How Do I Load Balance FTPS Servers on a NetScaler ADC

book

Article ID: CTX228088

calendar_today

Updated On:

Description

This article describes how to load balance FTPS servers on a NetScaler ADC.

Instructions

Step 1: Configure FTPS Server Parameters

IP masquerading to NetScaler VIP is needed when server sends response to clients so that the clients send the request or data connection on the correct IP address.

Configure FTPS server parameters as follow:

pasv_address=10.105.158.13 (this should be NetScaler VIP)
pasv_min_port=2000 (this port range shall be defined in listen policy on NetScaler vserver in step 3)
pasv_max_port=2010

Step 2: Add Wildcard Port ANY Type Service

Add service with FTPS server IP and * port. Ping-default monitor will get bound to the service which is appropriate for this configuration.

For CLI:
1. At the command prompt, type: add service ftps_service1 10.102.216.30 ANY *

For GUI:
1. In the NetScaler GUI, go to Configuration > Traffic Management > Load Balancing > Services > Add, to a new Service.
2. Complete the settings as shown in the following screen shot:

User-added image

Repeat this step for all the FTPS services to be added.

Step 3: Add Wildcard Port ANY Type Virtual Server

Add virtual server which listens on all ports and set listen policy with destination port numbers as per requirement. Set persistence and load balancing method as per requirement. Bind the service(s) to the virtual server.

For CLI:
1. At the command prompt, type:
2. add lb vserver ftps_vserver ANY 10.105.158.13 * -persistenceType SOURCEIP -Listenpolicy "CLIENT.TCP.DSTPORT.BETWEEN(2000,2010)" -Listenpriority 1
3. bind lb vserver ftps_vserver ftps_service1

For GUI:
1. In the NetScaler GUI, go to Configuration > Traffic Management > Load Balancing > Virtual Servers > Add, to add a virtual server.
2. Click More to open advanced options to add Listen Policy.

User-added image

Note: Ensure to have a single SNIP configured for the vserver because controller and data connections should go to the same FTPS server and should have the same source address. Either configure a single SNIP across NetScaler or set Net Profile on virtual server to use one SNIP for the virtual server.

Issue/Introduction

This article describes how to load balance FTPS servers on a NetScaler ADC.

Additional Information

For more information on FTP see https://en.wikipedia.org/wiki/File_Transfer_Protocol#Protocol_overview
NetScaler supports native FTP load balancing along with FTP monitors in both active and passive modes. See Product Documentation (netscaler.com)

Was this article helpful?

thumb_up Yes

thumb_down No

Welcome to "KB Articles"