ICMPv6 Test

Internet Control Message Protocol version 6 (ICMPv6) is the implementation of the Internet Control Message Protocol (ICMP) for Internet Protocol version 6 (IPv6).

ICMPv6 has a framework for extensions to implement future changes. Several extensions have been published, defining new ICMPv6 message types as well as new options for existing ICMPv6 message types. For example, Neighbor Discovery Protocol (NDP) is a node discovery protocol based on ICMPv6 which replaces and enhances functions of ARP.[2] Secure Neighbor Discovery (SEND) is an extension of NDP with extra security. Multicast Listener Discovery (MLD) is used by IPv6 routers for discovering multicast listeners on a directly attached link, much like Internet Group Management Protocol (IGMP) is used in IPv4. Multicast Router Discovery (MRD) allows the discovery of multicast routers. ICMP also generates error messages, such as ICMP destination unreachable messages, and informational messages, such as ICMP echo request and reply messages.

Using the ICMPv6 test, you can monitor the ICMv6 framework and its extensions for anomalies and errors on the Citrix ADC appliance. You can also track the ICMP data and packet traffic to and from the Citrix ADC appliance to understand if the traffic is within / has violated the configured limits. This way, you can quickly detect and avert ICMP overload conditions, rapidly detect errors in ICMP implementation, and initiate appropriate measures to resolve the errors.

Target of the test : A Citrix ADC VPX/MPX

Agent deploying the test : A remote agent

Outputs of the test : One set of results for each policy configured on the Citrix ADC VPX/MPX appliance being monitored.

Configurable parameters for the test
Parameter Description

Test Period

How often should the test be executed.

Host

The IP address of the host for which the test is being configured.

NetScaler Username, NetScaler Password, and Confirm Password

To monitor a NetScaler device, the eG agent should be configured with the credentials of a user with read-only privileges to the target NetScaler device. Specify the credentials of such a user in the NetScaler Username and NetScaler Password text boxes. Then, confirm the password by retyping it in the Confirm Password text box.

SSL

The eG agent collects performance metrics by invoking NITRO (NetScaler Interface Through Restful interfaces and Objects) APIs on the target NetScaler device. Typically, the NITRO APIs can be invoked through the HTTP or the HTTPS mode. By default, the eG agent invokes the NITRO APIs using the HTTPS mode. This is why, the SSL flag is set to Yes by default. If the target NetScaler device is not SSL-enabled, then the NITRO APIs can be accessed through the HTTP mode only. In this case, set the SSL flag to No.

Measurements made by the test
Measurement Description Measurement Unit Interpretation

ICMP rate threshold

Indicates the limit of ICMP packets handled every 10 milliseconds.

Pkts/Sec

This threshold is configurable. Once this threshold is violated, subsequent ICMP packets will be dropped by the appliance. You are hence advised to configure this limit based on the current and anticipated ICMP traffic to the NetScaler appliance. To view the configured threshold, use the show ns rateControl command. To set/alter this limit, use the set rateControl command.

Data received

Indicates the amount of ICMPv6 data received during the last measurement period.

MB

These measures are good indicators of the ICMPv6 load on the NetScaler appliance.

Data transmitted

Indicates the amount of ICMPv6 data transmitted during the last measurement period.

MB

Packets received

Indicates the number of ICMPv6 packets received during the last measurement period.

Number

Packets transmitted

Indicates the number of ICMPv6 packets transmitted during the last measurement period.

Number

ICMPv6-Neighbor advertisement packets received

Indicates the number of ICMPv6-Neighbor advertisement packets received during the last measurement period.

Number

These packets are received in response to a neighbor solicitation message sent out by this node, or if the link layer address of a neighbor has changed.

ICMPv6-Neighbor solicitation packets received

Indicates the number of ICMPv6-Neighbor solicitation packets received during the last measurement period.

Number

These packets are received if the link layer address of a neighbor has changed, or in response to a neighbor solicitation message sent out by this node.

ICMPv6-Router advertisement packets received

Indicates the number ICMPv6-Router advertisement packets received during the last measurement period.

Number

These are received at defined intervals or in response to a router solicitation message.

ICMPv6-Router solicitation packets received

Indicates the number of ICMPv6-Router solicitation packets received during the last measurement period.

Number

These could be sent by a neighboring router to initiate address resolution.

ICMPv6-Echo request packets received

Indicates the number of ICMPv6-Echo request packets received during the last measurement period.

Number

The echo request is an ICMP message whose data is expected to be received back in an echo reply ("ping"). The host must respond to all echo requests with an echo reply containing the exact data received in the request message.

 

ICMPv6-Echo reply packets received

Indicates the number of ICMPv6-Echo reply packets received during the last measurement period.

Number

ICMPv6-Neighbor advertisement packets transmitted

Indicates the number of ICMPv6-Neighbor advertisement packets transmitted during the last measurement period.

Number

These packets are sent in response to a neighbor solicitation packet, or if the link layer address of this node has changed.

ICMPv6-Neighbor solicitation packets transmitted

Indicates the number of ICMPv6-Neighbor solicitation packets transmitted during the last measurement period.

Number

These packets are sent to get the link layer addresses of neighboring nodes or to confirm that they are reachable.

ICMPv6-Router advertisement packets transmitted

Indicates the number of ICMPv6-Router advertisement packets transmitted during the last measurement period.

Number

These packets are sent at regular intervals or in response to a router solicitation packet from a neighbor.

ICMPv6-Router solicitation packets transmitted

Indicates the number of ICMPv6-Router solicitation packets transmitted during the last measurement period.

Number

These packets are sent to request neighboring routers to generate router advertisements immediately rather than wait for the next defined time.

ICMPv6-Echo request packets transmitted

Indicates the number of ICMPv6-Echo request packets transmitted during the last measurement period.

Number

 

ICMPv6-Echo reply packets transmitted

Indicates the number of ICMPv6-Echo reply packets transmitted during the last measurement period.

Number

 

ICMPv6-Router advertisement error packets received

Indicates the number of ICMPv6-Router advertisement error packets received during the last measurement period.

Number

These refer to ICMPv6 router advertisement error packets received that contain an error in the header, such as an incorrect source IP address, destination IP address, or packet length.

Ideally, the value of this measure should be 0.

ICMPv6-Neighbor advertisement error packets received

Indicates the number of ICMPv6-Neighbor advertisement error packets received during the last measurement period.

Number

These refer to ICMPv6 neighbor advertisement error packets received that contain an error in the header, such as an incorrect source IP address, destination IP address, or packet length.

Ideally, the value of this measure should be 0.

ICMPv6-Neighbor solicitation error packets received

Indicates the number of ICMPv6-Neighbor solicitation error packets received during the last measurement period.

Number

These refer to ICMPv6 neighbor solicitation error packets received that contain an error in the header, such as an incorrect source IP address, destination IP address, or packet length.

Ideally, the value of this measure should be 0.

Bad checksum error packets

Indicates the number of bad checksum error packets during the last measurement period.

Number

A checksum is a small-sized block of data derived from another block of digital data for the purpose of detecting errors that may have been introduced during its transmission or storage.

The Internet Protocol (IP) and most higher-layer protocols of the Internet Protocol Suite (ICMP, IGMP, UDP, UDP-Lite, TCP) use a common checksum algorithm to validate the integrity of the packets that they exchange.

If the checksum is incorrectly computed, a checksum error occurs. Packets with incorrect checksums aren’t processed by the receiving host.

Ideally therefore, the value of this measure should be 0.

 

Unsupported packets

Indicates the number of unsupported packets during the last measurement period.

Number

These are ICMPv6 packets received that are not supported by the Citrix ADC.

Ideally, the value of this measure should be 0.

Rate threshold exceeded packets

Indicates the number of packets that were dropped because they exceeded the ICMP rate threshold.

Number

The default rate threshold is 100 requests per 10 milliseconds.

An abnormally high value is a cause for concern, and presents a strong case for changing the rate threshold.

You can change the threshold using the set rateControl command.