1, the HA mode deployment of the NetScaler ha model NetScaler is a bit like FWSM deployment, and there is a significant difference between the deployment of F5. You can first deploy a netscaler on a single node basis, and do all of the related configuration, including Nsip, subnet IP, routing, user name, and related feature. Make sure that everything is configured OK, configure another netscaler, this netscaler only need to configure a nsip, and then access the network. The special note is that no need to configure subnet IP, etc. After the configuration, only need to do with the previous one ha to add, configuration will automatically sync over. Here is a description of the configuration that is concerned. 2, deployment topology map NetScaler HA deployment can be in tandem, or the next pending order arm mode. Topology diagram as follows:
In series mode: |
Next pending orders arm mode: |
Note: NetScaler do ha is the device does not need a sync line, go directly to the network to synchronize. The default is Nsip to sync, and the second option is Subnetip. 3, Deployment Information 3.1 first NetScaler (a) First need to deploy a netscaler, a single node deployment, that is, no need to consider ha before deployment. Related configurations include: ①nsroot modify password, ② set time zone, ③ set Nsip as administrative address, ④ set subnet IP, can do ext and int interface configuration according to the VLAN connected before and after; ⑤ set up port and even port binding; ⑥ set related routes; ⑦ enable MBF (mac-based forwarding), ⑧ set the HA monitor characteristics of the business interface, other ports do not do ha Monitor;⑨ ... 3.2 The second NetScaler (B) of the department then deploys the second NetScaler equipment, the related configuration includes: ① set Nsroot password, must be consistent with a, ② set time zone times, need to be consistent with a, error in a few seconds; ③ view version, need a to keep consistent; ④ set Nsip as the management address, need to communicate with a nsip, preferably in the same network segment; ⑤ network structure is similar to a, that is, related physical interface corresponds to interconnect; ⑥ set the HA monitor characteristics of the business interface, other ports do not have ha Monitor;⑦ no other configuration, deployment complete. 3.3 Ha deployment completes the HA deployment by adding node to each other. ① set B's node state to Staysecondary:set ha node–hastatus staysecondary;② add node on B A;③ Add node B;④ to a to view the configuration of B: Show run, view/nsconfi g/* file (in addition to license), and compared with a to synchronize the configuration of a, ⑤ ensure that a is primary state; ⑥ set B's node state to Enabled:set ha node–hastatus Enabled;⑦ view ab status Show N Ode, under normal circumstances, at this time, a primary,b for the Standby;⑧ for the HA switch test. 4, NetScaler related knowledge points ①netscaler VLAN, IP and interface relationship netscaler VLAN, IP and interface are related independent relationships, that is, you can not configure any VLAN (the default exists vlan1), all IP belongs to Vlan1.Nsip is more special, he can't bind any VLAN. So there is a problem: the interconnection of NetScaler device interface is set on the same VLAN, the network access to NSIP traffic may be from netscaler any one interface interoperability. The business interface can bind VLANs, and IP can also be bound to one VLAN. This can be done interface, VLAN and IP correspondence, in addition to NSIP. ②MBF (mac-based forwarding) is forwarding based on MAC address, not routing. NetScaler learns from the initial TCP connection (SYN) request to the client-side and server-side MAC addresses, as well as cache the session information for this TCP, for forwarding, without querying ARP and route tables. This feature only takes effect on VS, and traffic for NetScaler Systems does not work. The NetScaler MBF attribute defaults to disable. ③ha synchronous NetScaler do ha support automatic synchronization, configuration on the primary device will be synchronized to the secondary device immediately, cannot sync from secondary to primary device. Any configuration made by secondary devices (other than system configuration, such as reboot and network interface configuration) is not configured to be effective on this machine, and will not sync to primary devices. NetScaler ha supports manual synchronization, but can only be synchronized from primary to secondary. The contents of the synchronization are: Health check status and persistence table, the table of different steps is the HA switch after the user's session will be lost to connect, but will be maintained. ④ha Monitor configures the HA Monitor principle: For each interface that is bound with the HA Monitor feature, the system will do something about it once the interface is unavailable. For example, for HA switching. If you have several interfaces, LA is bound, you can only do ha monitor for LA, and you can set the bandwidth of less than ha switch. For example, 4 GE interfaces are bound to LA/1, and you can do ha switching on LA/1 with less than 3000 (per Mbps). That is to say, down an interface without having to do ha switching, and only if you drop 2 or 2 more than 3000 of the bandwidth. The following figure:
Make sure to keep this source http://ipneter.blog.51cto.com/341177/245716