In some cases the client end customer sees error like "connection reset by peer" or a FYN packet from the netscaler.
Please note that FYN packet from Netscaler does not independently cause of the issue however just a symptom.
To be assured of the mac_moves please check the Netscaler counters as below:
# nsconmsg -K newnslog -d current -g nic_tot_bdg_mac_moved
(run the above command in # mode "/var/nslog" directory, The output should be as followed if there are any mac_moves)
Display start time set to Thu Jun 15 15:19:00 2017
Displaying performance information
NetScaler V20 Performance Data
NetScaler NS10.5: Build 54.9.nc, Date: Dec 15 2014, 13:17:00


reltime:mili second between two records Thu Jun 15 15:19:13 2017
Index rtime totalcount-val delta rate/sec symbol-name&device-no&time
0 28000 23267368 2 0 nic_tot_bdg_mac_moved interface(1/12) Thu Jun 15 15:19:13 2017
1 0 23267368 2 0 nic_tot_bdg_mac_moved interface(1/2) Thu Jun 15 15:19:13 2017
2 7000 23267420 52 7 nic_tot_bdg_mac_moved interface(1/12) Thu Jun 15 15:19:20 2017
3 0 23267420 52 7 nic_tot_bdg_mac_moved interface(1/2) Thu Jun 15 15:19:20 2017
4 7000 23267436 16 2 nic_tot_bdg_mac_moved interface(1/12) Thu Jun 15 15:19:27 2017
5 0 23267436 16 2 nic_tot_bdg_mac_moved interface(1/2) Thu Jun 15 15:19:27 2017
6 14000 23267452 16 2 nic_tot_bdg_mac_moved interface(1/12) Thu Jun 15 15:19:41 2017

 

For this please follow the NetScaler Best Practice: https://support.citrix.com/article/CTX214033
With reference to : NetScaler Networking and VLAN Best Practices
EACH VLAN SHOULD BE ASSOCIATED TO ONLY ONE INTERFACE (for purposes of this discussion, a LA Channel counts as a single interface).
 

---

Problem Cause

The VLAN Misconfiguration is the cause of MAC Moves.
MAC Moves: (counter nic_tot_bdg_mac_moved) This indicates that the NetScaler is using more than one interface to communicate with the same device (MAC address), because it could not properly determine which interface to use.

If you have few request are being dropped by the NetScaler and others are processed correctly and if in the traces you see that the interfaces where the data is being sent from NetScaler and received by NetScaler are not the same. It might be because of the MAC moves are happening on the NetScaler due to incorrect binding of the interfaces. For Example :there is a POST request for /abcd/api is being sent from client ip to VIP but there is no response, and eventually there is a FIN from the VIP. You have to check by capturing a trace and analyzing the counters for Netscaler MAC moves.