The pitfalls of backing up and restoring a Citrix NetScaler, and how to overcome them

The pitfalls of backing up and restoring a Citrix NetScaler, and how to overcome them

How-Tos Published on 6 mins Last updated

Citrix NetScaler is a great product. It offers more features than you can shake a stick at and, as such, is one of the Application Delivery Controller (ADC) market leaders. The flip side of this, however, is that its complexity means it can require specialist skills to backup and restore.

Here I outline some of the key pitfalls to have on your watchlist when backing up and restoring a NetScaler appliance, based on my own experience.

Why on earth is Loadbalancer talking about Citrix?

Has Loadbalancer.org gone completely mad? Why on earth are we talking about a competitor product? No, we're not crazy (well, maybe a little...)! We know our customers leverage a range of vendors to meet different needs. And our objective as a company has always been (and will continue to be) to take away the pain of downtime (regardless of who provides the ADC solution).

That's why Loadbalancer has created the ADC Portal, a vendor-agnostic centralized management platform to help you more effectively and efficiently manage your load balancer estate
regardless of which brands you own. So, moving forward, we will be providing lots more helpful content, covering a wide range of different ADC manufacturers, to guide you on your journey towards zero downtime.

By the way, before we get started you should note: Citrix and NetScaler are trademarks of Citrix Systems, Inc. (Loadbalancer.org Ltd has no affiliation with Citrix Systems, Inc. so use of these names, trademarks and brands does not imply endorsement by either party).

Maintenance, features, or a CVE are all good reasons to upgrade your NetScaler appliance. However, as with any complex task undertaken for the first time, it can get a little confusing. The good news, though, is that over time, with experience gained, things thankfully get easier. But that's enough from us. Over to Mick...

Know which NetScaler backup APPROACH you want


NetScaler backup functionality is essential to protect yourself in a disaster recovery scenario, or to give you peace of mind during a big change.

Because a NetScaler appliance has both a command-line interface (CLI) and a graphical user interface (GUI), the first step is to decide which NetScaler backup and recovery method you want to take advantage of.

  1. The CLI
  2. The GUI

There is no advantage to using one over the other, so it boils down to personal preference. The resulting backups are all the same!

We will cover both approaches in this blog. But before you attempt to backup a NetScaler appliance, there are some important caveats to be aware of.

💡 PRO TIP

Caveats to note BEFORE you start to backup the appliance!

Backups do NOT restore older firmware versions. Backups should always be saved offline, in case your NetScaler is unreachable. Backups should only be used as a last resort, there is always risk of something not importing correctly. It’s more favourable to restore a small setting by hand than to use a backup. The backup should be treated as sensitive data.

Know which NetScaler backup LEVEL you need


There are two different levels of backup available in NetScaler: basic and full.

Basic backup

A basic backup contains the data that relatively gets changed the most.

For example, but not limited to:

/var/
/netscaler/
/nsconfig/
/ns.conf

Full backup

A full backup contains the basic backup files with the addition of files that are changed less frequently, for example, certificates and license files.

The maintained list of included files can be found on Citrix’s website here.

💡 PRO TIP

If you are in any doubt about which backup level you need, create a FULL backup.

Having too many files won't cause you any headaches, but having too few files will! Please always consider the backup to be sensitive data and do NOT upload or share it with others (in the same way you would treat any sensitive data). The reason I classify it as sensitive data is that the ns.conf file contains IP’s and hashed passwords.

How to create a Citrix NetScaler GUI backup

Now let’s start with creating a backup in the GUI (graphical user interface).

The NetScaler appliance creates a backup of the saved configuration.

💡 PRO TIP

Make sure all changes are written to your saved config before you perform the backup!

You can easily do this by using the save button on the top right corner:

The configuration is now primed for a backup.

The backup functionality can be found in:

Configuration > System > Backup and Restore > Backup/Import

Next, to create the backup, press the ‘Backup/Import’ button:

  1. Click 'System'
  2. Select 'Backup and Restore'
  3. Click the 'Backup/Import' button

You will then see that there are two different versions of backup ‘Level’. Select one based on your newly found knowledge in previous ‘Know which backup level you need’ section of this blog (above):

  1. Add your 'File Name'
  2. Select the relevant 'Level'
  3. Add a Comment to help you distinguish between backups
  4. Click the 'Backup' button

After the backup has been created, you can now easily 'Download' or 'Restore' the backup with the menu options:

  1. Tick the backup you want to 'Download'
  2. Click on the 'Select Action' menu and opt for 'Download'

And there you have it. Your GUI backup is complete.

How to restore a Citrix NetScaler GUI backup

Should you need to restore a GUI backup, here are the steps to follow:

  1. Tick the backup you want to 'Restore'
  2. Click on the 'Select Action' menu
  3. Opt for 'Restore'

If you select the 'Restore' option on a backup, you will then see the following:

As soon as you click ‘Restore’, it will then start the restoration.

This takes a little while, but then you will be presented with the following warning:

💡 PRO TIP

Make sure you do a (warm) reboot! A warm reboot is faster, but not required.

You can perform a warm reboot by navigating to ‘System -> Reboot’:

  1. Click on 'Configuration'
  2. Select 'System'
  3. Click on 'Reboot'

And voila! After the reboot, your settings will be restored.

How to create a Citrix NetScaler backup in the CLI

You can connect to your NetScaler appliance over SSH (the Secure Shell or Secure Socket Shell protocol) with any tool you prefer.

I use PuTTY which can be downloaded here:

Log in with your credentials.

💡 PRO TIP

Note, you will NOT see the password being entered:

Then use the following command syntax:

create system backup Backupname -level Full -Comment OptionalComment
  • Replace BackupName with your backup name
  • Replace Full with either Basic or leave it Full
  • You can remove the '-Comment' switch if you don't want to add a comment

‘Done’, easy as pie.

💡 PRO TIP

If you want to list the existing backups on the NetScaler you'll need to additionally run the following command:

show system backups

And there you have it. Backup in the CLI complete.

How to restore a Citrix NetScaler backup with the CLI

The procedure to restore a backup via the CLI is, thankfully, quick and easy.

Use the following command:

restore system backup BackupName.tgz

Bear in mind that to actually restore the backup you need to do a warm reboot, just as with the GUI!

reboot -warm

Enter ‘Y’ and the appliance will reboot with the backup applied.

And there you have it! You're back in business.

I hope this was helpful. Got issues or outstanding questions? Feel free to comment below.

The new ADC Portal centralized management platform

Find out what a vendor-agnostic solution looks like