By default, for configurations with USIP option disabled or with USIP and use proxy port options enabled, the NetScaler appliance communicates to the servers from a random source port (greater than 1024).
The NetScaler supports using a source port from a specified port range for communicating to the servers. One of the use case of this feature is for servers that are configured to identify received traffic belonging to a specific set on the basis of source port for logging and monitoring purposes. For example, identifying internal and external traffic for logging purpose.
Configuring the NetScaler appliance to use a source port from a port range for communicating to the servers consists of the following tasks:
- Create a net profile and set the source port range parameter. A source port range parameter specifies one or more port ranges. The NetScaler randomly selects one of the free ports from the specified port ranges and used it as the source port for each connection to servers.
- Bind the net profile to load balancing virtual servers, services, or service groups: A net profile with source port range setting can be bound to a virtual server, service, or a service group of a load balancing configuration. For a connection to a virtual server, the NetScaler randomly selects one of the free ports from the specified port ranges of a net profile and use this port as the source port for connecting to one of the bound server.
To specify a source port range or ranges by using the NetScaler command line
At the command prompt, type:
- bind netProfile <name> (-srcPortRange <int[-int]> ...)
- show netprofile <name>
To specify a source port range or ranges by using the configuration utility
- Navigate to System > Network > Net Profiles.
- Set the Source Port Range parameter while adding or modifying NetProfiles.