My deployment server sits behind a load balancer. What I have noticed is that on the DS under Forwarder Management (Clients tab), all my UFs phoning home now appear with the same IP address (they have unique client names, host name, instance name).
Is there a macro or something on the back end that I can update to display the true IP address of each system phoning home? The true source IP is showing in in metrics.log so I'd like to modify the existing SPL to use the IP from metrics rather than wherever it's getting it from.
To configure NetScaler to pass the source IP, you'll need to enable the Use Source IP (USIP) mode. Here are the steps to do this:
Log in to NetScaler: Open your NetScaler management interface.
Navigate to Load Balancing: Go to Traffic Management > Load Balancing > Services.
Open a Service: Select the service you want to configure.
Enable USIP Mode: In the Advanced Settings, find the Service Settings section and select Use Source IP Address.
This will ensure that NetScaler uses the client's IP address for communication with the backend servers.
Would you like more detailed instructions or help with another aspect of your setup?
Hello, I know this was a while ago but were you able to find a solution for this issue?
 
		
		
		
		
		
	
			
		
		
			
					
		Hi
I suppose that your LB has configured so that all client connections has masked to its internal IP. You should as your network staff to fix it. The fix is dependent on what LB you are using.
r. Ismo
Hi @isoutamo ,
Thanks for your reply. The IP showing for all clients is the deployment server IP. Do you have any idea what could be the issue?
 
					
				
		
 
		
		
		
		
		
	
			
		
		
			
					
		Hi @daniaabujuma ,
as @isoutamo said, you have to configure your Load Balancer in transparent mode to use the source IP.
Only one question: why are you using a Load Balancer for the Deployment Server?
You don't need to duplicate it because it isn't a Single Point of Failure and your infrastructure work also without it, so why it?
it's a unuseful component that add issues to your architecture.
Ciao.
Giuseppe
We have upwards of 250k forwarders in one of our environments and various levels of DNS caching that make it very difficult for a forwarder to request a deployment server IP from a DNS name and maintain the connection consistently in order for it to get appropriate apps downloaded. I have seen where a system will request an IP from a DNS name, make an initial connection to a deployment server, then send a DNS query again only to be given a different IP address, which causes issues with the forwarder trying to establish a consistent trusted connection to a deployment server. That switch in deployment server destinations causes the forwarder to just try again later, until it can establish a consistent connection randomly.
We put our deployment servers behind a load balancer before, but all the connections and logs show the forwarders coming from the same ip address.. something x-forwarded-for should help solve at our scale.
 
		
		
		
		
		
	
			
		
		
			
					
		