NetScaler is sending the reponse to the client with wrong source IP when USIP mode is enabled.

NetScaler is sending the reponse to the client with wrong source IP when USIP mode is enabled.

book

Article ID: CTX226119

calendar_today

Updated On:

Description

This only happens to the ACK packet which is a response sent by the back-end server to a RESET sent by the client.
The entire communication works fine and packets forwarded to the client are sent using the VIP IP but the above mentioned packet which is sent by the server is forwarded to the client with source-IP as original back-end IP instead of the VIP IP.

Resolution

Enable USIP mode on L3 param by running the command:
> Set l3param -usipServerStrayPkt ENABLE

Problem Cause

From the trace, we can see that for the last ACK to the RESET, no pcbdevno or linked pcbdev no is assosciated . So we are not hitting any session. So the ACK from backend , is stray packet and we are just routing it. This is expected .

Issue/Introduction

NetScaler is sometimes using source-IP as back-end server IP instead of LB or CS VIP IP when USIP mode is used.
Powered by Wolken Software