testwebsite

------------------------------------------------------------------

Creating Test environment

https://blog.norz.at/creating-a-citrix-netscaler-test-environment/

Being a Citrix Certified Instructor I am very much aware of the Red/Green/Blue website used during official Citrix NetScaler training (CNS-220, CNS-222). I created my own test website. I usually use it during product demonstrations to present anything from basic load balancing to web application firewall.

I am also aware about problems with the original Citrix labs: They sometimes seem to not load balance. Actually they do, but, because this page is compromised of several files, it may appear to show the same colour all the time. I wanted to avoid this, so my pages don’t use external style-sheets, scripts and images, instead I added everything into the HTML file (you may include images using base 64 encoding).

You may download my test website from here. I will update my page every now and then. You can download it as often as you like. The download will ask you for your name. I promise not to abuse it, instead I’ll just count the numbers of downloads.

Requirements and prerequisites

Windows

My environment is made of a single Windows server (I tested using 2012R2 Server) and a NetScaler VPX. You may very well use some entry level virtualization solution like VMWare workstation or Hyper-V on your laptop computer, but professional environment like Xen-Server, KVM and simmilar may also be used of course.

My download does not include the machines, but the website only. There is no license included, however you may request a demo license using your Citrix account)

Linux

I also provide files for Linux, requiring PHP. I tested using CentOS 7.4.1708. You may set up an apache, install php, add multiple IPs and configure apache to use several virtual instances. It should be easy. I currently don’t provide WAF-test files for Linux.

Installation procedure

Import a Citrix NetScaler VPX into your virtualization solution. (www.citrix.com -> downloads -> NetScaler ADC -> Reliese xxx -> Virtual Appliances).

Install a Windows Server (I tested using 2012R2, but I guess it will work with any version from 2008). This server should have 4 GB RAM as a minimum

IP addressing

I used 192.168.0.100 as a NSIP, 192.168.0.110 as a SNIP, 192.168.200 ff for virtual servers

Windows machine used 192.168.0.20 to 24

Windows set up (sorry, no description for linux setup, basically it’s very easy)

Roles and features

After setting up this windows machine you have to set up IIS. Start Server Manager (if it’s not already started) and click “add roles and features”. Click Next 3 times.

Select Active Directory Certificate authority,  Web Server IIS and DNS. If asked select following roll- services:

  • .NET Extensibility 4.5
  • ISAPI Extensions
  • ISAPI Filters
  • .NET Extensibility 3.5
  • Certificate Authority
  • Certificate enrolment web service

Setingt up the Certificate Authority:

  • stand alone CA
  • root CA
  • create a new key
  • SHA 256 (or highter)
  • confirm all the rest of the questions

IP configuration

select your network adapter. Change IP address. Set 192.168.0.20 255.255.255.0 as an IP address (you may use any other address range you like, but I use 192.168.0.x in my example). DNS should be 127.0.0.1, gateway depending on your settings.

Click advanced. add 4 more IP addresses (192.168.0.21 to 192.168.0.24).

IIS settings

Copy my files into c:\inetpub directory.

Open Internet Information Server Management.

Open your server and select sites. Right click your server and select add website. Create 4 virtual websites:

Sitename: Sitie1 (2,3,4)
Site path: C:\inetpub\wwwroot1 (2,3,4)
type: http
IP address: 192.168.0.21 (22,23,24)
hostname: (empty)

ASPx is just needed for the Citrix NetScaler Web Application Firewall test page. Check, if ASPX works correctly surfing to http://192.168.0.24/Allow.aspx. If it does not: follow this Microsoft instructions.

additional software

If you want to use this machina as a workstation as well install Google’s chrome Browser and Mozilla FireFox. Alternatively you may create a dedicated work station or use your desktop work station.

You’ll very likely need the SSH terminal putty, the secure copy tool WinSCP and the network monitor WireShark. They can be considered to be the tools used by a NetScaler admin during his daily work.

Labs:

Prerequisites

in DNS manager create a new Forward lookup zone called test.lab.

Create hosts:

  • colours.training.lab 192.168.0.200
  • cs-test.training.lab 192.168.0.201
  • aaa.training.lab 192.168.0.202

1st lab: create a load balancing vServer

Server:

  • srv_red -> 192.168.0.21
  • srv_green -> 192.168.0.22
  • srv_blue -> 192.168.0.23

Services:

  • svc_red (HTTP/80)
  • svc_green (HTTP/89)
  • svc_blue (HTTP/80)

Loadbalancing vServer

  • lb_vsrv_colors (192.168.0.200/HTTP/80)

additional labs:

  • add persistence (source IP, cookie based, …)
  • disable services and see what hapens (re-enable these)
  • unbind red service, create an additional loadbalancing vServer (non addressable), called lb_vsrv_red. Set this one in protection as a backup virtual server. Disable service blue and green. Which status does lb_vsrv_colors have now? Does it work? Why? rebind red service.

2nd lab: certificates

  • use the wizard to create a key and a CSR (hostname *.training.lab). Surf to 192.168.0.20/certsrv. Request a certificate. download this certiticate as BASE 64. Install it into NetScaler
  • create a lb vServer lb_vsrv_colors_secure (192.168.0.200/SSL/443). Bind the 3 services and your newly created certificate. Surf to https://colours.training.lab

3rd lab: content switching

  • create a new content switching vServer cs_vsrv_browser 192.168.0.201/HTTP/80
  • create two new cs-policies
    • HTTP.REQ.HEADER(“User-Agent”).CONTAINS(“Trident”)
    • HTTP.REQ.HEADER(“User-Agent”).CONTAINS(“Chrome”)
  • bind these policies to cs_vsrv_browser. The Trident policy should invoke the red, the Chrome policy the blue server. Surf to cs-test.training.lab using an MS- Internetexplorer, a Google Chrome and a FireFox.

4th lab: responding

  • create a responder policy to forward users from http://colors.training.lab/ to https://colors.training.lab/ and bind it to lb_vsrv_colours
  • create a responder policy forwarding users from https://colors.training.lab/ to https://colors.training.lab/home.htm
  • unbind the responder policy from lb_vsrv_colours

5th lab: rewriting

    • create a rewriting policy rewriting requests for http://colors.training.lab into http://colors.training.lab/home.htm and bind it to lb_vsrv_colours
    • remove server header from HTTP-response and bind it to lb_vsrv_colours
    • add a server header into http response stating your server to be an Apache and bind it to lb_vsrv_colours

===================== End

testwebsite的更多相关文章

  1. 【桌面程序搞界面再也不怕了】:迅雷BOLT入门(一)开篇 附程序和源码

    本来想多蛤一下前因后果,突然意兴阑珊不想多说啦,直接帖效果吧. 这个是用迅雷BOLT把原来写的一个IE拦截器的界面重写了一下.界面效果是直接从单位的大屏系统改过来的,其中文本框部分,还请设计大屏的小姑 ...

  2. NET环境下的未处理异常(unhandled exception)的解决方案

    NET环境下的未处理异常(unhandled exception )的解决方案 .Net 框架提供了非常强大的异常处理机制,同时对一些非托管代码很难控制的系统问题比如指针越界,内存泄漏等提供了很好的解 ...

  3. 使用C#WebClient类访问(上传/下载/删除/列出文件目录)由IIS搭建的http文件服务器

    前言 为什么要写这边博文呢?其实,就是使用C#WebClient类访问由IIS搭建的http文件服务器的问题花了我足足两天的时间,因此,有必要写下自己所学到的,同时,也能让广大的博友学习学习一下. 本 ...

  4. IIS6.0部署asp.net网站步骤图解

    IIS 发布步骤 1, 程序->运行->输入inetmgr,打开IIS管理器; 2, 展开左侧树形目录->右击“网站”->新建->网站,打开网站创建向导; 3, 点击“下 ...

  5. IIS搭建的http文件服务器

    使用C#WebClient类访问(上传/下载/删除/列出文件目录)由IIS搭建的http文件服务器 前言 为什么要写这边博文呢?其实,就是使用C#WebClient类访问由IIS搭建的http文件服务 ...

  6. ASP.NET 程序发布详细过程

    前言 ASP.NET网站的发布,无论是初学者还是高手,在程序的发布过程中或多或少会存在一些问题,譬如VS发布ASP.NET程序失败.IIS安装失败.IIS发布失败.局域网内不能访问 配置文件错误.权限 ...

  7. 转:创建编码的WebTest

    创建编码的WebTest•通常,通过将现有的已记录Web测试转换为编码的Web测试来创建编码的Web测试.记录的Web测试以“Web测试编辑器”中可见的请求树开头.编码的Web测试是一个生成一系列We ...

  8. 转:Web 测试的创作与调试技术

    摘要:学习有关 Visual Studio 2005 Web 测试的更多知识,包括 Web 测试引擎和记录器如何工作,以及如何创建有效的 Web 测试. 本页内容 读者 简介 记录一个 Web 测试  ...

  9. CentOS安装和配置FTP

    1.安装vsftpd #安装vsftpd yum install -y vsftpd #设置开机启动 systemctl enable vsftpd.service # 重启 service vsft ...

随机推荐

  1. Docs-.NET-C#-指南-语言参考-预处理器指令:#line(C# 参考)

    ylbtech-Docs-.NET-C#-指南-语言参考-预处理器指令:#line(C# 参考) 1.返回顶部 1. #line(C# 参考) 2015/07/20 借助 #line,可修改编译器的行 ...

  2. Angular 中的 dom 操作(ViewChild)以及父子组件中通过 ViewChild 调用子组件的方法

    <app-header #header></app-header> <div #myBox> 我是一个dom节点 </div> <button ( ...

  3. 阶段5 3.微服务项目【学成在线】_day09 课程预览 Eureka Feign_13-课程预览功能开发-CMS页面预览接口测试

    5.2 CMS页面预览测试 CMS已经提供了页面预览功能,课程预览功能要使用CMS页面预览接口实现,下边通过cms页面预览接口测试课 程预览的效果. 1.向cms_page表插入一条页面记录或者从cm ...

  4. topcoder srm 633 div1

    problem1 link 如果两个循环之内可以跳完,那么我们只要让这些步数之内的数字组成两个数字$p,q,p\leq q$,使得$p,q,x$组成三角形即可($p+q\geq x,p+x\geq q ...

  5. Ubuntu-18.04更改安装源为国内源

    环境查看 修改源文件 /etc/apt/sources.list 备份配置文件后把文件内容替换如下 deb http://mirrors.aliyun.com/ubuntu/ bionic main ...

  6. 欧姆龙_NX1P_PLC功能模块_限定安全作业空间

    程序  和说明 以及流程图 已上传到百度云盘 https://pan.baidu.com/s/1kYF11pQHJ4VxyaXr8E_gAA 主要是用来向量的叉乘  判断俩向量正向夹角

  7. 【VS开发】fatal error C1853: "Debug\sift.pch"预编译头文件来自编译器的早期版本

    fatal error C1853: "Debug\sift.pch"预编译头文件来自编译器的早期版本 <pre id="best-content-12991040 ...

  8. mysql无法压缩存储表情

    原文链接:https://www.cnblogs.com/SimonHu1993/p/7573868.html mysql无法压缩存储表情compress(str),就选择过滤把emoji表情符号替换 ...

  9. IIC挂死问题解决过程

    0.环境:arm CPU 带有IIC控制器作为slave端,带有调试串口. 1.bug表现:IIC slave 在系统启动后概率挂死,导致master无法detect到slave. 猜测1:认为IIC ...

  10. Python 用hashlib求中文字符串的MD5值 (转自 haungrui的专栏)

    使用过hashlib库的朋友想必都遇到过以下的错误吧:“Unicode-objects must be encoded before hashing”,意思是在进行md5哈希运算前,需要对数据进行编码 ...