-
DNS Cache Poisoning Attack
Cache is a critical component of the overall DNS infrastructure. Various components in the hierarchy of DNS maintain their own cache to avoid reaching out to the other servers all the time. Once a nameserver receives a response, it stores in its cache for some time (TTL) so that further queries for the matching domain are served from the cache. Not only it reduces the ...
-
DNS: Attacks on the heart on internet
Just as the heart pumps the blood in every part of the body, Domain Name System (DNS) ensures that packets reach their correct destination. Analogy may not be perfect but criticality of DNS for internet is no less than that of heart for the body. DNS serves billions of queries every day and make internet work by connecting requesting clients to hosting servers. There are multiple ...
-
NetScaler GSLB: Parent-Child Sites
The concept of sites is central to NetScaler GSLB implementations. Unless otherwise specified, sites form a peering relationship among themselves. This peering relationship is used to exchange health information and then used to distribute load based on the selected algorithm. There are many situations in which the peering relationship is not desirable among all GSLB sites primarily because of hierarchical nature of design. Reasons for ...
-
NetScaler HA: Managing Tagged versus Untagged Traffic
Thanks to Muthukumar Shunmugiah for helping put together this blog. We often get queries on managing the HA traffic between the paired appliances and at times it can be confusing. This blog covers some key points that should help in HA deployments of varied kinds. To understand the reasons of HA failover please check the following link http://edocssand.citrix.com/proddocs/topic/ns-system-10-map/ns-nw-ha-undrstndg-causes-failover-con.html Only NSIP is used to send the HA traffic UDP ports 3003 ...
-
Passing information to backend HTTP servers in IPv6-IPv4 mixed mode Load Balancing
Consider this scenario – You expose your web services to IPv6 clients using an IPv6 VIP (Virtual IP) on NetScaler. In the backend your servers are a mix of IPv4 and IPv6 hosts serving the same content to the end users. NetScaler allows you to bind mix of IPv6 and IPv4 servers to the same virtual server. When the request arrives at NetScaler, it decides ...
-
NetScaler 10: A complete IPv6 powerhouse
As organizations move towards IPv6, driven by commercial interests or mandated by governments, they need a solution that will ease the migration while keeping the costs low and maintenance easy. For most of the organizations move towards IPv6 can begin at the internet edge for making applications available to customers, partners, remote employees etc. over IPv6. Data centers need to be enabled for mixed IPv6 ...
-
NetScaler 10: What’s New in Security
NetScaler 10 has already created a lot of buzz thanks to some amazing capabilities – TriScale, Action Analytics, DataStream Enhancements and more – that have been introduced. And indeed our marketing team has done a fantastic job of creating the buzz using multitude of mediums. Beyond the entire buzz, there are plenty of features that usually go unnoticed but are very much part of the ...
-
NetScaler 10: What’s New in Networking
Networking is one of the foundational elements on which advanced capabilities of new age ADCs are built. To be able to deploy ADCs in a variety of scenarios with varied L2/L3 devices, it is important to have standards based implementation with configuration options to fine tune for specific scenarios. Many new trends – like evolution of IPv6, new developments in Data Center technologies etc. – ...
-
Deliver Your Existing Applications to IPv6 Clients
Delivering applications to IPv6 clients is no more an option – it’s a necessity. So what is the least disruptive way to ensure that you deliver your applications running on your internal IPv4 network to your customers, partners and remote employees connected via IPv6. That’s where comes a device like NetScaler with its capabilities to seamlessly connect IPv4 and IPv6 with each other on ...
-
DS-Lite – IPv4 over IPv6 and NAT
In IPv6 blog series we have covered transition technologies NAT64 – that allows IPv6 hosts to communicate with resources on IPv4 network and 6rd – that allows IPv6 traffic to be tunneled over IPv4 network. When service providers want to migrate their core network to IPv6, they need to ensure that existing IPv4 users continue to get access to IPv4 internet as before. This is ...