DNS Name Server Shows DOWN on NetScaler

DNS Name Server Shows DOWN on NetScaler

book

Article ID: CTX207954

calendar_today

Updated On:

Description

DNS name server shows DOWN on NetScaler as shown in the following output:
show dns nameserver
1)       192.193.215.69  -  State: DOWN         Protocol: UDP
2)       192.193.215.73  -  State: DOWN         Protocol: UDP
3)       192.193.215.65  -  State: DOWN         Protocol: UDP

Resolution

To resolve this issue, create a DNS service on NetScaler with an increased response timeout custom monitor (in this example 10 seconds) and bind it to the DNS service.

> sh monitor test-icmp
1)   Name.......:      test-icmp  Type......:      PING State....:   ENABLED
Standard parameters:
  Interval.........:           11 sec
Retries...........:                3
  Response timeout.:           10 sec Down time.........:           30 sec
  Reverse..........:               NO
Transparent.......:               NO
  Secure...........:   Not applicable
LRTM..............:          ENABLED
  Action...........:   Not applicable
Deviation.........:            0 sec
  Destination IP...:    Bound service
  Destination port.:   Not applicable
  Iptunnel.........:               NO
  TOS..............:               NO
TOS ID............:                0
  SNMP Alert Retries:               0
  Success Retries..:                1
  Failure Retries..:                0
 Done

DNS-Service State:
MPX-7500> sh service dns-test
        dns-test (X.X.X.X:53) - DNS
        State: UP
        Last state change was at Sat Dec 6 07:50:54 2014
        Time since last state change: 0 days, 00:13:17.270
        Server Name: 192.193.215.69
        Server ID : None Monitor Threshold : 0
        Max Conn: 0 Max Req: 0 Max Bandwidth: 0 kbits
        Use Source IP: NO
        Client Keepalive(CKA): NO
        Access Down Service: NO
        TCP Buffering(TCPB): NO
        HTTP Compression(CMP): NO
        Idle timeout: Client: 120 sec Server: 120 sec
        Client IP: DISABLED
        Cacheable: NO
        SC: OFF
        SP: OFF
        Down state flush: ENABLED
        Appflow logging: ENABLED

1) Monitor Name: test-icmp
                State: UP Weight: 1
                Probes: 73 Failed [Total: 0 Current: 0]
                Last response: Success - ICMP echo reply received.
                Response Time: 6272.58 millisec
Done

Problem Cause

From the NetScaler trace files we see a latency of more than 6 seconds for the monitor probe packets sent out by NetScaler to DNS servers which are ICMP packets.

There is a timeout of 2 seconds on the monitor probe packets sent out of NetScaler.

show monitor ping-default
1) Name.......: ping-default Type......: PING State....: ENABLED
Standard parameters:
Interval.........: 5 sec Retries...........: 2
Response timeout.: 2 sec Down time.........: 30 sec
Reverse..........: NO Transparent.......: NO
Secure...........: Not applicable LRTM..............: ENABLED
Action...........: Not applicable Deviation.........: 0 sec
Destination IP...: Bound service
Destination port.: Not applicable
Iptunnel.........: NO
TOS..............: NO
SNMP Alert Retries: 0 Success Retries..: 1
Failure Retries..: 0

Since the monitor probe response does not reach NetScaler within 2 secs, NetScaler is marking the DNS servers as DOWN.

Issue/Introduction

DNS name server shows DOWN on NetScaler.
Powered by Wolken Software