Product Documentation

Configuring in a NetScaler Partition

Mar 30, 2016

Accessing a partitioned NetScaler is the same as accessing a non-partitioned NetScaler: through the NetScaler IP (NSIP) address or any other management IP address. As a user, after you provide your valid logon credentials, you are taken to the partition to which you are bound. Any configurations that you create are saved to that partition. If you are associated with more than one partition, you are taken to the first partition with which you were associated. If you want to configure entities on one of your other partitions, you must explicitly switch to that partition.

After accessing the appropriate partition, configurations that you perform are saved to that partition and are specific to that partition.

注意

  • NetScaler superusers and other non-partition users are taken to the default partition.
  • Users of all the 512 partitions can log in simultaneously.

提示

To access a partitioned NetScaler appliance over HTTPS by using the SNIP (with management access enabled), make sure that each partition has the certificate of its partition administrator. Within the partition, the partition admin must do the following:

  1. Add the certificate to the NetScaler.
    add ssl certKey ns-server-certificate -cert ns-server.cert -key ns-server.key

  2. Bind it to a service named "nskrpcs-<SNIP>-3009", where <SNIP> must be replaced with the SNIP address, in this case 100.10.10.1.
    bind ssl service nskrpcs-100.10.10.1-3009 -certkeyName ns-server-certificate

To configure in a NetScaler partition by using the command line interface

  1. Log on to the NetScaler appliance.

  2. Check if you are in the correct partition. The command prompt displays the name of the currently selected partition.

    • If yes, skip to the next step.

    • If no, get a list of the partitions with which you are associated and switch over to the appropriate partition.

      • show system user <username>
      • switch ns partition <partitionName>
         
  3. Now, you can perform the required configurations just as a non-partitioned NetScaler.

To configure in a NetScaler partition by using the configuration utility

  1. Log on to the NetScaler appliance.

  2. Check if you are in the correct partition. The top bar of the graphical user interface displays the name of the currently selected partition.

    • If yes, skip to the next step.

    • If no, navigate to Configuration > System > Administrative Partitions > Partitions, right-click the partition to which you want to switch, and select Switch.
       
  3. Now, you can perform the required configurations just as a non-partitioned NetScaler.

Configuring an LACP Ethernet Channel on the Default Admin Partition

With Link Aggregation Control Protocol (LACP), you can combine multiple ports into a single, high-speed link (also called a channel). An LACP-enabled appliance exchanges LACP Data Units (LACPDU) over the channel.

There are three LACP configuration modes that you can enable in the default partition of a NetScaler appliance:

  1. Active. A port in active mode sends LACPDUs. Link aggregation is formed if the other end of the Ethernet link is in the LACP active or passive mode.
  2. Passive. A port in passive mode sends LACPDUs only when it receives LACPDUs. The link aggregation is formed if the other end of the Ethernet link is in the LACP active mode.
  3. Disable. Link aggregation is not formed.

Note: By default, the link aggregation is disabled in the default partition of the appliance.

LACP exchanges LACPDU between devices connected by an Ethernet link. These devices are typically referred as an actor or partner.

A LACPDU data unit contains the following parameters:

  • LACP Mode. Active, passive or disable.
  • LACP timeout. The waiting period before timing out the partner or actor. Possible values: Long and Short. Default: Long.
  • Port Key.  To distinguish between the different channel.  When key is 1, LA/1 is created. When key is 2, LA/2 is created. Possible values: Integer from 1 through 8. 4 through 8 is for cluster CLAG.
  • Port Priority. Minimum value: 1. Maximum value: 65535. Default: 32768.
  • System Priority. Uses this priority along with system MAC to form the system ID to uniquely identify the system during LACP negotiation with the partner. Sets system priority from 1 and 65535. The default value is set to 32768.
  • Interface. Supports 8 interfaces per channel on NetScaler 10.1 appliance and supports 16 interfaces per channel on NetScaler 10.5 and 11.0 appliances.

After exchanging LACPDUs, the actor and partner negotiate the settings and decide whether to add the ports to the aggregation.

Configuring and Verifying LACP on a NetScaler appliance by using the command line interface

To configure and verify LACP on a NetScaler appliance by using the command line

1. Enable LACP on each interface.

At the command prompt, type:

set interface <Interface_ID> -lacpMode PASSIVE -lacpKey 1

When you enable LACP on an interface, the channels are dynamically created. Additionally, when you enable LACP on an interface and set lacpKey to 1, the interface is automatically bound to channel LA/1.

Note: When you bind an interface to a channel, the channel parameters take precedence over the interface parameters, so the interface parameters are ignored. If a channel was created dynamically by LACP, you cannot perform add, bind, unbind, or remove operations on the channel. A channel dynamically created by LACP is automatically deleted when you disable LACP on all interfaces of the channel.

 2. Set the system priority.

At the command prompt, type:

set lacp -sysPriority <Positive_Integer>

3.  Verify that LACP is working as expected.

show interface <Interface_ID>

show channel

show LACP

Note: In some versions of Cisco IOS, running the switchport trunk native vlan <VLAN_ID> command causes the Cisco switch to tag LACP PDUs. This causes the LACP channel between the Cisco switch and the NetScaler appliance to fail. However, this issue does not affect the static link aggregation channels configured in the above procedure.