Citrix ADC TCP Counters
Article ID: CTX133888
Updated On:
Description
This article contains information about the newnslog Transmission Control Protocol (TCP) counters and its brief description.
Using the Counters
Log on to the NetScaler using an SSH client, change to SHELL, navigate to the /var/nslog directory, and then use the ‘nsconmsg’ command to see comprehensive statistics using the different counters available. For the detailed procedure refer to Citrix Blog - NetScaler ‘Counters’ Grab-Bag!.
The newnslog TCP counters
The following table lists the newnslog TCP counters with a simple description of the counter.
| Counter | Description |
| tcp_tot_ServerOpen | Server connections initiated by the NetScaler appliance after startup. This counter is reset when the appliance restarts. |
| tcp_tot_ServerClosed | Total number of closed server connections |
| tcp_tot_ClientOpen | Client connections initiated on the NetScaler appliance after startup. This counter is reset when the appliance restarts. |
| tcp_tot_ClientClosed | Total number of closed client connections |
| tcp_tot_syn | SYN packets received |
| tcp_tot_syn_probe | Probes from the NetScaler appliance to a server. The appliance sends a SYN packet to the server to check its availability and expects a SYN_ACK packet from the server before a specified response timeout. |
| tcp_tot_fin_srvr | FIN packets received from the server. |
| tcp_tot_fin_clnt | FIN packets received from the clients. |
| tcp_tot_timeWaitToSyn | SYN packets received on connections that are in the TIME_WAIT state. Packets cannot be transferred on a connection in this state. |
| tcp_tot_timeWaitData | Bytes of data received on connections that are in the TIME_WAIT state. Data cannot be transferred on a connection that is in this state. |
| tcp_tot_clnt_flushed | Client connections that are flushed because the client is idle for some time. |
| tcp_tot_srvr_flushed | Server connections that are flushed because there are no client requests in the queue for some time. |
| tcp_tot_clnt_flushed_ho | Half-opened client connections that are flushed because the three-way handshakes are not complete. |
| tcp_tot_srvr_flushed_ho | Half-opened server connections that are flushed because the three-way handshakes are not complete. |
| tcp_tot_clnt_flushed_ahc | Active half-closed client connections that are flushed because the client has closed the connection and there is no activity on the connection. |
| tcp_tot_srvr_flushed_ahc | Active half-closed server connections that are flushed because the server has closed the connection and there is no activity on the connection. |
| tcp_tot_clnt_flushed_phc | Passive half-closed client connections that are flushed because the NetScaler appliance has closed the connection and there is no activity on the connection. |
| tcp_tot_srvr_flushed_phc | Passive half-closed server connections that are flushed because the NetScaler appliance has closed the connection and there is no activity on the connection. |
| tcp_err_badchecksums | Packets received with a TCP checksum error. |
| tcp_err_syn_n_syn_rcvd | SYN packets received on a connection that is in the SYN_RCVD state. A connection goes into the SYN_RCVD state after receiving a SYN packet. |
| tcp_err_syn_n_est | SYN packets received on a connection that is in the ESTABLISHED state. A SYN packet is not expected on an ESTABLISHED connection. |
| tcp_err_syn_giveups | Attempts to establish a connection on the NetScaler appliance that timed out. |
| tcp_err_syn_sentbadack | Incorrect ACK packets received on a connection that is in the SYN_SENT state. An incorrect ACK packet is the third packet in the three-way handshake that has an incorrect sequence number. |
| tcp_err_syn_retransmit | SYN packets resent to a server. |
| tcp_err_fin_retransmit | FIN packets resent to a server or a client. |
| tcp_err_fin_giveups | Connections that were timed out by the NetScaler appliance because of not receiving the ACK packet after retransmitting the FIN packet four times. |
| tcp_err_fin_dup | Number of duplicate FIN packets received |
| tcp_err_rst | Reset packets received from a client or a server |
| tcp_err_rst_not_est | Reset packets received on a connection that is not in the ESTABLISHED state |
| tcp_err_rst_outof_wnd | Reset packets received on a connection that is out of the current TCP Window |
| tcp_err_rst_inTimewaits | Reset packets received on a connection that is in the TIME_WAIT state. Packets cannot be transferred on a connection in the TIME_WAIT state. |
| tcp_err_srvr_retransmit | Packets retransmitted by a server. This usually occurs because the acknowledgement from the NetScaler appliance has not reached the server. |
| tcp_err_clnt_retransmit | Packets retransmitted by a client. This usually occurs because the acknowledgement from the NetScaler appliance has not reached the client. |
| tcp_err_full_retransmit | Full packets retransmitted by the client or the server |
| tcp_err_partial_retrans mit | Partial packet retransmits by a client or server because of congestion on the connection. This usually occurs because the Window advertised by the NetScaler appliance is not big enough to hold the full packet. |
| tcp_err_srvr_out_of_or der | Out of order TCP packets received from a server. |
| tcp_err_clnt_out_of_or der | Out of order TCP packets received from a client. |
| tcp_err_hole_client | TCP holes created on a client connection. When out of order packets are received from a client, a hole is created on the NetScaler appliance for each group of missing packets. |
| tcp_err_hole_server | TCP holes created on a server connection. When out of order packets are received from a server, a hole is created on the NetScaler appliance for each group of missing packets. |
| tcp_err_cookie_pkt_seq_reject | SYN cookie packets rejected because they contain an incorrect sequence number. |
| tcp_err_cookie_signat ure_reject | SYN cookie packets rejected because they contain an incorrect signature. |
| tcp_err_cookie_pkt_se q_drop | SYN cookie packets dropped because the sequence number specified in the packets is outside the current Window. |
| tcp_err_cookie_mss | SYN cookie packets rejected because the maximum segment size (MSS) specified in the packets is incorrect. |
| tcp_err_retransmit | TCP packets retransmitted. The NetScaler appliance attempts to retransmit the packet up to seven times, after which it resets the other half of the TCP connection. |
| tcp_err_retransmit_giveups | The number of times the NetScaler appliance terminates a connection after retransmitting the packet seven times on that connection. |
| tcp_max_Clients | The maximum number of connections that can be made from the system to the Web server(s) attached to it. This value is applied globally to all attached servers. |
| tcp_max_ReqPerConn | The maximum number of requests that the system can pass on a particular connection between the system and a server attached to it. If the Value is zero, then it allows an unlimited number of requests to be passed. |
| tcp_err_cip_alloc | Number of times TCP level client header insertion failure |
| tcp_tot_ClientOpen_Rate | Rate at which connections are opened in the system. |
| tcp_tot_acl_bridge | Packets matching a bridge Access Control List (ACL), which in transparent mode bypasses service processing. |
| tcp_tot_acl_drop | Packets dropped because they match ACLs with processing mode set to DENY. |
| tcp_tot_acl_allow | Packets matching ACLs with processing mode set to ALLOW. NetScaler appliance processes these packets. |
| tcp_tot_acl_nat | Packets matching a NAT ACL, resulting in a NAT session. |
| tcp_tot_acl_hits | Packets matching an ACL. |
| tcp_tot_acl_miss | Packets not matching any ACL. |
| tcp_tot_sacl_bridge | Total packets that matched a SimpleACL with action BRIDGE and got bridged by NetScaler appliance. |
| tcp_tot_sacl_drop | Packets dropped because they match Deny Simple ACL. |
| tcp_tot_sacl_allow | Total packets that matched a Simple ACL with action ALLOW and got consumed by NetScaler appliance. |
| tcp_tot_sacl_hits | Packets matching a simple ACL. |
| tcp_tot_sacl_miss | Packets not matching any simple ACL. |
| tcp_tot_sacl_count | Number of simple ACLs configured. |
| tcp_tot_sacl6_bridge | Total packets that matched a SimpleACL6 with action BRIDGE and got bridged by NetScaler appliance. |
| tcp_tot_sacl6_drop | Packets dropped because they match deny simple ACL6. |
| tcp_tot_sacl6_allow | Total packets that matched a SimpleACL6 with action ALLOW and got consumed by NetScaler appliance. |
| tcp_tot_sacl6_hits | Packets matching a simple ACL6. |
| tcp_tot_sacl6_miss | Packets not matching any simple ACL6. |
| tcp_tot_sacl6_count | Number of simple ACL6s configured. |
| tcp_tot_acl6_bridge | Packets matching a bridge IPv6 ACL, which in transparent mode bypasses service processing. |
| tcp_tot_acl6_drop | Packets dropped because they match IPv6 ACLs with processing mode set to DENY. |
| tcp_tot_acl6_allow | Packets matching IPv6 ACLs with processing mode set to ALLOW. NetScaler appliance processes these packets. |
| tcp_tot_acl6_nat | Packets matching a NAT ACL6, resulting in a NAT session. |
| tcp_tot_acl6_hits | Packets matching an IPv6 ACL. |
| tcp_tot_acl6_miss | Packets not matching any IPv6 ACL. |
| pbr_tot_allow | Total packets that matched the PBR with action ALLOW |
| pbr_tot_deny | Total packets that matched PBR with action DENY |
| pbr_tot_hits | Total packets that matched any PBR |
| pbr_tot_miss | Total packets that did not match any PBR |
| tcp_tot_rxpkts | TCP packets received |
| tcp_tot_rxbytes | Bytes of TCP data received |
| tcp_tot_txpkts | TCP packets transmitted |
| tcp_tot_txbytes | Bytes of TCP data transmitted |
| pcb_tot_zombie_called | Number of times the Zombie cleanup function is called. Every time a connection is flushed, it is marked for cleanup. The Zombie cleanup function clears all these connections at predefined intervals. |
| tcp_tot_synheld | SYN packets held on the NetScaler appliance that are waiting for a server connection. |
| tcp_tot_synheld_flushed | SYN packets flushed on the NetScaler appliance because of no response from the server for three or more seconds. |
| tcp_tot_fintimewaitcon nclosedearly | Connections closed on the NetScaler appliance because the number of connections in the TIME_WAIT state has exceeded the default value of 7000. |
| tcp_err_any_portalloc_ failed | Port allocations that have failed on a mapped IP address because the maximum limit of 65536 has exceeded or the mapped IP address is not configured. |
| tcp_err_ip_portalloc_failed | Port allocations that have failed on a subnet IP address or virtual server IP address because the maximum limit of 65536 has exceeded. |
| tcp_err_stray_packets | Packets received on a connection whose state is not maintained on the NetScaler appliance. |
| tcp_err_send_rst | Reset packets sent to a client or a server. |
| tcp_err_bad_state_con nections | Connections that are not in a valid TCP state. |
| tcp_tot_fast_retransmit | TCP packets on which the NetScaler appliance performs a fast retransmission in response to three duplicate acknowledgements or a partial acknowledgement. The appliance assumes that the packet is lost and retransmits the packet before its time-out. |
| tcp_err_1st_retransmit | Packets retransmitted once by the NetScaler appliance. |
| tcp_err_2nd_retransmit | Packets retransmitted twice by the NetScaler appliance. |
| tcp_err_3rd_retransmit | Packets retransmitted three times by the NetScaler appliance. |
| tcp_err_4th_retransmit | Packets retransmitted four times by the NetScaler appliance. |
| tcp_err_5th_retransmit | Packets retransmitted five times by the NetScaler appliance. |
| tcp_err_6th_retransmit | Packets retransmitted six times by the NetScaler appliance. |
| tcp_err_7th_retransmit | Packets retransmitted seven times by the NetScaler appliance. If this fails, the appliance terminates the connection. |
| tcp_err_data_after_fin | Bytes received following a connection termination request. This error is usually caused by reordering packets during transmission. |
| tcp_err_threshold | Reset packets dropped because the default threshold of 100 resets per 10 milliseconds has exceeded. This is a configurable value using the set rate Control command. |
| tcp_err_oowindow | Packets received that are out of the current advertised Window. |
| tcp_err_in_congestion _syndropped | SYN packets dropped because of network congestion. |
| tcp_tot_bdg_mac_moved | The number of times bridging registered MAC moved |
| tcp_tot_bdg_collisions | The number of bridging table collisions |
| tcp_err_bdg_muted | The number of bridging related interface mutes |
| bdg_tot_pkts | The total number of bridged traffic |
| bdg_tot_Mbits | The total number of bridged Mbits |
| tcp_cur_ServerConn | Server connections, including connections in the Opening, Established, and Closing state. |
| tcp_cur_ServerConnClosing | Server connections in the Closing state, which indicates that the connection termination process has initiated but is not complete. |
| tcp_cur_ServerConnEst | Current server connections in the Established state, which indicates that data transfer can occur between the NetScaler appliance and the server. |
| tcp_cur_ServerConnOpening | Server connections in the Opening state, which indicates that the handshakes are not yet complete. |
| tcp_cur_ClientConn | Client connections, including connections in the Opening, Established, and Closing state. |
| tcp_cur_ClientConnClosing | Client connections in the Closing state, which indicates that the connection termination process has initiated but is not complete. |
| tcp_cur_ClientConnEst | Current client connections in the Established state, which indicates that data transfer can occur between the NetScaler appliance and the client. |
| tcp_cur_ClientConnOpening | Client connections in the Opening state, which indicates that the handshakes are not yet complete. |
| tcp_cur_surgequeuelen | Connections in the surge queue. When the NetScaler appliance cannot open a connection to the server, for example when maximum connections are reached, the appliance queues these requests. |
| tcp_cur_GlobalReusePool | Spare connections available. To save time and resources in establishing another connection for a new client, the connection on the server is not closed after completing the request from the first client and is available for serving future requests. |
| tcp_cur_active_server _conn | Connections to a server currently responding to requests. |
| tcp_cur_nServers | The number of physical servers that the NetScaler appliance has opened connections with. |
| tcp_tot_reuse_hit | Total number of client transactions found with the server connection in the reuse-pool. |
Issue/Introduction
This article contains information about the newnslog Transmission Control Protocol (TCP) counters and its brief description.
Was this article helpful?
Yes
No
Powered by
