Upload
cash-sly
View
217
Download
0
Embed Size (px)
Citation preview
7/30/2019 Ns Release Notes
1/20
Citr ix NetScaler 9.1 Classic, 9.1 nCore, and 9.1 VPX Beta
Citrix NetScalerRelease Notes
7/30/2019 Ns Release Notes
2/20
Copyright and Trademark Notice
CITRIX SYSTEMS, INC., 2009. ALL RIGHTS RESERVED. NO PART OF THIS DOCUMENT MAY BE REPRODUCED OR
TRANSMITTED IN ANY FORM OR BY ANY MEANS OR USED TO MAKE DERIVATIVE WORK (SUCH AS TRANSLATION,
TRANSFORMATION, OR ADAPTATION) WITHOUT THE EXPRESS WRITTEN PERMISSION OF CITRIX SYSTEMS, INC.
ALTHOUGH THE MATERIAL PRESENTED IN THIS DOCUMENT IS BELIEVED TO BE ACCURATE, IT IS PRESENTED
WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE ALL RESPONSIBILITY FOR THE USE
OR APPLICATION OF THE PRODUCT(S) DESCRIBED IN THIS MANUAL.
CITRIX SYSTEMS, INC. OR ITS SUPPLIERS DO NOT ASSUME ANY LIABILITY THAT MAY OCCUR DUE TO THE USE OR
APPLICATION OF THE PRODUCT(S) DESCRIBED IN THIS DOCUMENT. INFORMATION IN THIS DOCUMENT IS SUBJECT
TO CHANGE WITHOUT NOTICE. COMPANIES, NAMES, AND DATA USED IN EXAMPLES ARE FICTITIOUS UNLESS
OTHERWISE NOTED.
The following information is for FCC compliance of Class A devices: This equipment has been tested and found to comply with the limits
for a Class A digital device, pursuant to part 15 of the FCC rules. These limits are designed to provide reasonable protection against
harmful interference when the equipment is operated in a commercial environment. This equipment generates, uses, and can radiate radio-
frequency energy and, if not installed and used in accordance with the instruction manual, may cause harmful interference to radio
communications. Operation of this equipment in a residential area is likely to cause harmful interference, in which case users will be
required to correct the interference at their own expense.
Modifying the equipment without Citrix' written authorization may result in the equipment no longer complying with FCC requirements
for Class A digital devices. In that event, your right to use the equipment may be limited by FCC regulations, and you may be required to
correct any interference to radio or television communications at your own expense.
You can determine whether your equipment is causing interference by turning it off. If the interference stops, it was probably caused bythe NetScaler Request Switch 9000 Series equipment. If the NetScaler equipment causes interference, try to correct the interference by
using one or more of the following measures:
Move the NetScaler equipment to one side or the other of your equipment.
Move the NetScaler equipment farther away from your equipment.
Plug the NetScaler equipment into an outlet on a different circuit from your equipment. (Make sure the NetScaler equipment and your
equipment are on circuits controlled by different circuit breakers or fuses.)
Modifications to this product not authorized by Citrix Systems, Inc., could void the FCC approval and negate your authority to operate the
product.
BroadCom is a registered trademark of BroadCom Corporation. Fast Ramp, NetScaler, and NetScaler Request Switch are trademarks of
Citrix Systems, Inc. Linux is a registered trademark of Linus Torvalds. Internet Explorer, Microsoft, PowerPoint, Windows and Windows
product names such as Windows NT are trademarks or registered trademarks of the Microsoft Corporation. NetScape is a registered
trademark of Netscape Communications Corporation. Red Hat is a trademark of Red Hat, Inc. Sun and Sun Microsystems are registeredtrademarks of Sun Microsystems, Inc. Other brand and product names may be registered trademarks or trademarks of their respective
holders.
Software covered by the following third party copyrights may be included with this product and will also be subject to the software license
agreement: Copyright 1998 Carnegie Mellon University. All rights reserved. Copyright David L. Mills 1993, 1994. Copyright
1992, 1993, 1994, 1997 Henry Spencer. Copyright Jean-loup Gailly and Mark Adler. Copyright 1999, 2000 by Jef Poskanzer. All
rights reserved. Copyright Markus Friedl, Theo de Raadt, Niels Provos, Dug Song, Aaron Campbell, Damien Miller, Kevin Steves. All
rights reserved. Copyright 1982, 1985, 1986, 1988-1991, 1993 Regents of the University of California. All rights reserved. Copyright
1995 Tatu Ylonen, Espoo, Finland. All rights reserved. Copyright UNIX System Laboratories, Inc. Copyright 2001 Mark R V
Murray. Copyright 1995-1998 Eric Young. Copyright 1995,1996,1997,1998. Lars Fenneberg. Copyright 1992. Livingston
Enterprises, Inc. Copyright 1992, 1993, 1994, 1995. The Regents of the University of Michigan and Merit Network, Inc. Copyright
1991-2, RSA Data Security, Inc. Created 1991. Copyright 1998 Juniper Networks, Inc. All rights reserved. Copyright 2001, 2002
Networks Associates Technology, Inc. All rights reserved. Copyright (c) 2002 Networks Associates Technology, Inc. Copyright 1999-
2001 The Open LDAP Foundation. All Rights Reserved. Copyright 1999 Andrzej Bialecki. All rights reserved. Copyright 2000
The Apache Software Foundation. All rights reserved. Copyright (C) 2001-2003 Robert A. van Engelen, Genivia inc. All Rights
Reserved. Copyright (c) 1997-2004 University of Cambridge. All rights reserved. Copyright (c) 1995. David Greenman. Copyright (c)2001 Jonathan Lemon. All rights reserved. Copyright (c) 1997, 1998, 1999. Bill Paul. All rights reserved. Copyright (c) 1994-1997 Matt
Thomas. All rights reserved. Copyright 2000 Jason L. Wright. Copyright 2000 Theo de Raadt. Copyright 2001 Patrik Lindergren.
All rights reserved.
Last Updated: May 2009
7/30/2019 Ns Release Notes
3/20
CONTENTS
Contents
Chapter 1 New Features and Enhancements
NetScaler 9.1 nCore Enhancements. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1
Features With Improved Performance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2
Per-Core Statistics (nCore) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3
NetScaler 9.1 VPX Enhancements. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3
NetScaler 9.1 Classic Enhancements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3
Chapter 2 Issues Fixed in this Release
NetScaler 9.1 nCore Resolved Issues. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5
Chapter 3 Limitations
Features Not Supported in NetScaler 9.1 nCore . . . . . . . . . . . . . . . . . . . . . . . . . . . .8
Supported Features with Unchanged or Moderately Improved Performance inNetScaler 9.1 nCore . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9
Chapter 4 Known Issues and Workarounds
Issues and Workarounds in NetScaler 9.1 nCore. . . . . . . . . . . . . . . . . . . . . . . . . . .11
Installation and Upgrade Issues and Workarounds . . . . . . . . . . . . . . . . . . . . . .11
General Issues and Workarounds . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .12
Traffic Management Issues and Workarounds. . . . . . . . . . . . . . . . . . . . . . . . . .13
Other Configuration Issues and Workarounds . . . . . . . . . . . . . . . . . . . . . . . . . .13
Issues and Workarounds Common to NetScaler 9.1 Classic and 9.1 nCore. . . . . .15
Issues and Workarounds Common to NetScaler 9.1 Classic and 9.1 VPX. . . . . . .16
Issues and Workarounds in NetScaler 9.1 VPX. . . . . . . . . . . . . . . . . . . . . . . . . . . .16
7/30/2019 Ns Release Notes
4/20
iv Citr ix NetScaler 9.1 Classic, nCore, and VPX Beta Release Notes
7/30/2019 Ns Release Notes
5/20
CHAPTER 1
New Features and Enhancements
This chapter describes enhancements in the beta releases of NetScaler 9.1,
NetScaler 9.1 nCore (which introduces multiple CPU cores for improved
performance), and NetScaler 9.1 VPX (which introduces a software-onlyappliance). These release notes primarily discuss the NetScaler 9.1 nCore
software.
Note: You can determine your NetScaler type by looking at the build
information in the upper-right corner of the NetScaler browser window, or by
issuing the show ver si on command at the command line. The file extension
indicates the product type, for example, an nCore Netscaler has a .nc extension
and a classic NetScaler has a .cl extension.
In This Chapter
NetScaler 9.1 nCore Enhancements
NetScaler 9.1 VPX Enhancements
NetScaler 9.1 Classic Enhancements
NetScaler 9.1 nCore EnhancementsThe NetScaler nCore software uses multiple CPU cores for packet handling,
which greatly improves the performance of many NetScaler features.
Performance of the other available features is either somewhat improved or the
same as before the enhancement. A few previously supported features are not
supported in this release of the nCore NetScaler (see Limitations, on page 7),
but will be supported in the single-core 9.1 NetScaler and in future releases of thenCore NetScaler.
This version of the NetScaler nCore software is currently intended for use on the
MPX 15000 and MPX 17000.
7/30/2019 Ns Release Notes
6/20
2 Citrix NetScaler 9.1 Classic, nCore, and VPX Beta Release Notes
Features With Improved PerformanceThe following table describes features that exhibit improved performance due tothe introduction of multiple CPU cores.
Features With Improved Performance in This Release
Category Feature
Load Balancing, ContentSwitching, Link LoadBalancing
HTTP, TCP, FTP support
DNS
Monitoring (with a partial exception for User monitors, asdescribed in Known Issues and Workarounds, on page11)
Stateful Session Failover (SSF). High availability must be
configured
SSL SSL, SSL Offload
Networking IPv4
ACL
SNMP
Failover
Dynamic Routing (with the exception of dynamic routingfor IPv6)
Reverse Network Address Translation (RNAT)
Inbound Network Address Translation (INAT)
Security and Performancefeatures
Compression
HTML Injection
TCP Buffering
HTTP response body parsing (HTTP Pipelining)
Content Filtering
Responder
URL Rewrite
Body URL Transformation
Policies Classic Policies
Advanced Policies
Cache Redirection Cache Redirection
HTTP Service Callouts HTTP Service Callouts
7/30/2019 Ns Release Notes
7/20
New Features and Enhancements 3
Note: Web logs, historical charting, application templates, auditing, role-based
access control, and the Xen Desktop wizards are not throughput-intensive. These
features are fully supported in this release, but performance is not a salient factor.
Per-Core Statistics (nCore)In this release, the Reporting Tool for the nCore NetScaler displays statistics for
individual cores, which you select in the Counters dialog box. You can also
collect historical log data on a per-core basis in the newnslog file.
NetScaler 9.1 VPX EnhancementsNetScaler VPX is a virtual NetScaler appliance that is hosted on a XenServer.
NetScaler VPX distributes, optimizes, and secures Layer 4 - Layer 7 (L4-L7)
network traffic for Web applications.
NetScaler VPX performs application-specific traffic analysis to provide an
effective implementation of the enabled features. For example, a NetScaler VPX
makes load balancing decisions based on individual HTTP requests rather than on
the basis of long-lived TCP connections. This ensures that the failure or
slowdown of a server is managed quickly and with less disruption to clients.
Other features can be used to reduce load and simplify server-farm management
and to accelerate end-user performance.
NetScaler VPX, though installed on XenServer, appears to the administrator as a
separate physical NetScaler appliance with its own network identity, user
authorization, authentication capabilities, operating system version,
configuration, applications, and data. However, it shares physical resources with
other virtual machines.
NetScaler 9.1 Classic EnhancementsNetScaler 9.1 Classic enhancements will be documented in a later version of
these release notes.
7/30/2019 Ns Release Notes
8/20
4 Citrix NetScaler 9.1 Classic, nCore, and VPX Beta Release Notes
7/30/2019 Ns Release Notes
9/20
CHAPTER 2
Issues Fixed in this Release
This chapter describes resolved issues in this beta release of NetScaler 9.1 nCore.
NetScaler 9.1 nCore Resolved IssuesIssue 58309: An internal logic error causes some timer-based functions to fail
after 49 days. Features that relied on timers stopped working at that time (for
example, logging).
Issue 57374: Several Perl modules that are required for server monitoring are not
present.
Issue 56685: The show t r ansf or m pr of i l e ProfileName commanddoes not not display the list of actions for the profile.
Issue 55835: The show t echsuppor t command does not return a response.
Issue 55612, 52115: SNMP processing can take up to 20 percent of CPUcapacity. In a large deployment, if you enable an SNMP alarm, the processing of
SNMP data can occupy as much as 20 percent of the CPU, and traps for request
rate, service request rate, and RX TX might not be generated.
Issue 54811: An earlier release note reported that Link Aggregation Control
Protocol (LACP) settings could not be disabled. However, this was a
configuration issue, not a bug. You can use LACP to aggregate a group of ports to
take advantage of the increased speed and redundancy of the aggregated
interfaces. Note that LACP is not currently supported. Use static Link
Aggregation instead of LACP.
Issue 54571:Newly-added virtual servers (vservers) can remain in Slow Start
mode for more time than was expected. In normal NetScaler operations,
immediately after you add a vserver a Slow Start phase is initiated in which the
vserver uses the default Round Robin method. Slow Start continues until the
vserver has received the number of HTTP requests that determines the end of this
phase. In this release, traffic is distributed across multiple cores and a vserver can
remain in slow start mode for additional requests.
7/30/2019 Ns Release Notes
10/20
6 Citrix NetScaler 9.1 Classic, nCore, and VPX Beta Release Notes
Issue 50153: A Transparent SSL/SSL TCP service can be displayed as down on
some of the NetScaler packet engines even if you had bound a certificate. This
potentially leads to intermittent failure to establish a connection to the service.
7/30/2019 Ns Release Notes
11/20
CHAPTER 3
Limitations
This chapter describes known limitations in NetScaler 9.1 nCore.
In This Chapter
Features Not Supported in NetScaler 9.1 nCore
Supported Features with Unchanged or Moderately Improved Performance in
NetScaler 9.1 nCore
7/30/2019 Ns Release Notes
12/20
8 Citrix NetScaler 9.1 Classic, nCore, and VPX Beta Release Notes
Features Not Supported in NetScaler 9.1 nCoreThe following table lists the features that are not supported in this release.
NetScaler Features That Are Not Supported in the 9.1 nCore NetScaler
Category Feature
Traffic Management All of GSLB, as described in the Global Server LoadBalancing chapter in the Citrix NetScaler Traffic
Management Guide.
Real Time Streaming Protocol (RTSP) support for a loadbalancing service or vserver, as described in the LoadBalancing chapter in the Citrix NetScaler Traffic
Management Guide.
Link load balancing persistence, as described in the Link
Load Balancing chapter in the Citrix NetScaler TrafficManagement Guide.
Policies that examine the traffic rate and their use in trafficrate limiting, redirection, and other features, as described inthe Traffic Rate chapter in the Citrix NetScaler Traffic
Management Guide.
Connection failover for a load balancing virtual server, asdescribed in the Load Balancing chapter in the Citrix
NetScaler Traffic Management Guide.
NetScaler Push (scaling of Web 2.0 applications that usereverse Ajax or Comet-style communication), as describedin the NetScaler Web 2.0 Push chapter in the Citrix
NetScaler Traffic Management Guide.
Diverting excess traffic to a backup vserver using theSpillover parameter, as described in the Load Balancingand Content Switching chapters in the Citrix NetScalerTraffic Management Guide.
Maximum bandwidth settings for a service, as described inthe Load Balancing chapter in the Citrix NetScalerTraffic Management Guide.
Masking vserver IP addresses, as described in the LoadBalancing chapter in the Citrix NetScaler Traffic
Management Guide.
Support for load balancing using Server/Application StateProtocol (SASP), as described in the Load Balancingchapter in the Citrix NetScaler Traffic Management Guide.
SSL SSL-FIPS acceleration, as described in the Secure SocketsLayer (SSL) Acceleration chapter in the Citrix NetScalerTraffic Management Guide.
Networking Link Aggregation Control Protocol (LACP), as describedin the Interfaces chapter in the Citrix NetScaler Traffic
Management Guide.
7/30/2019 Ns Release Notes
13/20
Limitations 9
Supported Features with Unchanged or ModeratelyImproved Performance in NetScaler 9.1 nCore
The following table shows features that are fully functional but whose
performance is not substantially improved in this release.
System SureConnect, as described in the SureConnect chapter inthe Citrix NetScaler Application Optimization Guide.
Priority Queueing, as described in the ProtectionFeatures chapter in the Citrix NetScaler ApplicationSecurity Guide.
Denial of Service Protection, as described in theProtection Features chapter in the Citrix NetScaler
Application Security Guide.
Application Firewall No supported features.
Infrastructure AAA for Traffic Management, as described in theAuthentication Authorization Auditing (AAA) forApplication Traffic chapter in the Citrix NetScalerSecurity Guide.
NetScaler Features That Are Not Supported in the 9.1 nCore NetScaler
Category Feature
NetScaler Features that Are Unchanged or Somewhat Improved in NetScaler 9.1 nCore
Category Feature
Networking Support for IPv6, as described in the IP Version 6chapter in the Citrix NetScaler Networking Guide.
Support for Link Aggregation, as described in theConfiguring Link Aggregation chapter in the Citrix
NetScaler Networking Guide.
Infrastructure Authentication, Authorization, and Auditing (AAA), asdescribed in the Citrix Access Gateway Enterprise Edition
Administrators Guide.
Access Gateway Access Gateway Enterprise Edition, as described in theCitrix Access Gateway Enterprise Edition AdministratorsGuide.
Caching Integrated Caching, as described in the Integrated
Caching chapter in the Citrix NetScaler ApplicationOptimization Guide.
Load Balancing, ContentSwitching, Link LoadBalancing
Maximum Client parameter
7/30/2019 Ns Release Notes
14/20
10 Citrix NetScaler 9.1 Classic, nCore, and VPX Beta Release Notes
Other features that are notthroughput intensive
Web logs, historical charting, application templates,auditing, role-based access control, and the Xen Desktopwizards.
NetScaler Features that Are Unchanged or Somewhat Improved in NetScaler 9.1 nCore
Category Feature
7/30/2019 Ns Release Notes
15/20
CHAPTER 4
Known Issues and Workarounds
The following are known issues in this beta release. Where applicable,
workarounds are provided.
In This Chapter
Issues and Workarounds in NetScaler 9.1 nCore
Issues and Workarounds Common to NetScaler 9.1 Classic and 9.1 nCore
Issues and Workarounds Common to NetScaler 9.1 Classic and 9.1 VPX
Issues and Workarounds in NetScaler 9.1 VPX
Issues and Workarounds in NetScaler 9.1 nCoreThis section discusses issues related to installation, traffic management,
configuration, and general issues and workarounds.
Installation and Upgrade Issues and WorkaroundsIssue 58483. The installation script prompts you to delete the /var directory if
additional swap space is required.
During installation, you are prompted to delete the /var directory if the swap
partition is smaller than 32 GB. If you receive this prompt, do the following:
1. Type N.
2. Save important files in /var to a backup location.
3. Reconfigure the swap partition (and /var).
4. Re-run the installation script.
Important: Do not typeY in response to this prompt before backing upimportant core and log files in /var. TypingY deletes the /var directory.
Issue 51295. The upgrade script issues error messages regarding invalid variable
names.
7/30/2019 Ns Release Notes
16/20
12 Citrix NetScaler 9.1 Classic, nCore, and VPX Beta Release Notes
You can configure an HTML Injection variable with an invalid name. If you do
this, no error message is generated at variable creation time. You will see an error
after upgrading if, for example, a filter action uses the variable with the invalid
name.
General Issues and WorkaroundsBug 61306. The NetScaler may crash if Selective Acknowledgement (SACK) is
enabled and the NetScaler experiences an out-of-memory condition.
Issue 61016. Chelsio 1Gb NICs do not advertise link parameters if the link speed
is set to 10 or 100 Mbps and duplex is FULL.
Workaround: Do one of the following:
Disable auto-negotiation of the link partner and set its link parameters to
10/100, Full Duplex.
Set the Netscaler port parameters to speed 10/100 duplex AUTO.
Set the Netscaler port parameters to speed AUTO duplex FULL.
Set the Netscaler port parameters to speed AUTO duplex AUTO.
Issue 61010. In the Monitoring application in the NetScaler GUI, the number of
SSL cards is incorrect in the System Overview page. Similarly, the stat ns command will show you incorrect number of SSL cards.
Workaround: View the number of SSL cards using the SSL monitoring page or
the stat ssl command.
Issue 57261. The st at cpu command may not display all CPUs.
On a multi-core NetScaler, this command typically displays information for eight
different cores. In this release, the information on CPU 0 (the management core)
does not appear, and the other CPUs may not be listed in numeric order.
Issue 54366.None of the nsapimgr- B commands is supported.
These commands are not supported. The following are examples of nsapimgr
commands:
nsapi mgr - B"cal l ns_pi _err or _show( 0x2) "
nsapi mgr - B"w l dns_use_RR 2"
Issue 54112. The same pages can be selected multiple times during memory
recovery, leading to failure of the memory recovery.
This issue typically occurs after a surge if there were long-lived connections or
object scattered across pages in the connection pool before the surge.
Issue 48907. NetScaler online help does not work in a Safari browser running on
Windows.
7/30/2019 Ns Release Notes
17/20
Known Issues and Workarounds 13
If you access a help topic from a configuration utility pane or dialog box, you
may receive a 404 (file not found) error. You may also be unable to access the
help Table of Contents. The work-around is to use another Windows-based
browser.
Traffic Management Issues and WorkaroundsThe following are issues in load balancing, link load balancing, content
switching, and service monitoring.
Issue 59391. For any configured load balancing method, if a load monitor is
bound to a service and if the monitor probes fail or the monitor threshold is
reached, the service is excluded from load balancing. If the probes fail for all the
services bound to the vserver, the vserver sends a 500 error response despite the
state of the services.
Issue 57309. When you add a service having an IPv6 address, the service remains
in the UP state even if you do not enable the USNIP mode. This is because the
concept of MIP IPv6 addresses does not exist in the NetScaler operating system,
and therefore, the NetScaler looks for SNIP IPv6 addresses irrespective of the
state of the USNIP mode.
Issue 56915: Link load balancing persistency is not working.
You cannot configure link load balancing persistency in this release.
Other Configuration Issues and WorkaroundsIssue 61331. If the certificate-key pair of a transparent service is updated, the
service is displayed as DOWN. To display the service as UP, unbind and re-bind
the monitor to the service.
Issue 61063. When using the configuration utility to create an SSL key or
certificate, a high availability master may cause a failover.
Workaround: Create the DH key by using the command-line interface.
Issue 60980. The default value for the useproxyport parameter is YES, which
enables the NetScaler to use the proxy port to connect to the server when use
source IP address (USIP) is enabled. To use the client port to connect to the server
when USIP is enabled, set the useproxyport parameter to NO.
Issue 60838. If a cipher or certificate-key pair on a vserver or a service of type
SSL is modified when the SSL traffic is flowing through the vserver or service,the NetScaler Packet Engine may fail because of memory corruption.
Issue 60173. The Open Shortest Path First (OSPF) Version 3 dynamic routing
protocol is not supported on the NetScaler nCore platform.
Issue 59735. The show cache obj ect l ocat or locator_idcommand does not display the object properties.
7/30/2019 Ns Release Notes
18/20
14 Citrix NetScaler 9.1 Classic, nCore, and VPX Beta Release Notes
Issue 56952. If multiple instances of a dynamic service exist on different packet
engines, and the sh service -a command is run at the NetScaler command prompt,
every instance of the dynamic service is displayed.
Issue 57309. IPv6 service remains in an UP state.
When you add a service of type IPv6, the service remains in an UP state even if
you do not enable USNIP mode. This is because the concept of MIP IPv6
addresses does not exist in NetScaler and therefore, the NetScaler looks for SNIP
IPv6 addresses irrespective of the state of the USNIP mode.
Issue 55682. Advertising full duplex from the Netscaler results in incorrect
duplex setting on the peer.
In a NetScaler topology, you can set a speed and a duplex mode, as in the
following example:
set i nt er f ace 1/ 4 - speed 10 - dupl ex f ul l - f l owcont r ol RXTX
However, if you configure the NetScaler to advertise a 10Mbps full-duplex mode
interface, a peer device that advertises 10Mbps auto-duplex mode may not
recognize and implement the correct duplex setting. The same problem can occur
when the Netscaler advertises 100Mbps. This issue has been seen on the
following platforms, which use Chelsio 1G cards:
NetScaler 15000: eight 1G interfaces
NetScaler 17000 (28G): eight 1G interfaces
Issue 55119. The CPU, Memory, Throughput, HTTP Requests, and System
Events statistics on the Monitoring tab are not present in this Beta release.
These options have been temporarily removed.
Issue 54839. Chelsio drivers do not automatically negotiate flow control
parameters.
Ordinarily, when there is congestion on the Ethernet between the NetScaler and a
peer device, flow control functionality stops packet transmission from the
NetScaler. However, with the interface cards used in the following NetScaler
models, you must manually activate flow control on the NetScaler and its peer
device:
NetScaler 12000: two 10G interfaces
NetScaler 15000: two 10G interfaces and eight 1G interface
NetScaler 17000 (28G): two 10G interfaces and eight 1G interfaces
NetScaler 17000 (40G): four 1G interfaces
The following command establishes flow control:
set i nt erf ace interface_name - f l owcont r ol OFF| RX| TX| RXTX
7/30/2019 Ns Release Notes
19/20
Known Issues and Workarounds 15
Issues and Workarounds Common to NetScaler 9.1
Classic and 9.1 nCoreIssue 60249. Binding a responder policy to a content switching vserver produces
a different result in NetScaler versions 9.0.x and later than in 8.x versions. In
NetScaler 9.0 and later versions, evaluation occurs as follows:
Content switching policies are evaluated before other policies. If a content
switching policy evaluates to TRUE, the target load balancing vserver is
selected and any responder policies that are bound to the target vserver are
evaluated.
If all content switching policies evaluate to FALSE, the default load
balancing vserver under the content switching VIP is selected, and
responder policies that are bound to the default load balancing vserver are
evaluated.
After a target load balancing vserver is selected by the content switching process,
responder policies are evaluated in the following order:
1. Responder policies that are bound to the global override bind point.
2. Responder policies that are bound to the default load balancing vserver.
3. Responder policies that are bound to the target content switching vserver.
4. Responder policies that are bound to the global default bind point.
To be sure that the policies are evaluated in the intended order, follow these
guidelines:
Make sure that the default load balancing vserver is not directly reachable
from the outside; for example, the vserver IP address can be 0.0.0.0.
To prevent exposing internal data on the load balancing default vserver,
configure a responder policy to respond with a 503 Service Unavailable
status and bind it to the default load balancing vserver.
The following is an example of a default load balancing vserver that is bound to a
content switching VIP named cs-vserver.
add l b vser ver " def aul t - l b- vser ver " HTTP 0. 0. 0. 0 0 - persi st enceTypeNONE - cl t Ti meout 180
bi nd l b vser ver " def aul t - l b- vser ver " svc1
bi nd cs vser ver " cs- vser ver " "def aul t - l b- vser ver "
The following is a responder policy that returns a 503 Service Unavailable
status message when there are no matching responder policies. This policy is
bound to the default load balancing vserver.
7/30/2019 Ns Release Notes
20/20
16 Citrix NetScaler 9.1 Classic, nCore, and VPX Beta Release Notes
add r esponder acti on "ser vi ce- unavai l abl e-act i on" r espondwi t hq{"HTTP/ 1. 1 503 Ser vi ce Unavai l abl e\ r \ nCont ent -
Lengt h: 62\ r \ nConnect i on: cl ose\ r \ n\ r \ nHt t p/ 1. 1Ser vi ce Unavai l abl e "}
add r esponder pol i cy "servi ce- unavai l abl e- pol i cy" " t r ue" " ser vi ce-unavai l abl e- act i on"
bi nd l b vser ver "def aul t - l b- vser ver " - pol i cyName "ser vi ce-unavai l abl e- pol i cy" - pri or i t y 1 - got oPri ori t yExpressi on END
Issues and Workarounds Common to NetScaler 9.1Classic and 9.1 VPX
Issue 61269. If the state of an HTTP monitor is UNKNOWN, the service is
displayed as DOWN.
Issue 61268. On a TCP content switching vserver, if you configure advanced
Content Switching policies, a st at cs vser ver vip command alwaysreturns 0 requests per second. HTTP-based content switching vservers are not
affected.
Issue 61337. In a load balancing setup for FTP traffic, if the use source IP address
(USIP) and the -useproxyport parameter are configured on a service with a port
range from 1025 through 1030, the NetScaler sends a Service Unavailable error
when the active FTP session is established.
Issue 61020. An SNMP multi varbind GET-NEXT REQUEST yields incomplete
response from the NetScaler.
Issue 60972. The NetScaler may fail when a large number of entities are
configured on a NetScaler 7000 platform.
Issue 60172. If a secure parameter value is configured as YES for the remote
procedure call (RPC) nodes of the GSLB sites, and GSLB synchronization is
initiated on the GSLB sites involved in the configuration, the synchronization
fails with an error.
Issues and Workarounds in NetScaler 9.1 VPXIssue(no number). The Documentation tab in the configuration utility lists
several Quick Start guides that describe the hardware version of the NetScaler.These guides are not applicable to the NetScaler VPX.