This is something, people tend to ask for: A sorry server responding with a meaningful message in case all services are down. It’s an easy task to do, so I decided to write a quick guide on how to create a setup like that.
What we need
A load-balancing vServer does not respond, as soon as all services are down. However, there are “protection Servers”. And that’s what I will use.
The protection server
Is a dummy server. It actually has no content. The only job it has is to be always up. The service is pointing to nowhere (I’ll use an APIPA address in 169.254.0.0/16 subnet) and got health monitoring disabled.
The service
add service svc_always_up 169.254.0.1 HTTP 80 -healthMonitor NO
The IP address, 169.254.0.1, is an IP address in the link-local network, 169.254.0.0/16 (also known as APIPA), and can’t get routed. Sometimes, we see “Always Up Services” using 1.1.1.1 or similar IP addresses, but that’s absolutely wrong, as they are available on the internet.
Don’t forget to turn health monitoring off (click at more, if you don’t see the full dialogue)
The lb vServer
Will be a “non-addressable vServer”, as connections to it, coming from outside the Citrix ADC / NetScaler is not desired.
add lb vserver lb_vs_dummy HTTP
The type of vServer has to be HTTP. SSL would be possible as well, but it does not make sense to encrypt/decrypt traffic inside the ADC. There is absolutely no security risk. That’s why I use HTTP.
bind lb vserver lb_vs_dummy svc_always_up
The status of the vServer should show “up” as soon as the service is bound.
The responder policy
The responder policy needs to be of type RESPONDWITHHTMLPAGE. I created an HTML page and inserted it.
The HTML page to respond with
Go to AppExpert → Responder → HTML Page Imports. Import your HTML-Page. I named mine respond_with_sorry. This is a very primitive version of a sorry page.
<html>
<head>
<title>Sorry, we are down for maintainence</title>
</head>
<body>
<h1>Sorry, down for maintainence</h1>
<p>There is a scheduled maintainence window right now, that's why this server is down.<br>Try again in half an hour.</p>
</body>
</html>
Of yourse, you could also import the HTML page from local file-system or from a web-server.
The responder action
add responder action res_act_respond_with_sorry respondwithhtmlpage respond_with_sorry -responseStatusCode 200
The responseStatusCode may be anything, a 200 OK is good, a 500 (internal server error) or 503 (service unavailable), would be a bit more honest, something like a 404 (not found) or a 418 (I’m a tea-pot) would be a bit confusing.
The responder policy
add responder policy res_pol_respondwithsorry true res_act_respond_with_sorry
The expression of this policy should be a simple true value (I’m not a big fan of HTTP.REQ.IS_VALID, as it means more overhead and absolutely does not make sense, the validity of the request is not relevant, we want to do this always)
Binding it all together
Binding the responder policy to the dummy vServer
bind lb vserver lb_vs_dummy -weight 1 -policyName res_pol_respondwithsorry -priority 100 -gotoPriorityExpression END
Open the vServer and click Policies
Select Responder
select the policy we just created and click bind
Setting the dummy vServer as a failover server to the actual vServer
set lb vserver lb_vsrv_colors_ssl -IPAddress 192.168.229.100 -backupVServer lb_vs_dummy
Select protection from the far right side
Set the dummy vServer as a failover vServer.
That’s it. Give it a try: Disable the existing vServer and surf to it, you will see the sorry page!
