Blog posts tagged with 'request'


14 Apr 2008 12:17 PM EDT
[ Tags: appexpert,  wireshark,  pcap,  headers,  request,  response,  apptips,  tips,  netscaler,  trace,  sniff,  sniffer,  mpx,  lb,  llb,  slb,  gslb,  citrix load balancer,  citrix load balancing,  link load balancer,  link load balancing,  load balancer,  load balancing,  server load balancer,  server load balancing,  security load balancer,  security load balancing,  hardware load balancer,  hardware load balancing,  next gen load balancing,  website load balancer,  website load balancing,  application load balancer,  application load balancing,  application switch,  clustering,  web application controller,  application controller,  application delivery,  tcp multiplexing,  ssl offload,  ssl multiplexing,  global server load balancing,  wan load balancing,  rewrite,  content rewrite,  client-ip,  x-forwarded-for,  apache,  iis,  external url,  internal url,  home page redirect,  apache rewrite,  server obfuscation,  application obfuscation,  http header,  policies,  policy,  policy engine,  pe,  cache,  caching,  appcache,  compress,  compression,  appcompress,  controller,  content switching,  content switch,  acceleration,  content acceleration,  content accelerator,  application acceleration,  application accelerator,  tcp acceleration,  ssl acceleration,  f5,  array,  zeus,  radware,  cisco,  microsoft,  asp,  ias,  foundry,  extreme,  sap,  oracle,  siebel,  peoplesoft,  bea ]

Application Profiling

Introduction:

I can turn you into an Application expert in 5 minutes by reading this post.  Just do what the experts do, or even the not-so-experts.  They pay meticulous attention to the requests from clients and the responses from servers, both headers and body content.  You do this the old fashioned way by taking a trace.  There are better tools out there, some free, some not-so-free.

Running a trace:

Running a trace will help you 'profile' the application. It is recommended that you do this before placing the Citrix Application Switch in-line of the Application traffic. This will gather important information about the Application that will help you understand it's basic operation at Layer 7, and help you begin to understand what it is that needs to be accelerated - cached, compressed, load balanced, ssl offloaded, etc.

Running a trace exposes the flow of transactions between all points of interest. Traces are especially helpful when digging in to find what is contained within the headers being exchanged between the client and the application.

Taking a trace with wireshark:

The free network protocol analyzer called wireshark, http://www.wireshark.org, will capture packets for you on the localhost, whether it's windows or linux. By filtering the stream of packets by IP Address, right clicking and selecting 'Follow TCP Stream' inside of wireshark, you can see the headers for both requests and responses.

Wireshark tip 1
Find the first 'SYN' in the stream, right click, 'Follow TCP Stream'.


Wireshark tip 2
Client requests are in Red, Server responses are in Blue.


Taking a trace with the Citrix Application Switch:

If the Citrix Application Switch is already in place, a trace can be run directly on the Citrix Application Switch. Running a trace will expose the flow of transactions between all points of interest, especially the client, load balancing VIPs and backend servers. Traces are especially helpful when digging in to find out if the proper headers are being exchanged between client & VIP and VIP & backend servers. A trace can be run directly on the Citrix Application Switch. Once downloaded this file can be opened and request and response headers read with Wireshark, a free network trace utility, http://www.wireshark.org. From the Citrix Application Switch GUI, navigate to NetScaler -> System -> Diagnostics -> New Trace -> Run. 

Viewing headers with Paros:

Paros was originially written for web security, but has value when viewing request and response headers, cookies and the like. Through Paros's proxy nature, all HTTP and HTTPS data between server and client, including cookies and form fields, can be intercepted. There is an additional option of trapping and modifying data before sending it on to the server, or client. Paros can be found at http://parosproxy.org. Free.

Viewing headers with Live HTTP Headers:

Live HTTP Headers, http://livehttpheaders.mozdev.org/, was developed for use with the Firefox web browser. It is a free add-on and allows you to view HTTP header information in real time. Free.

Viewing headers with IE Analyzer:

IEInspector HTTP Analyzer, http://www.ieinspector.com, is a tool that allows you to monitor, trace, debug and analyze HTTP/HTTPS traffic in real-time. It works with Microsoft Internet Explorer. Not-Free.

Viewing headers with IE Watch:

IEWatch, http://www.iewatch.com, is another plug-in for Microsoft Internet Explorer that helps you profile your web applications. You can use this tool to dig deep into the inner workings of web applications to find hidden issues. Not-Free.

Watch this Application Profiling Tip:

Tap into the power of AppExpert

Expand Blog Post
04 Apr 2008 06:06 PM EDT
[ Tags: sap,  soa,  caching,  compression,  rewrite,  lb,  ssl offload,  soap,  xml,  wisl,  appexpert,  apptips,  tips,  netscaler,  llb,  slb,  gslb,  citrix load balancer,  citrix load balancing,  link load balancer,  link load balancing,  load balancer,  load balancing,  server load balancer,  server load balancing,  security load balancer,  security load balancing,  hardware load balancer,  hardware load balancing,  next gen load balancing,  website load balancer,  website load balancing,  application load balancer,  application load balancing,  application switch,  clustering,  web application controller,  application controller,  application delivery,  tcp multiplexing,  ssl multiplexing,  global server load balancing,  wan load balancing,  xml load balancer,  xml load balancing,  expertexchange,  mpx,  content rewrite,  client-ip,  x-forwarded-for,  apache,  iis,  external url,  internal url,  home page redirect,  apache rewrite,  server obfuscation,  application obfuscation,  http header,  headers,  policies,  policy,  policy engine,  pe,  request,  response,  cache,  appcache,  compress,  appcompress,  controller,  content switching,  content switch,  acceleration,  content acceleration,  content accelerator,  application acceleration,  application accelerator,  tcp acceleration,  ssl acceleration ]
posted by Craig Ellrod

The SAP Enterprise Service Oriented Architecture (SOA) provides a blueprint for services-based, enterprise scale business solutions that are adaptable, flexible, and open. Enterprise Services Architecture takes the concept of service-oriented architecture to a new level by transforming Web services into enterprise services. Bringing Citrix and SAP Enterprise Services Architecture together reduces the dependence on customized applications, and increases flexibility and reduces time to deployment while reducing operational expenses.


This Citrix / SAP Enterprise SOA Deployment Guide was created out of a joint engagement between Citrix and SAP at the Co-Innovation Laboratory in Palo Alto, California, USA. This deployment guide walks through the step-by-step configuration details of how to configure the Citrix NetScaler for use as front-end to SAP Portal for end-user traffic, that is HTTP ~ HTML. To further complement the value of the Enterprise SOA, this guide walks through the details of how to configure the Citrix NetScaler for use as a front-end to the SAP Composite Application Framework and SAP ERP Web Services platforms, providing a flexible load balancer and HTTPS encryption point for machine to machine web service traffic. With this deployment Citrix becomes an integral and flexible part of the SAP Enterprise SOA "Applistructure" bringing together applications and technology for a fast, flexible and highly effective service oriented IT infrastructure.


Watch this Load Balancing Tip:



Tap into the power of AppExpert

Expand Blog Post
11 Jan 2008 06:09 PM EST
[ Tags: sap,  appexpert,  ssl vpn,  ica proxy,  xenapp,  apptips,  tips,  netscaler,  mpx,  lb,  llb,  slb,  gslb,  citrix load balancer,  citrix load balancing,  link load balancer,  link load balancing,  load balancer,  load balancing,  server load balancer,  server load balancing,  security load balancer,  security load balancing,  hardware load balancer,  hardware load balancing,  next gen load balancing,  website load balancer,  website load balancing,  application load balancer,  application load balancing,  application switch,  clustering,  web application controller,  application controller,  application delivery,  tcp multiplexing,  ssl offload,  ssl multiplexing,  global server load balancing,  wan load balancing,  xml load balancer,  xml load balancing,  rewrite,  content rewrite,  client-ip,  x-forwarded-for,  apache,  iis,  external url,  internal url,  home page redirect,  apache rewrite,  server obfuscation,  application obfuscation,  http header,  headers,  policies,  policy,  policy engine,  pe,  request,  response,  cache,  caching,  appcache,  compress,  compression,  appcompress,  controller,  content switching,  content switch,  acceleration,  content acceleration,  content accelerator,  application acceleration,  application accelerator,  tcp acceleration,  ssl acceleration,  soa,  soap,  xml,  wsdl,  wisl,  xml firewall,  xml gateway,  xml rewrite,  xml acceleration,  uddi,  enterprise soa,  ica,  rdp,  terminal server,  terminal switch,  virtual terminal ]

We recently had a meeting with a large partner of ours and they handed down some hefty requirements.  An average of 100 partners using their portal on any given month to access their development environments on the backend.  It was clear that NetScaler could scale, but the question was how to keep all of those partners separated from each other, without them peeking into each others traffic. It turned out to be easier than we thought using the NetScaler as an SSL VPN with the addition of some policies bound to each partner's user group.  The following is an overview of the network diagram, and there are some deployment guides to walk you through these installations. 


The Citrix SSL VPN CPS Deployment Guide walks you through deploying NetScaler SSL VPN as an ICA Proxy and authentication point.  It then walks you through deploying Citrix Presentation Server and the steps necessary to connect the SSL VPN to the CPS Applications.  The guide includes Session policies which direct users upon authentication to specific CPS farms on the backend of the NetScaler SSL VPN.  Think of it as an authentication portal.

The Citrix SSL VPN Deployment Guide walks you through deploying NetScalers as an HA Pair, and then as an SSL VPN with ICA Proxy OFF.  The intention was to use the SSL VPN for regular VPN traffic, and not Citrix Presentation Server traffic.  Just as well, policies can be combined on the same NetScaler Application Switch to allow both non-CPS and CPS traffic to traverse the same SSL VPN.

Tap into the power of AppExpert

Expand Blog Post