255.255.0]
            3. Default router and static routes.
            4. Mapped IP address: [192.168.10.34]
            5. Netmask for mapped IP address: [255.255.255.0]
            6. Advanced Network Configuration.
            7. Time zone.
            8. Password of the user nsroot.
            9. Cancel all the changes and exit.
           10. Save all the changes and exit.
      Select a menu item from 1 to 10 [10]:

   3. After the initial configuration script has completed successfully, reboot the new NetScaler device (NS2).

      For each NetScaler device, configure the other HA NetScaler device’s node. The Node ID and associated IP address must reflect the HA peer's Node ID and IP addresses.
      For example:
      NS1 configured with a unique node ID and IP address of NS2 and NS2 configured with a unique node ID and IP address of NS1.
      Enter the following command in the CLI
      >add ns node <ID> <IPAddress>
      Where the:

          o ID specifies the unique node number for the other device
          o IPAddress specifies the IP address of the other device

      Note: The maximum node ID for systems in a high availability setup is 64.
      Note: Each NetScaler device always refers to itself as Node 0. You should configure each NetScaler device with a unique node ID.

   4. Check and configure the following on both NetScaler devices:
         1. Interfaces: If the systems in a HA setup are used in one-arm mode, disable all system interfaces except for one that is connected to the switch or hub using the disable interface command. The reason is the NetScaler monitors interfaces for link failure to institute a failover.
         2. nsroot user: The nsroot password must be the same on both NetScaler devices for communications between the devices. In HA mode, when the password of the nsroot user account is changed on either system, the change must also be performed on the peer as password synchronization is required.
         3. Default Gateway and MIP: These IP addresses need to be consistent on both NetScaler devices so that when failover occurs network traffic continues to flow normally without any change. Both NetScaler devices must be configured with unique System IP addresses (NSIP).
         4. Files: Any configuration file that is created or copied onto the system outside of the CLI (for example SSL certificates, changes to startup scripts, and so on), must be manually copied and synchronized on both the primary and secondary systems.

   5. Configure the new NetScaler (NS2) device to stay as the Secondary node. This means that the new NetScaler (NS2) device will not try to take the primary HA role. It also disables ARP for shared IP addresses between the two boxes. Enter the following command on the new NetScaler (NS2) device:

      >set ns node <node ID> -hastatus STAYSECONDARY –hasync DISABLED
      You can now rack and wire the NetScaler (NS2) into the network to be configured with the primary NetScaler (NS1).

   6. Both NetScaler devices should be able to see one another and have access to the other. Enter the following command from the primary NetScaler (NS1) device.

      >sh node
      The output from the primary (NS1) will look like this if the secondary node has been set as outlined in Step 5. Notice the primary sees itself as Node ID 0.

      Enter the following command from the secondary NetScaler (NS2) device.
      >sh node
      The output from the secondary device will look like this if the secondary node has been set as outlined in Step 5. Notice the secondary NetScaler (NS2) sees itself as Node ID 0.

      Change the node state to enable HA status and HA sync. The boxes will sync and the appropriate information will propagate to the secondary. Then issue a show ns node and verify the HA state of the boxes.