Since the dawn of man (ok maybe not that long) we have fought to load balance TFTP across Citrix Provisioning Servers. In the past you had to use Direct Server Return (DSR), local loopback adapters on PVS, and any other of a myriad of solutions..or worse yet, no solution at all. (Read THIS, THIS and THIS to relive the old ways) After reading all that you’ll see why BDM is such a popular option. Well, folks, the future is finally here to some degree and while NetScaler 10.1 might not be everyone’s knight in shining armor it does FINALLY simplify TFTP Load Balancing. How do we know it does this amazing feat? By this obscure reference in the 10.1 release notes of course!
Issue ID 0250958: The NetScaler appliance now supports communication between a client and a Trivial File Transfer Protocol (TFTP) server.
TFTP is a simple form of file transfer protocol and is based on the UDP protocol. TFTP does not provide any security features and is generally used for automated transfer of configuration and boot files between devices in a private network. TFTP support on the NetScaler appliance is compliant with RFC 1350. A server listens on port 69 for any TFTP request.The following features are supported:
- Load balancing of TFTP servers—The NetScaler appliance can now load balance TFTP servers.
- INAT processing compliant to TFTP—When a request packet, with port 69 as the destination, received by the NetScaler appliance matches an INAT rule with TFTP option enabled, the appliance processes the request and the corresponding response as compliant with the TFTP protocol.
- RNAT processing compliant to TFTP—When a request packet generated by a server is destined to a TFTP server, and the packet matches an RNAT rule on the NetScaler appliance, the appliance’s processing of the request and the corresponding response from the TFTP server is compliant with the TFTP protocol.
So lets discuss why you usually need to load balance TFTP: You have Citrix Provisioning Servers and you’re using DHCP options 66/67 to provide the TFTP Server and boot file name for download to your clients. Because you built your Citrix environment the right way, you have redundancy all the way down the wire..one problem though, Windows DHCP option 66 only takes a single IP. Sure you can round robin or something but the best solution is to truly load balance with a solution that monitors the ARDBP32.bin file is actually there and TFTP is responding. Even PXE booting doesn’t give you that because theres no intelligence or monitoring behind it, only a blind server response but no logic if TFTP is up or correctly responding. Daniel Feller wrote a good blog article about some misconceptions around bootstrap delivery HERE..I encourage you to read it.
NetScaler and DHCP 66/67 can meet our requirements though, and now it can meet them fairly easily.
So lets get to it..by the end of this “How To” you will see how to load balance and monitor a TFTP server (PVS in my case), utilizing DHCP option 66/67 and providing to our XenDesktops or other PVS streamed clients a highly available, intelligently monitored and load balanced TFTP lbvip.
NOTE* I have only tested this in a single arm deployment. Also, shout out to my colleague Jarian Gibson (@JarianGibson/jariangibson.com) for helping find the one obscure Synergy lab guide that even talks about this functionality.
Step 1. Go to your NetScaler and login to the “NetScaler ADC” deployment type.
Step 2. Navigate to Traffic Management->Load Balancing->Servers. Click “Add”.
Step 3. Enter in your PVS Server name, IP Address, then click “Create”. Repeat for all your PVS Servers.
Step 4. Navigate to Traffic Management->Load Balancing->Monitors. Click “Add”.
Step 5. Enter in a monitor name, type “USER”, and verify Intveral and Response Time-out are set to 5 and 2 respectively. Click the “Special Parameters” tab.
Step 6. Click “Browse” and select the nstftp.pl file. Leave all other settings alone. Click “Create” then “Close”.
Step 7. Navigate to Traffic Management->Services. Click “Add”
Step 8. Enter a service name, select your PVS server, set “Protocol” to “TFTP”. Find your TFTP monitor and add it to the right-hand pane. Click “Create” then “Close”. Repeat for each PVS server.
Step 9. Navigate to Traffic Management->Virtual Servers. Click “Add”.
Step 10. Enter in a Name, an IP for the LBVIP, select Protocol “TFTP”. In the “Services” tab select all your services you just created. Leave everything else as is, no persistence is required, the requests will stick and be load balanced by least connection.
Step 11. Go to your DHCP server (in this case, DHCP is on my PVS server) and configure option 66 with the NetScaler TFTP LBVIP. Also of course configure option 67..duh.
Step 12. Boot your target device. I won’t go into all that PVS config stuff..I’m going to assume if know what TFTP is in relation to PVS then you already know how to get to this point.
Congratulations!! You have successfully load balanced TFTP with NetScaler 10.1. WASN’T THAT EASY?!?!?!
Hope this helped, please comment and share!