MEP DOWN on the NetScaler

Problem Cause

TROUBLESHOOTING CHECKLIST:
MEP (most MEP issues are caused by networking-related or RPC config issues)

• Ensure TCP ports 3009 and/or 3011 are open bi-directional from MEP communication IPs (this IP could be MIP/SNIP and/or GSLB Site IP)

• Check GSLB rcpNode passwords, ensure they are same across GSLB sites

• Try to reset rpcNode passwords for all GSLB Site IPs

• Rule out “secure” being the issue of MEP. Disable secure option to force MEP to use TCP port 3011. Remember this port needs to be open.

• Check if monitors bound to GSLB service (monitors override MEP status)

• Reset MEP on all sites (disable MEP then re-enable MEP)

• Run shell command #nstcpdump.sh –an port on both sites simultaneously to check the traffic. Or, take nstraces on both ADCs. 

In this case, according to the nstrace file, MEP communication was not initiated from the lower site IP address to the higher site address for site metrics exchange, and then found firewall rule blocked MEP traffic.