The pitfalls of backing up and restoring a Citrix NetScaler, and how to overcome them

The pitfalls of backing up and restoring a Citrix NetScaler, and how to overcome them

How-tos Published on 6 mins Last updated

Citrix NetScaler* is a great product. It offers more features than you can shake a stick at and, as such, is one of the Application Delivery Controller (ADC) market leaders. The flip side of this, however, is that its complexity means it can require specialist skills to backup and restore.  

Here I outline some of the key pitfalls to have on your watchlist when backing up and restoring a NetScaler appliance, based on my own experience. In the meantime, if you're wondering why on earth Loadbalancer.org's talking about Citrix, check out this blog: How to manage all your load balancers from one platform.

Know which NetScaler backup APPROACH you want


NetScaler backup functionality is essential to protect yourself in a disaster recovery scenario, or to give you peace of mind during a big change.

Because a NetScaler appliance has both a command-line interface (CLI) and a graphical user interface (GUI), the first step is to decide which NetScaler backup and recovery method you want to take advantage of.

  1. The CLI
    or
  2. The GUI

There is no advantage to using one over the other, so it boils down to personal preference. The resulting backups are all the same!

We will cover both approaches in this blog. But before you attempt to backup a NetScaler appliance, there are some important caveats to be aware of.

💡 PRO TIP

Caveats to note BEFORE you start to backup the appliance!

Backups do NOT restore older firmware versions. Backups should always be saved offline, in case your NetScaler is unreachable. Backups should only be used as a last resort, there is always risk of something not importing correctly. It’s more favourable to restore a small setting by hand than to use a backup. The backup should be treated as sensitive data.

Know which NetScaler backup LEVEL you need


There are two different levels of backup available in NetScaler: basic and full.

Basic backup

A basic backup contains the data that relatively gets changed the most.

For example, but not limited to:

/var/
/netscaler/
/nsconfig/
/ns.conf

Full backup

A full backup contains the basic backup files with the addition of files that are changed less frequently, for example, certificates and license files.

The maintained list of included files can be found on Citrix’s website here.

💡 PRO TIP

If you are in any doubt about which backup level you need, create a FULL backup.

Having too many files won't cause you any headaches, but having too few files will! Please always consider the backup to be sensitive data and do NOT upload or share it with others (in the same way you would treat any sensitive data). The reason I classify it as sensitive data is that the ns.conf file contains IP’s and hashed passwords.

How to create a Citrix NetScaler GUI backup

Now let’s start with creating a backup in the GUI (graphical user interface).

The NetScaler appliance creates a backup of the saved configuration.

💡 PRO TIP

Make sure all changes are written to your saved config before you perform the backup!

You can easily do this by using the save button on the top right corner:

The configuration is now primed for a backup.

The backup functionality can be found in:

Configuration > System > Backup and Restore > Backup/Import

Next, to create the backup, press the ‘Backup/Import’ button:

  1. Click 'System'
  2. Select 'Backup and Restore'
  3. Click the 'Backup/Import' button

You will then see that there are two different versions of backup ‘Level’. Select one based on your newly found knowledge in previous ‘Know which backup level you need’ section of this blog (above):

  1. Add your 'File Name'
  2. Select the relevant 'Level'
  3. Add a Comment to help you distinguish between backups
  4. Click the 'Backup' button

After the backup has been created, you can now easily 'Download' or 'Restore' the backup with the menu options:

  1. Tick the backup you want to 'Download'
  2. Click on the 'Select Action' menu and opt for 'Download'

And there you have it. Your GUI backup is complete.

How to restore a Citrix NetScaler GUI backup

💡 PRO TIP

Don't forget if you are restoring to a new appliance, you will need to licence the software first!

Should you need to restore a GUI backup, here are the steps to follow:

  1. Tick the backup you want to 'Restore'
  2. Click on the 'Select Action' menu
  3. Opt for 'Restore'

If you select the 'Restore' option on a backup, you will then see the following:

As soon as you click ‘Restore’, it will then start the restoration.

This takes a little while, but then you will be presented with the following warning:

💡 PRO TIP

Make sure you do a (warm) reboot!

You can perform a warm reboot by navigating to ‘System -> Reboot’:

  1. Click on 'Configuration'
  2. Select 'System'
  3. Click on 'Reboot'

And voila! After the reboot, your settings will be restored.

How to create a Citrix NetScaler backup in the CLI

You can connect to your NetScaler appliance over SSH (the Secure Shell or Secure Socket Shell protocol) with any tool you prefer.

I use PuTTY which can be downloaded here:

Log in with your credentials.

💡 PRO TIP

Note, you will NOT see the password being entered:

Then use the following command syntax:

create system backup Backupname -level Full -Comment OptionalComment
  • Replace BackupName with your backup name
  • Replace Full with either Basic or leave it Full
  • You can remove the '-Comment' switch if you don't want to add a comment

‘Done’, easy as pie.

💡 PRO TIP

If you want to list the existing backups on the NetScaler you'll need to additionally run the following command:

show system backups

And there you have it. Backup in the CLI complete.

How to restore a Citrix NetScaler backup with the CLI

The procedure to restore a backup via the CLI is, thankfully, quick and easy.

Use the following command:

restore system backup BackupName.tgz

Bear in mind that to actually restore the backup you need to do a warm reboot, just as with the GUI!

reboot -warm

Enter ‘Y’ and the appliance will reboot with the backup applied.

And there you have it! You're back in business.

How do I automate the backup of my Citrix NetScaler?

Now that we've covered the manual methods for backup & recovery, lets look at the automation options. The last thing you want is an out of date backup file when you are trying to perform disaster recovery. Or even worse no backup!

💡 PRO TIP

Always have multiple secure backups in multiple locations.

Several backup tools have plugins for Citrix NetScaler, but I prefer dedicated solutions. I've listed a couple of examples here for you to investigate:

  1. NetScaler MAS (Management and Analytics System)
  2. AppviewX ADC+
  3. Loadbalancer ADC Portal

The NetScaler backup process doesn't have too many pitfalls


In fact the the backup & recovery functionallity is well designed and effective. However you can guarantee that it s time well spent to thoroughly test and understand the process BEFORE you need to use it in an emergency!

I hope this blog was helpful. Got issues or outstanding questions? Feel free to ask questions in the comment section below.

*Citrix and NetScaler are trademarks of Citrix Systems, Inc. Loadbalancer.org Ltd has no affiliation with Citrix Systems, Inc., so the use of these names, trademarks and brands does not imply endorsement by either party.

The new ADC Portal centralized management platform

Find out what a vendor-agnostic solution looks like