How To: NetScaler 10.1 Deployment Part 3: Load Balancing Cont’d.

Continuing from my 2nd of this 5 part my last post  I showed how to load balance your DNS and LDAP. Along that same line we will now load balance a XenApp farm’s XML brokers and StoreFront servers. If you have web interface, I’ll call out where you would do that also but I won’t detail it with screen shots as StoreFront is the de facto standard moving forward now. You can also load balance XenDesktop using a wizard almost identical to the XenApp one and I will call it out also but will not be diving into it with screen shots as they would just be redundant.

As a prerequisite, almost all StoreFront deployments utilize SSL internally (and externally) so the StoreFront servers would be loaded with a certificate. That certificate would need to be exported and then imported into the NetScaler along with its intermediate and root and properly linked. That is beyond the scope of this post but there is a great walkthrough HERE on how to do it.

If you would like to read the other parts in this article series please go to:

Load Balancing XenApp/XenDesktop XML

Step 1:  Navigate to Traffic Management -> Load Balancing. Click. “Load Balancing Wizard for Citrix XenApp”.

Note: XenDesktop load balancing follows these steps almost identically when you use the XenDesktop Load Balancing wizard.


Step 2. Click Next.


Step 3. We are going to select “Skip” here. However, if you had Web Interface servers instead of StoreFront this is where you would go ahead and enter an IP for a load balancing virtual server on the NetScaler, generally you would set the protocol to HTTP and port 80, and finally enter you Web Interface Servers and ports (again, usually 80). To validate availability you can even provide credentials and the site path from WI. Again..StoreFront users, hit Skip here.


Step 4. Enter an available IP to use as your load balancing virtual server, the XML port of your farm, protocol to TCP, and finally enter in the XenApp XML broker IP’s and XML port and click Add. I also leverage a XML health app to insure application enumeration is happening..usually this is notepad.exe and is published as “XML_Monitor”. Click Next.


Step 5. Click “Finish”


Step 6. You should receive verification of all your IP’s and settings and their states. You can click “Exit”.


Step 7. Congratulations! You should now have a load balanced virtual server for your XenApp XML as shown here. You would place this in any list of XML brokers as the first entry to load balance the XML queries across all the brokers. In Web Interface and StoreFront you would place the LBVIP for XML first in the list for your controllers for example.


Load Balancing StoreFront

Step 1. Navigate to Traffic Management -> Load Balancing -> Servers. Click “Add”.


Step 2. Enter in your StoreFront server name, IP, and click “Create” then “Close”. Do this for each StoreFront server.

SNAG 0017

Step 3. Navigate to Traffic Management -> Load Balancing -> Monitors. Click “Add”. (note:NS 10.1 Finally has a StoreFront monitor!)


Step 4. Enter in a name for the monitor, type to “STOREFRONT”. Click the “Special Parameters” Tab.

SNAG 0020

Step 5. Enter in the StoreFront server FQDN under “Host Name” and your Store name. Check “Storefront Account Service”. Click “Create” then “Close”. Repeat for every StoreFront server. (**NOTE: If using StoreFront 2.0, uncheck the “StoreFront Account Service” checkbox or the monitor wont function)

SNAG 0019

Step 6. Navigate to Traffic Management -> Load Balancing -> Services. Click “Add”.


Step 7. Enter a service name, under “Server” drop down select your StoreFront server. I am assuming you are using SSL on StoreFront so port is 443 and Protocol is SSL. Add the monitor to the right hand side that corresponds to the server you selected at the top from the “Server” drop down. Click the “Advanced Tab”


Step 8. Check “Override Global” next to Settings. Check “Client IP” and enter a header of “X-Forwarded-For”. Click Create, Click Close. Repeat for every StoreFront server.


Step 9. Navigate to Traffic Manager -> Load Balancing -> Virtual Servers. Click “Add”. Enter in a name for your vServer, an IP, Protocol of SSL, port 443, and you should see your services you created prior listed here. Check all of them that correspond to StoreFront. Finally, click “Method and Persistence” tab.

SNAG 0029

Step 10. Set LB Method to Least Connection, Persistance to SOURCEIP, Time-out 20, ipv4 net mask Click the “SSL Settings” Tab.

SNAG 0030

Step 11. At this point we would add your SSL certificate that is also loaded on the StoreFront server(s). You would then click “Create” then “Close.”

SNAG 0031

Congratulations! You now have a load balanced StoreFront deployment…well, almost. You need to create a DNS A record internally that points to your StoreFront load balancing vServer (in these screenshots the IP is You would not want this to be resolvable outside the network for beaconing purposes. From then on, you point Citrix Receiver to the DNS name and the NetScaler will take care of load balancing it.

Stay the next part we will cover Access Gateway Enterprise Edition deployment to grant secure external access to your apps and desktops!

If you would like to read the other parts in this article series please go to:


8 thoughts on “How To: NetScaler 10.1 Deployment Part 3: Load Balancing Cont’d.

  1. Thanks a Lot .

    One question comes to my mind .

    When importing Storefront certs to Netscaler , Do we create one new cert with the new virtual server name created on NS ( that we also created A record ) or use the cert that is already created for storefront before load balancing ?


    • Use the same certificate from the StoreFront servers. I always export it from the Certificates MMC with private keys and import it into the NS. That StoreFront certificate, if don’t correctly, has the load balanced name on it because no one will ever be contacting the StoreFront servers individually.
      Hope this helps!

  2. I noticed you used a XML_Monitor app. What users are granted access for this to work? I’ve published Notepad and trying to get this setup working, but the monitor continuously fails.

    • Josh,
      I use a custom monitor of type CITRIX-XML-SERVICE with the Application Name defined under Special Param’s. Then bind that monitor to a service group with the XML brokers added as members and the proper XML ports defined on the configured members in the service group.
      As long as the app is published to an account you should be fine, I use a service account so it doesn’t show up for all my users and it is Notepad (although named XML_Monitor).
      Check all that and let me know.

  3. My spouse and I absolutely love your blog and find nearly all of your post’s to be just what
    I’m looking for. Do you offer guest writers to write content available for you?
    I wouldn’t mind publishing a post or elaborating on a few of the subjects you write about here.

    Again, awesome website!

  4. Hi admin, i must say you have high quality content here. Your page should go viral.
    You need initial traffic boost only. How to get it?
    Search for: Mertiso’s tips go viral

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s