In Depthtroubleshootingonnetscalerusingcommandlinetools 140327143410 Phpapp01

Citrix Support Secrets
Webinar Series
In-depth Troubleshooting on NetScaler
using Command Line Tools
27 March 2014
Andrew Sandford
Senior Readiness Specialist, Worldwide Support Readiness EMEA
Agenda
NetScaler CLI recap
Whats my NetScaler?
How is my NetScaler configured?
Whats my NetScaler doing?
Time for Technical Support?
Q&A
2014 Citrix | Confidential Do Not Distribute
NetScaler CLI
Recap
NetScaler Native CLI

> show
>add
>remove
>set
>enable
>disable
>force
>bind
>unbind
NetScaler Native CLI
>help <command>
>man <command>
>set cli prompt %u@%h-%T
>set cli mode -color ON
NetScaler BSD Shell
# tar
# head
# less
# more
# cat
# zcat
# ls
# find
Whats my NetScaler?
Whats my NetScaler?
> show version
> show ns hostname
> show hardware
> show interface summary
>stat ssl
#sysctl a netscaler | more
show version/show ns hostname
> show version

NetScaler NS10.1: Build 124.13.nc, Date: Feb 20
2014, 18:53:27
> show ns hostname
Hostname:
nstipster
show hardware
> show hardware
Platform: NSMPX-10500 8*CPU+2*E1K+8*E1K+2*IX+8*CVM
1620 760100
Manufactured on: 10/7/2010
CPU: 2832MHZ
Host Id: 1234567890
Serial no: M123456789
Encoded serial no: M123456789
show interface -summary

> show interface -summary
-------------------------------------------------------------------------------Interface
MTU
MAC
Suffix
-------------------------------------------------------------------------------1
0/1
1500
00:25:90:12:eb:5a
Gig Ethernet 10/100/1000 MBits
0/2
1500
00:25:90:12:eb:5b
Gig Ethernet 10/100/1000 MBits
1/1
1500
00:e0:ed:1a:24:97
Gig Ethernet, copper SFP
1/2
1500
00:e0:ed:1a:24:96
1/3
1500
00:e0:ed:1a:24:95
Gig Ethernet, no SFP found
1/4
1500
00:e0:ed:1a:24:94
1/5
1500
00:e0:ed:1a:24:a3
1/6
1500
00:e0:ed:1a:24:a2
1/7
1500
00:e0:ed:1a:24:a1
10
1/8
1500
00:e0:ed:1a:24:a0
11
10/1
1500
00:1b:21:77:c0:35
10G Ethernet,...SFP+/SFP found
12
10/2
1500
00:1b:21:77:c0:34
10G Ethernet,...SFP+/SFP found
13
LO/1
1500
00:25:90:12:eb:5a
NetScaler Loopback interface
stat ssl
> stat ssl
SSL Summary
# SSL cards present
# SSL cards UP
SSL engine status
SSL sessions (Rate)
System
Transactions
Rate (/s)
Total
SSL transactions
301
SSLv2 transactions
SSLv3 transactions
TLSv1 transactions
301
sysctl
# sysctl -a netscaler
netscaler.developer: 0
netscaler.descr:
NetScaler Virtual Appliance 3G
netscaler.recovery: 0
netscaler.num_pe_running:
1
netscaler.sysid: 450000
netscaler.serial: 98310000cb254307ee78
netscaler.version:
NetScaler NS10.1: Build
netscaler.descr: NetScaler Virtual Appliance 3G
124.13.nc,
Date: Feb 20 2014, 18:53:27
netscaler.num_pe_running: 1
netscaler.model:
netscaler.version: NetScaler3000
NS10.1: Build 124.13.nc, Date: Feb 20 2014, 18:53:27
netscaler.model: 3000
netscaler.vmpe_max_cpus:
2
netscaler.vmpe_max_cpus: 2
netscaler.nCore:
1
netscaler.Classic: 0
netscaler.nCore: 1
How is my NetScaler
configured?
How is my NetScaler configured?

> show ip
> show feature
> show ns mode
> show info
> show license
> show run | more
show ip
> show ip
Ipaddress
TD
Type
Mode
Arp
Icmp
Vserver
State
---------
--
----
----
---
----
-------
------
1)
192.168.196.45
Enabled
NetScaler IP
Active
Enabled
Enabled
NA
2)
192.168.196.146
Enabled
SNIP
Active
Enabled
Enabled
NA
3)
192.168.196.147
Enabled
VIP
Active
Enabled
Enabled
Enabled
4)
22.22.22.2
VIP
Active
Enabled
Enabled
Enabled
Enabled
5)
192.168.100.44
SNIP
Active
Enabled
Enabled
NA
Enabled
6)
192.168.1.2
SNIP
Active
Enabled
Enabled
NA
Enabled
7)
192.168.196.148
Enabled
VIP
Active
Enabled
Enabled
Enabled
show feature
> show feature
Feature
Acronym
Status
-------
-------
------
1)
Web Logging
WL
ON
2)
Surge Protection
SP
OFF
3)
Load Balancing
LB
ON
4)
Content Switching
CS
ON
5)
Cache Redirection
CR
OFF
6)
Sure Connect
SC
ON
8)
Priority Queuing
PQ
ON
9)
SSL Offloading
SSL
ON
10)
Global Server Load Balancing
GSLB
ON
11)
Http DoS Protection
HDOSP
OFF
12)
Content Filtering
CF
ON
13)
Integrated Caching
IC
OFF
19)
Rewrite
REWRITE
ON
show ns mode
> show ns mode
Mode
Acronym
Status
-------
-------
------
1)
Fast Ramp
FR
ON
2)
Layer 2 mode
L2
OFF
3)
Use Source IP
USIP
OFF
4)
Client Keep-alive
CKA
OFF
5)
TCP Buffering
TCPB
OFF
6)
MAC-based forwarding
MBF
OFF
7)
Edge configuration
Edge
ON
8)
Use Subnet IP
USNIP
ON
9)
Layer 3 mode (ip forwarding)
L3
ON
10)
Path MTU Discovery
PMTUD
ON
16)
Bridge BPDUs
BridgeBPDUs
OFF
show info
> show info
NetScaler NS10.1: Build 124.13.nc, Date: Feb 20 2014,
18:53:27
NetScaler IP: 192.168.47.6
(mask: 255.255.240.0)
NW FWMODE: NOFIREWALL
Number of MappedIP(s): 0
Node: Secondary (Primary is 192.168.47.1)
System Time: Thu Mar 27 08:52:06 2014
Last Config Changed Time: Thu Mar 27 07:52:50 2014
Last Config Saved Time: Tue Mar 25 13:28:21 2014
show run | more

#NS10.1 Build 124.13
# Last modified Thu Mar 27 10:08:20 2014
set ns config -IPAddress 192.168.47.1 -netmask 255.255.240.0
enable ns feature LB CS SSL SSLVPN OSPF REWRITE AppFw RESPONDER HTMLInjection AppFlow
enable ns mode FR L3 Edge USNIP SRADV DRADV PMTUD
set system parameter -natPcbForceFlushLimit 4294967295
set system user nsroot -----------------SNIP---------------- -encrypted
set rsskeytype -rsstype ASYMMETRIC
set lacp -sysPriority 32768 -mac 11:22:33:aa:bb:cc
set ns hostName nstipster
set interface 1/1 -throughput 0 -bandwidthHigh 0 -bandwidthNormal 0 -intftype "Xen Virtual" -ifnum 1/1
set interface LO/1 -haMonitor OFF -throughput 0 -bandwidthHigh 0 -bandwidthNormal 0 -intftype Loopback
-ifnum LO/1
add ns ip6 fe80::40da:5dff:fe08:296b/64 -scope link-local -type NSIP -vlan 1 -vServer DISABLED -mgmtAccess
ENABLED -dynamicRouting ENABLED
Whats my NetScaler
doing?
Processes and Uptime
> shell top

#ps ax | more
#uptime
#top/nsppe
> shell top
last pid: 13825;
60 processes:
load averages:
1.00,
1.04,
1.02
up 1+19:48:58
08:38:17
2 running, 58 sleeping
CPU states: 18.0% user,
0.0% nice, 32.1% system,
0.0% interrupt, 49.9% idle
Mem: 99M Active, 51M Inact, 1492M Wired, 15M Cache, 165M Buf, 2564K Free
Swap: 4500M Total, 12K Used, 4500M Free
PID USERNAME
THR PRI NICE

-52
SIZE
814M
100%
RES STATE
815M CPU1
TIME
WCPU COMMAND
50185 root
44
20.2H 100.00% NSPPE-00
11834 nobody
0 26448K 18276K accept 0
0:02
0.05% httpd
50206 root
0 61364K 11632K kqread 0
1:03
0.00% nsaggregator
50251 root
0 30504K
7964K kqread 0
0:47
0.00% nsconfigd
44 root
0 15880K
1828K kqread 0
0:21
0.00% pitboss
995 root
0 25660K 17672K nanslp 0
0:13
0.00% httpd
987 root
96
50188 root
3668K
876K select 0
0:11
0.00% syslogd
0 59184K
9016K kqread 0
0:10
0.00% nsnetsvc
#ps ax | more
root@ns# ps -ax | more
PID
TT
STAT
TIME COMMAND
??
WLs
0:00.44 [swapper]
??
ILs
0:00.09 /sbin/init --
??
DL
0:02.35 [g_event]
??
DL
0:09.00 [g_up]
??
DL
0:02.21 [g_down]
??
DL
0:00.00 [xpt_thrd]
??
DL
0:00.00 [acpi_task_0]
??
DL
0:00.00 [acpi_task_1]
??
DL
0:00.00 [acpi_task_2]
??
DL
0:00.00 [kqueue taskq]
10
??
RL
0:10.39 [idle: cpu1]
--More(byte 933)
IP related
> show route
> show ip
> show dns addrec
-type proxy
# ping
# traceroute
# telnet
> show route

> show route
Network
Netmask
Gateway/OwnedIP
State
TD
-------
-------
---------------
-----
--
0.0.0.0
0.0.0.0
192.168.32.1
255.0.0.0
127.0.0.1
Type
---1)
STATIC
2)
127.0.0.0
PERMANENT
3)
192.168.32.0
255.255.240.0
UP
UP
192.168.47.1
UP
DIRECT
4)
172.16.200.0
STATIC|ADV
255.255.255.0
192.168.47.2
UP
Load Balancing
> show lb vserver

> show service
> show connectiontable | grep <IP Address|port>
> show persistentSessions
show lb vserver
> show lb vserver
LB_RGB
- HTTP
1)
LB_RGB (192.168.47.3:80)
(192.168.47.3:80) - HTTP
Type: ADDRESS
Type: ADDRESS
State: UP
State:
UP change was at Wed Aug 14 09:17:14 2013
Last state
Time since last state change: 0 days, 00:30:42.140
Client
Idle Timeout: 180 sec
Effective State: UP
Client Idle
Timeout: ENABLED
180 sec
Down state
flush:
Down state flush: ENABLED
Disable
Primary
Vserver
On: DISABLED
Down : DISABLED
Disable
Primary Vserver
On Down
Appflow logging: ENABLED
Appflow
logging: ENABLED
Port Rewrite : DISABLED
Port Rewrite
No. of Bound :
Services
DISABLED
: 1 (Total)
Configured Method: ROUNDROBIN
No. of
Bound Services :
Mode: IP
1 (Active)
1 (Total)
1 (Active)
Persistence:
NONE
Configured
Method:
ROUNDROBIN
Vserver IP and Port insertion: OFF
Mode:IcmpResponse:
IP
PASSIVE
New Service Startup

Persistence:
NONE
Request Rate: 0 PER_SECOND, Increment Interval: 0
Warning: Feature(s) not enabled [LB]
Warning:
Feature(s)
not OFF
enabled [LB]
Vserver
IP and
Port insertion:
show lb vserver [vservername]

> sh lb vserver LB_RGB
LB_RGB (192.168.47.3:80) - HTTP
Type: ADDRESS
State: UP
Last state change was at Wed Aug 14 11:56:19 2013
Effective State: UP
1) svc_blue
(192.168.196.62: 80) - HTTP State: UP Weight: 1
Client Idle Timeout: 180 sec
Down state flush: ENABLED
No. of Bound Services :
1 (Total)
1 (Active)
Configured Method: ROUNDROBIN

Mode: IP
Persistence: NONE
1) svc_blue (192.168.196.62: 80) - HTTP State: UP Weight: 1
show service [servicename]

> show service svc_blue
State:svc_blue
UP
(192.168.196.62:80) - HTTP
State: UP
1)
Last state change was at Wed Aug 14 11:56:19 2013
Monitor Name: mon-http-ecv
State:
Server Name: Blue
Use Source IP:Probes:

NO
UP
14887
Idle timeout: Client: 180 sec

Client IP:
Weight: 1
Passive: 0
Failed [Total: 124 Current: 0]
Server: 360 sec
Last response: Success - Pattern found in response.

ENABLED ClientIP
Response Time: 10.220 millisec
1)
Monitor Name: mon-http-ecv

State: UP
Weight: 1
Passive: 0
Probes: 14887
Failed [Total: 124 Current: 0]
Last response: Success - Pattern found in response.

Response Time: 10.220 millisec
show persistentSessions
> sh persistentSessions
Type
SRC-IP
PARAMETER
DST-IP
PORT
VSNAME
TIMEOUT
SOURCEIP 192.168.119.81 192.168.196.61 80 LB_RGB
118
PERSISTENCE192.168.119.81
Authentication
> show vpn vserver

> show aaa session
> show aaa stats
# cat /tmp/aaad.debug
How do I troubleshoot
deeper?
Time for Technical

Support?
Core dump directories

# ls -la
total 8
drwxrwxr-x
4 root
nobody
drwxr-xr-x
31 root
drwxrwxr-x
2 root
nobody
512 Oct
-rw-r--r--
1 root
nobody
2 Mar
wheel
512 Mar
1024 Dec
4 09:41 .
4 10:06 ..
8 21:28 1
4 09:36 bounds
# ls la 1/
total 10292
drwxrwxr-x
2 root
nobody
512 Jan 22 11:24 .
drwxrwxr-x
4 root
nobody
512 Mar
-rw-------
1 root
nobody
9881665 Dec 18 11:15 NSPPE-00-1094.gz
-rw-------
1 root
nobody
603327 Dec 18 11:15 nscac64p-1189.gz
4 09:41 ..
Packet Engine (nsppe) Process Crashing

Oct 19 08:52:46 <local0.alert> vpx1 nsppe: PE 0 (pid 1077) got signal 6; signal mask
is 0x0 0x0 0x0 0x0
Oct 19 08:52:46 <local0.alert> vpx1 [44]: pitboss Sat Oct 19 08:52:46 2013 NSPPE-00
(1077) unexpectedly died due to receiving signal
Oct 19 08:52:46 <local0.alert> vpx1 [44]: pitboss Sat Oct 19 08:52:46 2013 There may
be a delay restarting process while collecting core dump on NSPPE-00 (1077)
Oct 19 08:52:46 <local0.alert> vpx1 [44]: pitboss Sat Oct 19 08:52:46 2013 proc
NSPPE-00 (1077) failure. Therefore initiating nCore NetScaler restart according to
policy setting (0x29ac)
Oct 19 08:52:46 <local0.alert> vpx1 [44]: pitboss Sat Oct 19 08:52:46 2013 NetScaler
restart may be delayed if collecting core dump for NSPPE-00 (1077)
Oct 19 08:52:46 <local0.alert> vpx1 [44]: pitboss Sat Oct 19 08:52:46 2013 Pitboss
declaring system failure: NSPPE-00 (1077) exited
Oct 19 08:53:44 <local0.info> vpx1 [44]: pitboss Sat Oct 19 08:53:44 2013 Deleting
watch on NSPPE-00 (1077) for ()
/var/core
# cd /var/core/
# ls -la
total 14
drwxrwxr-x
6 root
nobody
drwxr-xr-x
30 root
drwxrwxr-x
2 root
nobody
-rw-r--r--
1 root
nobody
wheel
512 Oct 25 07:54 .

1024 Oct 25 10:31 ..
512 Sep 30 13:39 1
2 Oct 25 07:54 bounds
root@vpx1# ls 1/
NSPPE-00-1077.gz
nscac64p-1177.gz
nsnetsvc-1086.gz
aslearn-1148.gz
nscfsyncd-1158.gz
nsrised-1164.gz
imi-1129.gz
nsclfsyncd-1160.gz
provserverd-1162.gz
monuploadd-1154.gz
nsclusterd-1105.gz
snmpd-1152.gz
nsaaad-1131.gz
nsconfigd-1156.gz
nsaggregatord-1107.gz
nsfsyncd-1110.gz
Show commands
System
show node
show info
show license
Vserver/Service
show lb vserver
show cs vserver
show service
show persistencesession
show connectiontable
IP related
show route
show ip
show dns addrec
Diagnostic
show techsupport
-type proxy
show node
> show node
Node
State:
NOT UP
1)
Node
ID:
0
IP:
2)
Node ID:
IP:
192.168.1.145 (NS145)
192.168.1.45
Node State: STAYSECONDARY
Master State: Secondary

Node State: NOT UP
Fail-Safe Mode: OFF
State: 1/4
DISABLED1/3 1/2 1/1
Master Enabled Interfaces : 1/8 1/7 1/6INC 1/5
Fail-Safe Mode: OFF
INC State: DISABLED
Sync State: ENABLED
Disabled Interfaces : None

Sync State: ENABLED
Propagation: ENABLED
Propagation: ENABLED
Enabled Interfaces : 1/8 1/7 1/6 1/5 1/4 1/3 1/2 1/1
HA MON ON Interfaces : 1/8 1/7 1/6 1/5 Disabled

1/4 1/3
1/2
1/1
Interfaces
: None
Enabled Interfaces : 1/8 1/7 1/6 1/5 1/4 1/3 1/2 1/1
Disabled Interfaces : None
HA MON ON Interfaces : 1/8 1/7 1/6 1/5 1/4 1/3 1/2 1/1
HA MON ON Interfaces
: 1/8 1/7 heartbeats
1/6 1/5 1/4 1/3 1/2 1/1
Interfaces
on which
are not Interfaces
seen :
1/8heartbeats
1/6 1/5
on which
are not1/4
seen : 1/3
1/8 1/6
Interfaces on which heartbeats are not seen : 1/8 1/6
1/5 1/4 1/3 1/2 1/1
1/2
1/5 1/4 1/1
1/3 1/2 1/1
Interfaces causing Partial Failure: 1/8 1/6 1/5 1/4 1/3
Interfaces causing Partial Failure: 1/8 1/6 1/5 1/4 1/3
1/1
1/2 1/1
Interfaces
causing Partial Failure:1/2 1/8
1/6 1/5 1/4 1/3 1/2 1/1
SSL Card Status: UP
SSL Card Status: UP
Interval: 200 msecs

NodeHello
State:
STAYSECONDARY
Dead Interval: 3 secs
Local node information:
>
Node in this Master State for: 0:15:2:13

(days:hrs:min:sec)
Critical Interfaces: 1/8 1/6 1/5 1/4 1/3 1/2 1/1
NetScaler Processes
Process
Description
Process
Description
nsppe
NetScaler Packet Engine
nsfsyncd
Sync bookmarks and

SSL certificates
nsaaad
RBA and SSL VPN

External Auth
nsnetsvc
Used by the GUI for

config changes
nsconf
Writes the ns.conf file
nsumond
Runs the scriptable

monitors
nslog.sh
Controls Logging for

newnslog
nsconmsg
Controls writing of
newnslog
nssync
HA sync
nscollect
Statistics gathering for

historical reporting
nsreadfile
Used to read SSL Cert

Files
imi/ripd/
nscrlrefresh
SSL CRL list update
ospfd/bgpd
Routing processes
stat commands
>stat ns
>stat cpu
>stat interface
>stat lb vserver
>stat cs vserver
>stat service
>stat ssl
>stat dns
>stat http
System
Entities
Protocols
stat ns
> stat ns
System overview
Up since
Wed Aug 14 11:53:33 2013
CPU usage (%)
0.60
Packet CPU usage (%)
0.60
Management CPU usage (%)
0.80
Memory usage (MB)

InUse Memory (%)
190
18.73
Last Transition time We...013

System state
UP
Master state
Primary
# SSL cards UP
# SSL cards present
stat cpu
> stat cpu
CPU statistics
ID
Usage
0
stat interface
> stat interface
Interface Summary
ID
IntfState
IntfAlias Rx Bytes Tx Bytes
Rx Pkts
Tx Pkts
1/8
DOWN
1/7
DOWN
1/6
DOWN
1/5
DOWN
1/4
DOWN
1/3
DOWN
1/2
DOWN
1/1
UP
14476M
21813M
10/2
DOWN
10/1
DOWN
0/1
UP
32027M
18048M
0/2
DOWN
LO/1
UP
831255M
1218G
6624M
13125M
LA/1
DOWN
LA2
442178k 56718611
292060k 67610607
stat interface [interfacename]

> stat interface 1/1
LACP Statistics
Interface [1/1]:
Interface State
Link uptime
Link downtime
LACPDUs received 0
LACPDUs transmitted
Error Statistics
UP
00:40:21
00:00:00
Throughput Statistics
Rate (/s) Total
Bytes received
42393 54497294
Bytes transmitted2584
20222135
Packets received 629 710246
Packets transmitted 47 69066
Packet Statistics
Rate (/s)
Multicast packets 18 41219
NetScaler packets
85 98954
Total
Rate (/s)
0
0
0
Total
Rate (/s)
Error packets received (hw)
0
0
Error packets transmitted (hw)0
0
Inbound packets discarded (hw)
0
0
Outbound packets discarded (hw) 0
0
Packets dropped in Rx (sw)
539 599904
Packets dropped in Tx (sw)
0
0
NIC hangs
-0
Status stalls
-0
Transmit stalls
-0
Receive stalls
-0
Error-disables
-0
Duplex mismatches -0
Link re-initializations
-0
MAC moves registered
0
0
Times NIC became muted
-0
Total
stat dns
> stat dns
Non-authoritative entries
Authoritative entries
98
DNS Statistics
Error Statistics
Nonexistent domain
Runtime Statistics
Dns queries
106983
102359
Response class unsupported
Multi queries
Invalid query format
Dns responses
Stray answers
Incorrect RD length
Server responses
102334
Total Record updates
Requests refused
Auth answers
Response type unsupported
102347
Query class unsupported
Cache flush called
Invalid response format
Cache entries flushed
No answer responses
Server queries
Configuration Statistics
102334
Multi queries disabled
Other errors
stat http
> stat http

HTTP Statistics - Summary
Rate (/s)
Total
Total requests
6251
Total responses
5885
27
293191
286
1744835
Request bytes received

Response bytes received
stat lb vserver [name]

> stat lb vserver LB_RGB
Vserver hits
Virtual Server Summary
Bound
RequestsService(s) Summary
Responses
LB_RGB
vsvrIP
port
80IP
192.168.47.3
Hits/s
Request bytes
inactSvcs
LB_RGB
1 192.168.33.130
Response
bytes
svc_andrews
Total
0/sPackets rcvd
VirtualPackets
Server Statistics
Total
sent
Current client connections

Vserver hits
Req
Total Packets
sent
Spill
Over Threshold
80
00
0
0
Hits
65
HTTP
188
DOWN
Total
--
Rsp/s Throughp
ClntConn
0
--
-- 0/s
--
-0 ActvTran
MaxConn
00
State
0 0
0/s
Total Packets
rcvd
Requests
in service's
surgeQs
actSvcs
Rsp
0
Requests
in vserver's
surgeQReuseP
Response bytes
SvrConn
Health
Type
0DOWN
Req/s
Requests
in surge queue
Request bytes
svc_andrews
port
HTTP
Rate (/s)
Current Client Est connections

Requests
svc_andrews
0
Current
server
connections
Responses
0
State
Protocol
---
0
0
0
0
65
188
SvrTTFB
Load
SurgeQ
0
stat service [servicename]

> stat service svc_blue
Requests
Service Summary
Responses
svc_blue
IP
192.168.196.62
Request
bytes
Service Stats:
port
Type
80
Response bytes
865
855
22
67683
767
2304810
State
HTTP
UP
Rate (/s)
Requests
Total
865
855
--
22
67683
767
2304810
--
--
--
Requests in surge queue

Current
Server Est connections
--
0
9
--
Connections
reuse pool
Current Server Estin
connections
---
--
Connections server
in reuse pool
Maximum
connections
--
0
0
--
Average
server
TTFB
Average server
TTFB
---
--
--
--
Current
client connections
Responses
Request bytes
Requests
in surge queue
Response bytes
Current
server
connections
Current client
connections
Current server connections
Maximum server connections
Current loadload
on the on
service
Current
the service
NetScaler Disk Partitions

NetScaler File System
# df -h
Filesystem
Size
Used
/dev/md0c
286M
245M
35M
88%
devfs
1.0K
1.0K
0B
100%
/dev
procfs
4.0K
4.0K
0B
100%
/proc
/dev/ad0s1a
1.4G
965M
368M
72%
/flash
/dev/ad0s1e
14G
3.1G
9.5G
24%
/var
Avail Capacity
Mounted on
/
NetScaler File System examples

/var/log/ns.log
/var/nslog/newnslog/newnslog.ppe.x
/var/nsinstall/build-10.1-124.13_nc.tgz
/flash/ns-10.1-124.13.gz
/var/core/NSPPE-00-353.gz
/var/crash/vmcore.0
/nsconfig/ns.conf
/nsconfig/ssl/ns-root.cert
/nsconfig/monitors/nssmtp.pl
/nsconfig/license/FID__b0d70c6_13b16ab7034_573f.lic
/netscaler/nsconmsg
/var/nstrace/nstrace1.cap
Logs
Firmware
Crash Files
NetScaler Configuration
SSL Certificates
Monitor Scripts
License Files
NetScaler
NetScaler Binaries
Binaries
Packet
Packet Trace
Trace Files
Files
dmesg
root@ns# dmesg
Copyright (c) 1992-2008 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
The Regents of the University of California. All rights reserved.
FreeBSD is a registered trademark of The FreeBSD Foundation.
FreeBSD 6.3-NETSCALER-10.1 #0: Thu Feb 20 18:54:22 PST 2014
root@sjcpbldbsd6301.eng.citrite.net:/usr/obj/amd64/usr/home/build/rs_101_124_8/usr.src/sys/NS64
Preloaded elf kernel "/ns-10.1-124.13" at 0xffffffff930b3000.
Calibrating clock(s) ... i8254 clock: 1189606 Hz
CLK_USE_I8254_CALIBRATION not specified - using default frequency
Timecounter "i8254" frequency 1193182 Hz quality 0
Calibrating TSC clock ... TSC clock: 3325066248 Hz
CPU: Intel(R) Core(TM)2 Duo CPU
Origin = "GenuineIntel"
E8600
Id = 0x1067a
@ 3.33GHz (3325.07-MHz K8-class CPU)
Stepping = 10
Features=0x789fbff<FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,CLFLUSH,MMX,FXSR,SSE,SSE2>
Features2=0x81282201<SSE3,SSSE3,CX16,<b19>,<b21>,<b24>,<b31>>
AMD Features=0x20000800<SYSCALL,LM>
AMD Features2=0x1<LAHF>
real memory
= 2143289344 (2044 MB)
/var/log
# ls
auth.log
httperror.log
ns.log
auth.log.0.gz
httperror.log.0
ns.log.0
callhome.log
lastlog
nscollect.log
callhomedebug.log
license.log
nscollect_cl.log
cron
lpd-errs
nsvpn.log
cron.0.gz
maillog
nsvpnd.log
ctxslsboc.log
maillog.0.gz
ntpd.log
db
messages
security
httpaccess.log
messages.0
snmpd.log
httpaccess.log.0.gz
nitro.log
wicmd.log
httpd.scoreboard
nitro.log.0.gz
/var/nslog
# cd /var/nslog/
# ls
asl
lspci_tv.last
nsagg.conf
aslearn.log
lspci_tv.prev
nsagg.log
aslearn_old_db.tar.gz
lspci_vvvxxx.boot
nslog.nextfile
conmsg.log
lspci_vvvxxx.last
nsumond
dmesg.boot
lspci_vvvxxx.prev
nsumond.log
dmesg.last
newnslog
snmpdebug.log
dmesg.prev
newnslog.0.gz
lspci_tv.boot
ns.log
# cd newnslog
# ls
newnslog.ppe.0
Troubleshooting Techniques
Use
cases
View events
View console messages
View statistics
Debug system counters
Debug load balancing issues
Debug CPU/Memory utilization
Troubleshooting Techniques: nsconmsg

nsconmsg Common Syntax
Make sure to use K,

NOT -k
# cd /var/nslog
# nsconmsg K newnslog -d event
# nsconmsg K newnslog -d consmsg
# nsconmsg K newnslog -d oldconmsg
# nsconmsg K newnslog -s ConLb=2 d oldconmsg
# nsconmsg K newnslog -s ConDebug=1 d oldconmsg
nsconmsg examples
Live CPU related stats
<newnslog-filename> -d event
Archived events
current -g ha_cur_master_state
HA Failover cause
ConLb=2 -d oldconmsg
LB stats
ConCSW=2 -d oldconmsg
CS related counters
current -g pol_hits
Real-time policy hits
ConSSL=2 -d oldconmsg
SSL related counters
ConCMP=2 -d oldconmsg Compression related counters
# nsconmsg -d current -g cpu_use
# nsconmsg -K
# nsconmsg -d
# nsconmsg -s
# nsconmsg -s
# nsconmsg -d
# nsconmsg -s
# nsconmsg -s
Policy Hits
# cd /var/nslog/newnslog
# nsconmsg -K newnslog.ppe.0 -d current -g pol_hits
Displaying performance information
NetScaler V20 Performance Data
NetScaler NS10.1: Build 124.13.nc, Date: Feb 20 2014, 18:53:27
reltime:mili second between two records Fri Oct 25 09:45:52 2013
Index
rtime totalcount-val
0 3038060
delta rate/sec symbol-name&device-no
1 3500159
15
Policy(__ESNS_PREBODY_POLICY)
15
2 pol_hits
2
0
15
Policy(__ESNS_POSTBODY_POLICY)
15
2 pol_hits
0 pol_hits Policy(CTX-LDAP)
nsconmsg K newnslog -d event

# nsconmsg -K newnslog -d event | more
Displaying event information
1906
PPE-0 'interface(1/1)'
has been disabled
NetScaler3910
V20 Performance
Data
Wed Aug 14 12:27:16 2013
NetScaler
1907
Wed Aug 14 12:27:16 2013
NS10.1: Build 124.13.nc, Date: Feb 20 2014, 18:53:27
0 PPE-0 'interface(1/1)' DOWN
rtime: Relative time between two records in milliseconds
1912
0 PPE-0 'server_svc_cfg_NSSVC_DNS_192.168.204.50:53(SVC_CTXANG_DNS1)'
DOWN Wed
seqno rtime event-message
event-time
Aug
1906 14
3910
12:27:25
PPE-0 'interface(1/1)'
2013
has been disabled
Wed Aug 14 12:27:16 2013
1907
0 PPE-0 'interface(1/1)' DOWN
Wed Aug 14 12:27:16 2013
1913
0 PPE-0 'server_svc_cfg_NSSVC_DNS_192.168.204.51:53(SVC_CTXANG_DNS2)' DOWN Wed
1908
7 PPE-0 MonServiceBinding_192.168.47.16:4739_(ping-default)(service_192.168.47.16_33554): DOWN; Last
Aug
14 12:27:25
2013
response:
Failure - Probe
timed out. Wed Aug 14 12:27:25 2013
1909
0 PPE-0 MonServiceBinding_192.168.224.5:53_(ping-default)(SVC_CTX_DNS1): DOWN; Last response: Failure - Probe
timed out. Wed Aug 14 12:27:25 2013
1910
0 PPE-0 MonServiceBinding_192.168.204.51:53_(ping-default)(SVC_CTXANG_DNS2):
1910
0 PPE-0 MonServiceBinding_192.168.204.51:53_(ping-default)(SVC_CTXANG_DNS2): DOWN; Last response: Failure DOWN;
Last response: Failure - Probe timed out. Wed Aug 14 12:27:25 2013
Probe timed out. Wed Aug 14 12:27:25 2013
1911
0 PPE-0
MonServiceBinding_192.168.204.50:53_(ping-default)(SVC_CTXANG_DNS1):
DOWN; Last response: Failure 1911
0 PPE-0
MonServiceBinding_192.168.204.50:53_(ping-default)(SVC_CTXANG_DNS1):
Probe timed out. Wed Aug 14 12:27:25 2013
DOWN;
Last response: Failure - Probe timed out. Wed Aug 14 12:27:25 2013
1912
0 PPE-0 'server_svc_cfg_NSSVC_DNS_192.168.204.50:53(SVC_CTXANG_DNS1)' DOWN Wed Aug 14 12:27:25 2013
1913
0 PPE-0 'server_svc_cfg_NSSVC_DNS_192.168.204.51:53(SVC_CTXANG_DNS2)' DOWN Wed Aug 14 12:27:25 2013
nsconmsg K newnslog d consmsg

# nsconmsg -K newnslog -d consmsg
Displaying console message information
current time is Wed Aug 14 12:53:43 2013
LSM 1/1: Mon->Up on Link_Up
platform: NetScaler Virtual Appliance 450000 (9), manufactured at 2/17/2009
platform: serial HE2H91SCZ6
platform: unknown platform - using defaults!
LSM LO/1: Mon->Up on Link_Up
NetScaler: 420Mb of memory allocated
cell_pool: 0, (2 MB, 2 MB)
cell_pool: 0, map_addr 0xd2200000
nsconmsg K newnslog d oldconmsg

# nsconmsg -K newnslog.ppe.0 -d oldconmsg
Displaying debug performance information
CPU:2.4% MEM:199419576 UP:00.00:00:14 since:Wed Aug 14 10:16:57 2013
nsconmsg K newnslog s ConLb=2 d

oldconmsg
# nsconmsg -K /var/nslog/newnslog -s ConLb=2 -d oldconmsg
Displaying debug performance information
VIP(127.0.0.2:53:DOWN:WEIGHTEDRR):
Hits(0, 0/sec)
Mbps(0.00)
Pers(OFF) Err(0) SO(0) LConn_BestIdx: 1024
Pkt(0/sec, 0 bytes) actSvc(0) DefPol(NONE)
NATSession: Cur(Tcp[0] Udp[1]
Icmp[0] Other[0])
override(0)
newlyUP(0)
------------------------------------------------------NATSession : Free(6552)A(6553)InUse(1)
NATSession: Op/s(Tcp[0] Udp[0] Icmp[0] Other[0])
Conn: Clt(0, 0/sec, OE[0]) Svr(0) SQ(Total: 0

OnVserver:
OnServices:
0)
CM: Conn (Srvr 0 Clnt 0
0) Sessions
PCB 0 NATPCB 0
Session: A:0 F:0 IUse:0 SEs: SIP:0 C:0 SSL:0 Svr:0 UserId:0 SIPDIP:0 DIP:0 SO:0
SSF: Conn (Srvr 0 Clnt 0) U:0
Z(SIP[0], C[0], SSL[0] Server[0] SIPDIP[0] DIP[0] SO[0])
slimit_SO: (Sothreshhold: 0 [Ex: 0] Consumed: [Ex:

VIP(127.0.0.2:53:DOWN:WEIGHTEDRR): Hits(0, 0/sec) Mbps(0.00) Pers(OFF) Err(0) SO(0) LConn_BestIdx: 1024
0 Borrowed:
0 actSvc(0)
TotActiveConn:
0]newlyUP(0)
Available: 0Pkt(0/sec, 0 bytes)
DefPol(NONE) override(0)
Mon: Probes: 0, Failed: 0
Conn: Clt(0, 0/sec, OE[0]) Svr(0) SQ(Total: 0 OnVserver: 0 OnServices: 0)

slimit_SO: (Sothreshhold: 0 [Ex: 0]
Consumed: [Ex: 0 Borrowed: 0 TotActiveConn: 0] Available: 0
IP Conflict
# cat /var/log/ns.log
Aug 14 12:39:11 <local0.info> 192.168.47.1
ipConflict (ipConflictAddr = 192.168.47.1,
sysIpAddress = 192.168.47.1)
Aug 14 12:39:42 <local0.info> 192.168.47.1 last
message repeated 169 times
Troubleshooting Techniques
Common NetScaler issues/resolutions
HDD Issues
Flash Issues
Memory starvation
CPU starvation
Logging fails
/var missing
Config fails to save
Config saves partially
Sync fails
Device fails to boot
Dropped sessions
All services failing
All VIPS down
Degraded performance
NetScaler Data Collection

NetScaler software version including build (from the show version NetScaler
Command Line Interface (NSCLI) command) example: 10.1.124.13
Production setup or new installation
Whether an application/service that was working is now broken or whether the
user wants to configure an application/service
Network topology information
What changes were performed on the NetScaler appliance prior to the issue
Any change(s) on the connected Switches, upstream Router, or backend
server prior to experiencing the issue
ns.conf after saving the configuration - (from the save configuration NSCLI
command)
show techsupport I
> show techsupport
showtechsupport data collector tool - $Revision: #1 $!

NetScaler version 10.1
Creating /var/tmp/support ....
The NS IP of this box is 192.168.47.1
Current HA state: Primary (or this is not part of HA pair!)
All the data will be collected under
/var/tmp/support/collector_P_192.168.47.1_25Oct2013_11_12
Copying selected configuration files from nsconfig ....
Copying WebInterface configuration files (if WI is installed)...
... WI is not installed on this system. Nothing to copy.
Running shell commands ....
Running CLI show commands ....
Running CLI stat commands ....
Running vtysh commands ....
Determining newnslog files to archive....
show techsupport II
... copied 6 files from this directory.
Copying core files from /var/core ...(last 5 files created within the last week)
NSPPE core (2/NSPPE-00-1077.gz) file present! Skipping this file because of size
restrictions..
Copying core files from /var/crash ...(last 5 files created within the last week)
... Nothing to copy...No files created within the last one week
Copying messages,ns.log,dmesg and other log files ....
Copying imported files and mapping files ...
Copying GSLB location database files ....
Archiving all the data into
"/var/tmp/support/collector_P_192.168.47.1_25Oct2013_11_12.tar.gz"....Done.
Created a symbolic link for the archive with /var/tmp/support/support.tgz
/var/tmp/support/support.tgz ---- points to --->
/var/tmp/support/collector_P_192.168.47.1_25Oct2013_11_12.tar.gz
If this node is part of HA pair, please run it on the other node also!!
techsupport archive structure

/etc
/flash
/nsconfig
/shell
/var
/cfsynclog
/clusterd
/core
/crash
/download
/log
/netscaler
/nslog
/nsproflog
/nssynclog
nstrace & nstcpdump

nstrace
nstcpdump
Common syntax:
Nstrace.sh sz 0
Nstrace.sh sz 0 filter SOURCEIP
= 10.198.4.10 link enabled
Filter qualifiers and operators:
SOURCEIP, SOURCEPORT, DESTIP,
DESTPORT, SVCNAME, VSVRNAME,
STATE
==, eq, !=, neq, >, gt, <, lt, >=,
ge, <=, le, BETWEEN
Compound filters using || and &&
Common syntax:
Nstcpdump.sh X tcp port 80
Nstcpdump.sh w testcapture.cap
X src host 10.198.4.10 tcp port 80
Filter qualifiers and operators:
tcpdump standard
Packet Tracing
Differences between nstrace.sh & nstcpdump.sh
Nstcpdump.sh
Useful if traces are to be viewed on
standard output
nstcpdump.sh w <filename> option

helps writing output to file
Nstrace.sh
Useful for offline collection
nstrace.sh sz 0
Saves traces in /var/nstrace in cap format
can be used with expressions so that you get

to see filtered traffic
useful for collection of traces in separate log

files based on NICs
nstcpdump.sh host <IP>

nstcpdump.sh port 21
nstrace.sh tcpdump1 nic 1
nstrace.sh
# nstrace.sh --?
-h
- prints this message - exclusive option
nstrace - utility to start NetScaler packets trace
-nf
usage:
- number
of <number_of_files]
files to be generated
24)
nstrace.sh
[-h] [-nf
[-time <time>] in
[-m cycle
<mode>] (def.
[-nic <boolean>]
-time
-h
-sz
-time
-
-nf
- prints this message - exclusive option
- seconds per file (def. 3600) (could be an expression)
-sz
- number of files to be generated in cycle (def. 24)
- seconds
per file
(def. 3600)
(could
be an expression)
size
of the
captured
data
(bytes
from 60 to 1514)
- size of the captured data (bytes from 60 to 1514)
-m - 0=nstrace-format
- Capturing mode: sum of
the values (def.
18):
-tcpdump
(default)
or 1=tcpdump-format
-tcpdump - 0=nstrace-format (default) or 1=tcpdump-format
-nic -nic - use

separate trace files for each interface (only works if -tcpdump
- use separate trace files for each interface
option is set)
(only works if -tcpdump option is set)
-name
-name
-
- name
the trace
file
name
ofofthe
trace
file
-filter - Filter expression for nstrace. The maximum length of filter expression is 255 and it can of
-filter
- Filter
expression
nstrace. The maximum length of filter expression
following format:
<expression>
[<relop>for
<expression>]
-link
Log filtered
peer's format:
(linked connection's)
traffic.
Works only <expression>]
with -filter option
is
255- and
it canconnection's
of following
<expression>
[<relop>
-id
- ID for the trace file name for uniqueness. Should be used only with -name option
-link
- Log filtered connection's peer's (linked connection's) traffic. Works
-stop
- can be used to disable tracing (when 'nstrace.sh' is run in the background)
only
with
-filter
option
#
Packet Tracing
nstrace.sh
Proprietary capture format
Native format captures more
information
Files are stored in /var/nstrace
Needs custom dissector in
Wireshark (1.6+)
nstcpdump.sh
TCPdump PCAP capture format
Useful for live capture from CLI
Option to write to a file
Most TCPdump options supported
Works in standard Wireshark
Trace analysis
nstrace.sh
By Default if nstrace.sh is executed from shell prompt

Trace files are stored in NetScaler proprietary (.cap) format
The trace capture runs for 1 hr. (3600 sec) if not interrupted
Files are cyclically numbered from 1-24. Trace mode is 6 (that is the TXB
and RX packets are captured)
The size of the captured data for each packet is 164
Trace Analysis
nstrace syntax examples
Command
Purpose
# nstrace.sh
Stores the traces in default (proprietary) format
# nstrace.sh
-tcpdump 1
Begins to save the traces in the TCPDUMP format for a default 3600
seconds
# nstrace.sh
-tcpdump 1 -nic 1
Logs the traces (in TCPDUMP format) into separate log files based on
the NIC IDs
# nstrace.sh nf
<value>
No of files to be generated in cycle by default is 24
# nstrace.sh time
<value>
Seconds per file by default 3600 seconds
# nstrace.sh -sz 0
Size of the captured data( by default it is 164), -sz 0 is the entire

packet length
# nstrace.sh m
Capturing mode: sum of the values (def. 6):

1-Transmitted packets (TX)
2 - Packets buffered for transmission (TXB)
4 - Received packets (RX)
Trace Analysis
nstcpdump.sh example syntax
Command
Purpose
# nstcpdump.sh
<type>
Possible types are host, net and port .If there is no type
qualifier host assumed
# nstcpdump.sh
<dir>
Qualifiers specify a particular transfer direction to and/or

from id. Possible directions are src, dst, src or dst and
src and dst. If there is no dir qualifier, src or dst is
assumed. src foo', `dst net 128.3', `src or dst port ftpdata'
# nstcpdump.sh
<proto>
ether, fddi, ip, arp, rarp, decnet, tcp and udp.
# nstcpdump.sh c
<value>
Exit after receiving value number of packets
# nstcpdump.sh F I
r
Not supported and not to give them as options to the

script
# nstcpdump.sh w
Write the raw packets to file rather than parsing and
nstcpdump.sh
# nstcpdump.sh --?
Setting 1000 pages (8000 KB) of trace buffers ...
Enabling all nic trace mode=6 ...
Done.
Done.
Changing trace packet length from 0 to 0 ...
Done.
tcpdump version 3.9.4

libpcap version 0.9.4
Usage: tcpdump [-aAdDeflLnNOpqRStuUvxX] [-c count] [ -C file_size ]
[ -E algo:secret ] [ -F file ] [ -i interface ] [ -M secret ]
[ -r file ] [ -s snaplen ] [ -T type ] [ -w file ]
[ -W filecount ] [ -y datalinktype ] [ -Z user ]
[ expression ]
Saving current trace data in file 'pipe' ... in TCPDUMP format
Disabling all nic trace ...
Done.
Trace analysis
# nstcpdump.sh host 10.102.12.250

# nstcpdump.sh port 21
# nstcpdump.sh src host 10.102.12.250 and dst host 10.102.12.204
# nstcpdump.sh (host 10.102.12.250 and host 10.102.12.204) or
(host 10.102.12.204 and host 10.102.12.31)
# nstcpdump.sh host storefront.nstipster.lab
Core Dumps/Crashes
Core dump directories

# ls -la
total 8
drwxrwxr-x
4 root
nobody
drwxr-xr-x
31 root
drwxrwxr-x
2 root
nobody
512 Oct
-rw-r--r--
1 root
nobody
2 Mar
wheel
512 Mar
1024 Dec
4 09:41 .
4 10:06 ..
8 21:28 1
4 09:36 bounds
# ls la 1/
total 10292
drwxrwxr-x
2 root
nobody
512 Jan 22 11:24 .
drwxrwxr-x
4 root
nobody
512 Mar
-rw-------
1 root
nobody
9881665 Dec 18 11:15 NSPPE-00-1094.gz
-rw-------
1 root
nobody
603327 Dec 18 11:15 nscac64p-1189.gz
4 09:41 ..
Packet Engine (nsppe) Process Crashing

Oct 19 08:52:46 <local0.alert> vpx1 nsppe: PE 0 (pid 1077) got signal 6; signal mask
is 0x0 0x0 0x0 0x0
Oct 19 08:52:46 <local0.alert> vpx1 [44]: pitboss Sat Oct 19 08:52:46 2013 NSPPE-00
(1077) unexpectedly died due to receiving signal
Oct 19 08:52:46 <local0.alert> vpx1 [44]: pitboss Sat Oct 19 08:52:46 2013 There may
be a delay restarting process while collecting core dump on NSPPE-00 (1077)
Oct 19 08:52:46 <local0.alert> vpx1 [44]: pitboss Sat Oct 19 08:52:46 2013 proc
NSPPE-00 (1077) failure. Therefore initiating nCore NetScaler restart according to
policy setting (0x29ac)
Oct 19 08:52:46 <local0.alert> vpx1 [44]: pitboss Sat Oct 19 08:52:46 2013 NetScaler
restart may be delayed if collecting core dump for NSPPE-00 (1077)
Oct 19 08:52:46 <local0.alert> vpx1 [44]: pitboss Sat Oct 19 08:52:46 2013 Pitboss
declaring system failure: NSPPE-00 (1077) exited
Oct 19 08:53:44 <local0.info> vpx1 [44]: pitboss Sat Oct 19 08:53:44 2013 Deleting
watch on NSPPE-00 (1077) for ()
/var/core
# cd /var/core/
# ls -la
total 14
drwxrwxr-x
6 root
nobody
drwxr-xr-x
30 root
drwxrwxr-x
2 root
nobody
-rw-r--r--
1 root
nobody
wheel
512 Oct 25 07:54 .

1024 Oct 25 10:31 ..
512 Sep 30 13:39 1
2 Oct 25 07:54 bounds
root@vpx1# ls 1/
NSPPE-00-1077.gz
nscac64p-1177.gz
nsnetsvc-1086.gz
aslearn-1148.gz
nscfsyncd-1158.gz
nsrised-1164.gz
imi-1129.gz
nsclfsyncd-1160.gz
provserverd-1162.gz
monuploadd-1154.gz
nsclusterd-1105.gz
snmpd-1152.gz
nsaaad-1131.gz
nsconfigd-1156.gz
nsaggregatord-1107.gz
nsfsyncd-1110.gz
show techsupport
> show techsupport
----SNIP---Copying core files from /var/core ...(last 5 files created within the
last week)
NSPPE core (1/NSPPE-00-1077.gz) file present! Skipping this
file because of size restrictions..
Copying core files from /var/crash ...(last 5 files created within the
last week)
... Nothing to copy...No files created within the last one
week
----SNIP-- 2014 Citrix | Confidential Do Not Distribute
Backup conf files

# cd /nsconfig/
# ls -lath ns*
-rw-r--r--
1 root
wheel
16K Oct 30 14:01 ns.conf
-rw-------
1 root
wheel
16K Oct 30 14:01 ns.conf.0
-rw-------
1 root
wheel
12K Oct 25 09:34 ns.conf.1
-rw------124.13
1 root
wheel
12K Oct 25 08:09 ns.conf.NS10.1-
-rw-------
1 root
wheel
12K Oct 25 07:52 ns.conf.2
-rw-------
1 root
wheel
12K Oct 24 15:17 ns.conf.3
-rw-------
1 root
wheel
13K Oct 24 08:56 ns.conf.4
Useful Links
CTX1093 Data Collection Procedure to Troubleshoot NetScaler
04
Related Issues
http://www.slideshare.net/davidmcg/common-pitfalls-when-setting-up-a-n
et-scaler-for-the-first-time
http://support.citrix.com/search/basic?searchQuery=counters&refin
ement=Content+Type,Technotes&refinement=Product+Family,NetScaler
CTX1149 How to Troubleshoot Authentication with Aaad.debug
99
https://taas.citrix.com/
Maximize your knowledge.

Continue your journey with Citrix Education.
Recommended next step for hands-on technical
training:
CNS-205 Citrix NetScaler 10 Essentials and Networking
Identify the capabilities and functionality of the NetScaler
Explain basic NetScaler network architecture
Obtain, install, and manage NetScaler licenses
Explain how SSL is used to secure the NetScaler
Implement NetScaler TriScale Technology, including Clustering
Visit bit.ly/NSCOURSE to save 10% now through April 30.*
*Not valid with any other promotions, packages or discounts. Applies only to new purchases. Regional limitations may apply.
Educate | Guide | Support | Succeed
Citrix Services
make sure
you succeed with
About
your
Citrix
Services
virtualization
programs.
How we can help

Citrix Education The fastest, most
efficient way to
get your team the virtualization skills they
need. Online,
on-site or in class.
citrix.com/training
Citrix Consulting Intensive engagements
for
complex, critical or just plain massive
projects.
citrix.com/consulting
Citrix Support Always-on support
Secrets of the Citrix Support Ninjas

40 insider troubleshooting tips
Covering XenDesktop, XenServer, XenApp and NetScaler
Citrix Support top engineers
FREE eBook
Citrix Auto Support
Now available!
Premier Support Calculator

Check it out
Work better. Live better. Use

NetScaler

In Depthtroubleshootingonnetscalerusingcommandlinetools 140327143410 Phpapp01

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

In Depthtroubleshootingonnetscalerusingcommandlinetools 140327143410 Phpapp01

Uploaded by

Copyright:

Available Formats

Citrix Support Secrets

NetScaler Native CLI

NetScaler Native CLI

2014 Citrix | Confidential Do Not Distribute

NetScaler BSD Shell

2014 Citrix | Confidential Do Not Distribute

show version/show ns hostname

> show version

2014 Citrix | Confidential Do Not Distribute

show interface -summary

Gig Ethernet 10/100/1000 MBits

Gig Ethernet 10/100/1000 MBits

Gig Ethernet, copper SFP

Gig Ethernet, copper SFP

Gig Ethernet, no SFP found

Gig Ethernet, no SFP found

Gig Ethernet, copper SFP

Gig Ethernet, no SFP found

Gig Ethernet, no SFP found

Gig Ethernet, no SFP found

10G Ethernet,...SFP+/SFP found

10G Ethernet,...SFP+/SFP found

NetScaler Loopback interface

2014 Citrix | Confidential Do Not Distribute

SSL engine status

SSL sessions (Rate)

2014 Citrix | Confidential Do Not Distribute

How is my NetScaler configured?

2014 Citrix | Confidential Do Not Distribute

Global Server Load Balancing

Http DoS Protection

2014 Citrix | Confidential Do Not Distribute

Layer 3 mode (ip forwarding)

Path MTU Discovery

2014 Citrix | Confidential Do Not Distribute

show run | more

Processes and Uptime

> shell top

2014 Citrix | Confidential Do Not Distribute

CPU states: 18.0% user,

0.0% nice, 32.1% system,

0.0% interrupt, 49.9% idle

THR PRI NICE

20.2H 100.00% NSPPE-00

0 26448K 18276K accept 0

0 61364K 11632K kqread 0

0 25660K 17672K nanslp 0

2014 Citrix | Confidential Do Not Distribute

0:00.00 [kqueue taskq]

0:10.39 [idle: cpu1]

> show route

2014 Citrix | Confidential Do Not Distribute

> show lb vserver

2014 Citrix | Confidential Do Not Distribute

New Service Startup

Request Rate: 0 PER_SECOND, Increment Interval: 0

Warning: Feature(s) not enabled [LB]

show lb vserver [vservername]

Configured Method: ROUNDROBIN

show service [servicename]

Last state change was at Wed Aug 14 11:56:19 2013

Monitor Name: mon-http-ecv

Time since last state change: 0 days, 20:38:31.880

Use Source IP:Probes: