Slow Response to the Client Requests when USIP Mode is Enabled on ADC

Slow Response to the Client Requests when USIP Mode is Enabled on ADC

book

Article ID: CTX117346

calendar_today

Updated On:

Description

  • When using ADC in Use Source IP (USIP) mode, a slow response to the client requests is experienced.
  • Servers had requests in surge queues that were not processed.

Background

The USIP mode enables the NetScaler appliance to communicate with the backend servers by using the original Client IP address as the source IP address, as opposed to the Mapped IP (MIP) or Subnet IP (SNIP). This enables an application to identify the IP address of the client.

Resolution

To resolve the issue, make sure to update the default route on the backend servers to point to the ADC appliance as a default gateway.

With USIP mode on the ADC appliance, the backend servers should always have the NetScaler IP (NSIP) address as the default gateway. If you want to configure the default router as a return path for the response, then enable the Direct Server Return (DSR) feature on the ADC appliance.

Problem Cause

The backend servers were responding to the source IP address because the customer had enabled the USIP mode on the appliance. Therefore, the default route did not point to the ADC appliance. The response from the servers was never sent to the client through the ADC. Additionally, the route on the server was changed for the production network traffic. Therefore, the ADC appliance had multiple open connections to the backend servers. As these connections were not getting a response on time, the connections started to collect in the surge queue.

Issue/Introduction

When using a NetScaler appliance in Use Source IP (USIP) mode, the customer experienced slow response to the client requests.

Additional Information

Follow these steps for analysis:

  1. Run the following command to verify the load balancing virtual server statistics:
    stat lb vserver <vserver_name>

  2. Run the following command to verify that there are not many requests to the load balancing Virtual IP (VIP):
    stat service <service_name>
    The output of this command displays the connections in the surge queue for the IP addresses of the servers having issue.

  3. Analyze the network packet traces of the ADC appliance. The analysis of the traces indicates that the monitor probes for the IP address of the servers with the issue are not receiving any acknowledgement from many instances.

  4. Verify if USIP mode is enabled on the appliance. If it is enabled on the appliance, then it indicates an issue with the backend servers.

  5. Check the backend server to find if an incorrect default gateway is configured on the backend servers.
Powered by Wolken Software