Starting from NetScaler 8.1, the concept of multi port tables was introduced and there are 16 tables by default allocated to each SNIP. Each SNIP will have 65k x 16 ports free for connections to the back end servers, which is equal to 1032192 free ports.
However it is important to note that:
All these ports (1032192) might only be used when connections go to different destination addresses.
This means, even if there are free ports available, they might not be used by the SNIP if the destination addresses of the backend servers are not unique.
For example:
If there is 1 SNIP and only 1 Service, then the limit is 65k ports.
If there is 1 SNIP and 5 unique services with different destination IP addresses then the possible limit is 65k x 5.
We can run the following commands to check the number of free ports available.
root@NS# nsapimgr -d freeports
Displaying all free ports of all MIPs...
Index IP FreePorts
0 0.0.0.1 16513536
1 127.0.0.2 1031683
2 241.0.0.2 1032096
3 241.0.0.4 1032096
4 241.0.0.5 16513536
5 10.107.182.67 1032095
6 10.107.182.76 1032080
root@NS# nsapimgr -d mappedip
Displaying all mapped IP info entries ...
Index Devno UsedPorts FreePorts Type IP
0 651 4279485952 16513536 402 0.0.0.1
1 653 510 1031682 LOOP 127.0.0.2
2 657 96 1032096 NSIP 241.0.0.2
3 661 96 1032096 LOOP 241.0.0.4
4 659 4279485952 16513536 402 241.0.0.5
5 649 97 1032095 NSIP 10.107.182.67
6 9677 112 1032080 404 10.107.182.76
total 7 4264005519 38187121
To know number of free ports available for a specific MIP/SNIP we can run the below command.
> sh ns ip 10.107.182.76
IP: 10.107.182.76
Netmask: 255.255.255.224
Type: SNIP
Traffic Domain: 0
state: Enabled
arp: Enabled
arpResponse: NONE
icmp: Enabled
icmpResponse: NONE
vserver: NA
management access: Disabled
telnet: Enabled
ftp: Enabled
ssh: Enabled
gui: Enabled
snmp: Enabled
Restrict access: Disabled
dynamic routing: Disabled
hostroute: Disabled
# free ports: 1032080
networkroute: Disabled
ownerNode: ALL NODES
We can run the below command to see if the port allocation counter is a non-zero value or not.
root@NS# nsconmsg -K /var/nslog/newnslog -d stats -g ip_err_portalloc_failed -g tcp_err_ip_portalloc_failed
Displaying current counter value information
NetScaler V20 Performance Data
NetScaler NS11.1: Build 51.26.nc, Date: Jan 31 2017, 00:12:01
reltime:mili second between two records Thu Aug 31 21:41:04 2017
Index reltime counter-value symbol-name&device-no
1 0 57060984 ip_err_portalloc_failed Mapped_IP_10.107.182.76
3 0 57060984 tcp_err_ip_portalloc_failed
Free ports per IP address:
ipFreePorts (1.3.6.1.4.1.5951.4.1.1.26.1.5)
Port allocation errors:
tcpErrIpPortFail - 1.3.6.1.4.1.5951.4.1.1.46.70
tcpErrAnyPortFail - 1.3.6.1.4.1.5951.4.1.1.46.69
For more information please refer to NetScaler documentation or contact Citrix support.