Bart Vermeersch
-
Posts
20 -
Joined
-
Last visited
-
Days Won
1
Content Type
Forums
Articles
Labs
Videos
TechZone
Citrix Community Articles
Events
Profiles
Posts posted by Bart Vermeersch
-
-
It is possible yes, but there are easier ways to do it.
In the tar file, there is a directory for every instance in backup/ns/
Each of those directories contains another zipped archive file backup.tgz
Inside you will find the ns.conf file in the directory backup_<some-id>/nsconfig/
-
It might be beneficial backup VPX instances separately, but the SDX backups also contain the VPX configuration.
You can restore one ore more instances with an SDX backup file.
https://docs.citrix.com/en-us/sdx/current-release/configuring-management-service/backup-restore.html
- 1
-
We also use a Syslog policy/action with the latest 13.0 build, but with fewer log types enabled. Maybe you can try with only -acl ENABLED and add more if it works.
Does it also happen when you specify an IP address instead of a server domain name?
It does look like a bug unfortunately.
-
So it works as long as you don't change the RPC node passwords?
Do you see dump files in /var/core or /var/crash?
Anything in /var/log/ns.log or /var/log/messages?
-
Yes, 13.0 build 83.29 fixes the issue for us.
- 1
-
CTX330728 (https://support.citrix.com/article/CTX330728) recommends to upgrade to 13.0 build 83.27.
Any other options or workarounds for this bug?
-
We have the same issue, but apparently this is a known limitation:
The following features do not support IPv6:
High availability floating IP
Syslogs received from ADCs that support IPv6
StyleBooks on ADCs that support IPv6
Analytics
Pooled licensing
-
I don't think that is possible.
It seems to be predefined and the size of /var is depending on the amount of memory: https://support.citrix.com/article/CTX216144
- 1
-
We also had an issue with high memory usage (> 80%) a few days after upgrading an SDX to 13.0 82.45.
An additional reboot of the SVM seems to have solved the problem so far.
I'm not aware of a way to configure SVM resources.
-
I believe NOOP is the undefAction. So both can be present.
add responder policy <name> <expression> <action> [<undefaction>]-appFlowaction <actionName>
-
The amount of memory you allocate depends on the number of Packet Engines and features you want to use.
Integrated caching for example can use a lot of memory.
-
It could be a bug, but I suspect that the transform policy is causing the URL encoding.
Can you turn it off or share the policy with us?
- 1
-
You can also use HTTP.REQ.HOSTNAME.SERVER
-
There are some known issues, so I would stick to recent versions of Chrome for now:
https://www.chromium.org/updates/same-site/incompatible-clients
I think the following regex will work: HTTP.REQ.HEADER(\"User-Agent\").REGEX_MATCH(re!Chrome\\/8[0-9]!)
Also, you might want to make sure that you only set the SameSite attribute to none for specific cookie names.
-
The regex is case sensitive so it doesn't match Path=/
Perhaps you could use HTTP.RES.FULL_HEADER.TO_LOWER or change the search pattern to regex(re!(Path=/\\; SameSite)|(Path=/)!)
-
Can you post an example of the Set-Cookie header that you get in Chrome?
-
What does the Set-Cookie header look like?
You can change the name and value.
-
Are there other cookies that do get the SameSite attribute set to none?
-
There is https://support.citrix.com/article/CTX269469, but that looks similar to what you already have.
Do you get hits on the rewrite policy append_samesite_cookie_pol?
The regex is case sensitive, so it will not work if you have Path instead of path.
Installed version of java and Log4j ?
in Core ADC use cases
Posted · Edited by Bart Vermeersch
Citrix ADC is not impacted: https://support.citrix.com/article/CTX335705
No Java as far as I know.