ADC Fundamental Concepts: Part 1 –

Request-Response, HTTP Basics, and

Networking
Last Modified: Apr 11, 2019 @ 7:53 am
25 Comments

Navigation

 Change Log
 Introduction
 Request-Response
o Request-Response Overview
o What’s in a Request?
o Addresses Overview
o Web Servers and File Transfer
o Web Server Scripting
o Web Client Data Upload
o Web Client Scripting
o HTTP is Core of Modern IT
o Server Services and Server Port Numbers
o Client Programs and Client Ports
 Sessions
o Sessions Overview
o Network Sessions
o TCP Protocol (Layer 4)
o UDP Protocol (Layer 4)
 HTTP Basics
o HTTP Protocol Overview
o HTTP Packet
 Networking
o Layer 2 (Ethernet) and Layer 3 (Routing) Networking
o Local IP address vs remote IP address
o Layer 2 Ethernet communication
o ARP (Address Resolution Protocol)
o Layer 3 on top of Layer 2
o Multiple Routers and Routing Protocols
o Ethernet Switches
o Switches and VLANs
 DHCP (Dynamic Host Configuration Protocol)
 DNS (Domain Name Server)
 Physical Networking
o Layer 1 (Physical cables)
o Port Channel (cable bonds)
o VLAN tagging
o Multiple NICs in one machine
 ADC Networking
o Traffic flow through ADC
o ADC Source IP
o ADC Forwarding Tables
o ADC networking configuration
o ADC VLAN Design
o ADC Physical Connectivity
o ADC VLAN Configuration
 ADC High Availability (HA)
 Firewalls
 Part 2 – Certificates/SSL, Authentication, HTTP, VPN Networking, PXE, GSLB (separate page)

Change Log
 2019 Feb 25 – Client Ephemeral Ports – added link to Microsoft 929851

 2018 Dec 26 – complete proofread, revised, and expanded

Introduction
Citrix renamed their NetScaler product to Citrix ADC (aka Application Delivery Controller), which is a fancy Gartner term for a load balancing device that does more than just simple
load balancing.
Many ADC appliances are managed by server admins and/or security people that do not have extensive networking experience. This article will introduce you to important networking
concepts to aid you in successful deployment and configuration of ADC appliances. Most of the following concepts apply to all networks, but this article will take an ADC perspective.

This content is intended to be read from top to bottom with later topics building on earlier topics.

This content is intended to be introductory only. Search Google for more details on each topic.

Request-Response

Request-Response Overview
Request/Response – fundamentally, a Client sends a Request to a Server Service. The Server Service processes the Request, and sends back a successful Response, or sends back
an Error. Request-Response describes almost all client-server networking. (Image from Wikimedia)

Clients send Requests – Clients are machines running software that generate network Requests that are sent to a Server.
 For ADC, Clients are usually web browsers or any other client software that generates server Requests using the HTTP protocol.
Servers Respond to Requests – Servers receive the client’s Request, do some processing, and then send a Response back to the client.
 For ADC, Servers are usually web servers that receive HTTP requests from clients, perform the HTTP Method (i.e. command) contained in the request, and the send back
the response.
Machines are both Clients and Servers – when a machine or program sends out a Request, that machine/program is a Client. When a machine or program receives a Request from
another machine, then this machine/program is a Server. Many machines, especially ADC machines, perform both client and server functions.

 ADCs receive HTTP Requests from clients, which is a Server function. ADCs then forward the original request to a web server, which is a Client function.

What’s in a Request?
 Requests are sent to Web Servers using the HTTP protocol – Web Browsers use the HTTP protocol to send Requests to Web Servers. Web Servers use the HTTP protocol to send
Responses back to Web Browsers. (Image from Wikimedia)

 Protocol – A protocol defines a vocabulary for how machines communicate with each other. Since web browsers and web servers use the same protocol, they can
understand each other.
HTTP is an OSI Layer 7 protocol – HTTP is defined by the OSI Model as a Layer 7, or application layer, protocol. Layer 7 protocols run on top of (encapsulated in) other lower layer
protocols, as detailed later. (image from Wikimedia)

HTTP Request Commands – HTTP Requests contain commands that the web server is intended to carry out. In the HTTP Protocol, Request Commands are also known as Request
Methods.
 HTTP GET Method – The most common Command in an HTTP Request is GET, which asks the web server to send back a file. In other words, web servers are file
servers.
 Shown below is an HTTP Request with the first line being the GET Method. Right after the GET command is the path to the file that the browser wants to download.

 Other HTTP Request Methods are used by clients to upload files or data to the web server and will be detailed in Part 2.
HTTP Path – Web servers can host thousands of files but Web Servers will only download one file at a time. Inside the GET Request is the path to a specific file. In HTTP, the path
format is something like /directory/directory/file.html.

 If you enter a directory path but you don’t provide a filename, then the web server will give you the configured default file for that directory instead of giving you every file
in the directory.
The Path is one component of the HTTP Request URL, which looks something like https://en.wikipedia.org/wiki/Hypertext_Transfer_Protocol.
 In a Citrix ADC policy expression, you can extract the HTTP path from the HTTP Request URL by entering HTTP.REQ.URL.PATH.
 More info on URLs will be provided later in Part 2

Addresses Overview
Unique addresses – Every machine on a network has at least one address. Addresses are unique across the whole Internet; only one machine can own a particular address. If you have two
machines with the same address, which machine receives the Request or Response?
Requests are sent to a Destination Address – when the client sends a request to a web server, it sends the request to the destination server’s address. This is similar to email when you
enter the address of the recipient. The server’s address is put in the Destination Address field of the Request Packet.
 Shown below is an IP Packet (Layer 3 Packet) that contains a field for the Destination Address. (image from wikimedia)

The network forwards packets to the Destination Address – Request packets are placed on a Network and the Network forwards the request to the destination.
 Multiple network hops – there are usually multiple network hops between the client and the server. Each hop reads the Destination Address in the packet to know where to
send the packet next. This routing process is detailed later.
Web Servers reply to the Source Address – when the Request Packet is put on the network, the client machine inserts its own address as the Source Address. The web server receives
the Request and performs its processing and uses the following process to send the Response back to the client:
1. The Web Server extracts the client’s Source Address from the Request Packet.
2. The Web Server creates a Response Packet and puts the original Source Address in the Destination Address of the Response Packet.
3. The Response packet is placed on the network, which forwards the Response packet to the Response’s Destination Address, which formerly was the Source Address of the
Request.
Two network paths: Request path, and Response path – If you don’t receive a Response to your Request, then either the Request didn’t make it to the Server, or the Response never
made it from the Server back to the Client. The key point is that there are two communication paths: the first is from Client to Server, and the second is from Server to Client. Either one of
those paths could fail. Many ADC networking problems are in the reply/response path and not necessarily in the request path.
 Wrong Source Address – If the original Source Address in the request packet is wrong or missing, then the response will never make it back to the client. This is especially
important for client devices, like ADC, that have multiple source addresses that it can choose from. If a non-reachable address is placed in the Source Address field, then the
Response will never come back.
Numeric-based addresses – All network addresses are ultimately numeric, because that’s the language that machines understand. Network packets contain Source address and Destination
address in numeric form. Routers and other networking equipment read the numeric addresses, perform a table lookup to find the next hop to reach the destination, and quickly place the
packet on the next interface to reach the destination. This operation is much quicker if addresses are numbers instead of words.
Layer-specific addresses – Different OSI layers have different layer-specific addresses, each of which is detailed later in this article:
 MAC Addresses are Layer 2 addresses.
 IP Addresses are Layer 3 addresses.
 Port numbers are Layer 4 addresses.
IP Addresses – every Client and Server on the Internet has a unique IP address. Requests are sent to a Destination IP Address. Responses are sent to the original Source IP Address. How
the packets get from Source IP address to Destination IP address and back again will be detailed later.
 IP Address format – Each IP address is four numbers separated by three periods (e.g. 216.58.194.132). Each of the four numbers must be in the range between 0 and 255.
Most network training guides cover IP addressing in excruciating detail so it won’t repeated here. IP addressing design is inextricably linked with overall network routing design.
 Shown below is the format of IP v4 addresses. (image from wikimedia)

Human-readable addresses – When a human enters the destination address of a Web Server, humans much prefer to enter words instead of numbers. But machines only understand
numbers, so there needs to be a method to convert the word-based addresses into numeric-based addresses. This conversion process is called DNS (Domain Name System), which will be
 detailed later. Essentially there’s a database that maps every word-based address into a number-based address. (image from wikimedia)

Web Servers and File Transfer

Web Servers are File Servers – essentially, Web Servers are not much more than file servers. A Web Client requests the Web Server to send it a file and the Web Server sends back a
file.
Web Clients use the HTTP Protocol to request files from a Web Server. Web Servers use the HTTP Protocol to send back the requested file.
 Web Clients can be called HTTP Clients.
 Web Clients are sometimes called User Agents.
Web Clients are responsible for doing something meaningful with the files downloaded from Web Servers – Clients can do one of three things with the files downloaded from a Web
Server:
 Display the file’s contents to the user

o HTML files and image files are usually rendered and displayed to the user.

 Launch a program to process the file

o e.g. launch Citrix Workspace app to initiate a Citrix ICA session based on the contents of the downloaded .ica file.

 Store the file on the file system

o e.g. save the file to the Downloads folder.

Web Browsers – Web Browsers are a type of Web Client that usually want to display the files that are downloaded from Web Servers.
 HTML and CSS – If the file contains HTML tags, then the Browser will render the HTML tags and display them to the user as an HTML webpage. CSS files tell Browsers
how to render HTML files. Here are the contents of a sample HTML file downloaded from a web server. Notice the <> tags. (image from Wikimedia)

 Images – Images are rendered by the Browser and displayed to the user.
HTML vs HTTP – HTTP is a network file transfer protocol (request/response). HTML files are just one of the types of files transferred by HTTP. You’ll find that most HTTP file
transfers are not HTML files.

 Any program that wants to download files from a server can use the HTTP protocol. HTTP is used by far more than just web browsers.
Other Web Client Types – other types of client programs use HTTP Protocol to download files from Web Servers:
 API Web Clients – API Web Clients (e.g. scripts) can use an HTTP-based API to download data files from a web server. These data files are typically processed by a
client-side script or program and aren’t displayed directly to the user.
 Downloaders – some Web Clients are simply Downloaders, meaning all they do is use HTTP to download files and store them on the hard drive. Later, the user can do
something with those downloaded files.

Web Server Scripting

Web Server Scripting – web servers can do more than just file serving: they can also run server-side scripts that dynamically modify the files before the files are downloaded (sent back)
to the requesting web client. This allows a single web server file to provide different content to different clients. The file’s content can even be retrieved from a database.
Web Server Script Languages – different web server programs support different server-side script languages. These server-side script languages include: Java, ASP.NET, Ruby, PHP,
Node.js, etc.
 The Web Server runs a script interpreter for specific file types. (image from wikimedia)

 FIle Extensions and Server-side Script Processing – When a Web Client requests a file with a specific extension (e.g. .php), the server-side PHP script engine processes
the file (runs the script). Output from the script is sent as an HTTP Response. Files without the .php extension are returned as raw files. It is not possible to download the raw .php file
without the script engine first processing it.