Jump to content
Welcome to our new Citrix community!

DNS Round Robin of Storefront and Delivery Controller


Recommended Posts

Because we do not have a license for creating a VIP in Netscaler (Traffic Management - Virtual Serer) we think about following setup:

 

Netscaler ADC

Server 1 with Storefront and Delivery Controller

Server 2 with Storefront and Delivery Controller

 

DNS-Entry for sf.contoso.com with IP of Server 1 and 2 (Round robin)

On Netscaler Session profile shows to sf.contoso.com

Both Servers as STA configured

Netscaler uses intermal DNS-Server, so will resolve sf.contoso.com with IP1 or IP2

On Store Server 1 and 2 are configured as Deliery Controller with https and load balancing enabled

 

When we test this by shutdown one of the Servers mostly login failes, sometimes with the message "Ica mode status is not okay". 

When we delete one of the dns-entries and wait long enough until Netscaler sees the server as down, it is working well

 

Could it work like that with dns round robin or is this bullshit?

 

Thanks for feedback.

 

Lukas

Link to comment
Share on other sites

DNS roundrobin will always cause you some errors and connection problems. Just deploy one or two (HA) VPX Freemium NetScaler (For free, limited with 20 Mbit/s bandwidth - which is enough for LoadBalancing) and setup SF / DDC LoadBalancing for usage to your Gateway VPX.

 

Regards

Julian

Link to comment
Share on other sites

10 minutes ago, Lukas Meyer1709162786 said:

Because we do not have a license for creating a VIP in Netscaler (Traffic Management - Virtual Serer) we think about following setup:

 

Netscaler ADC

Server 1 with Storefront and Delivery Controller

Server 2 with Storefront and Delivery Controller

 

DNS-Entry for sf.contoso.com with IP of Server 1 and 2 (Round robin)

On Netscaler Session profile shows to sf.contoso.com

Both Servers as STA configured

Netscaler uses intermal DNS-Server, so will resolve sf.contoso.com with IP1 or IP2

On Store Server 1 and 2 are configured as Deliery Controller with https and load balancing enabled

 

When we test this by shutdown one of the Servers mostly login failes, sometimes with the message "Ica mode status is not okay". 

When we delete one of the dns-entries and wait long enough until Netscaler sees the server as down, it is working well

 

Could it work like that with dns round robin or is this bullshit?

 

Thanks for feedback.

 

Lukas

Which license do you have to now have the option to create Load Balance Virtual Server?

 

Thanks

Arnaud

Link to comment
Share on other sites

If the adc can't load balance storefront because you have a gateway only license (no load balancing), then use a separate load balancer to handle storefront redundancy. Gateway won't do lb backup vservers either in this case, I don't think.  A VPX free as a separate load balancer since it won't run Gateway (as julian suggested) would work better in this case.

 

The problem with dns load balancing is that the Gateway is going to cache the dns entry and not failover. Also, it will mess up apps that require persistence like storefront.

 

The gateway will be fine with the two STA entries and will find those itself and should not be load balanced. Use specific names for the STA's and NOT dns round robin either.  But the dns round robin will not solve the storefront redundancy.

 

So for you, the Gateway still needs to see controller1 and controller2 as the two individual STA's so it can resolve either returned in the ticket received from StoreFront.

The storefront servers should have both STA's listed individually as well.

 

For the StoreFront entry on Gateway:

Either use a separate load balancer or a vpx express separate from gateway to load balance storefront.  Load balance as leastconnections with persistence (cookieinsert; sourceip is going to be of limited use). Or make it a lb vserver with backup vserver so all traffic goes to storefront1 and then fails over.  

 

Then configure the gateway session policies to go to the storefront load balanced FQDN.

DNS round robin is not going to solve the problem because it will break persistence between sessions and the storefront that is needed.  

 

If your Gateway appliance has a load balancing license on it which ADC Standard includes Gateway + Load Balancing, just use it to load balance the storefront which makes things much simpler. 

 

 

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...