NetScaler TCP Test

This test monitors the TCP connections to the NetScaler appliance and reports the count of connections that are in various states - i.e., open, closed, opening, closing, etc. In the process, the test holds a mirror to the TCP packet load on the appliance and helps administrators understand the nature of the TCP traffic (SYN, FIN, TIMED_WAIT). In addition, the test also periodically tracks the growth of the Surge Queue of the NetScaler device, and proactively alerts administrators to processing bottlenecks on servers managed by the device.

Target of the test : A NetScaler VPX/MPX

Agent deploying the test : A remote agent

Outputs of the test : One set of results for the NetScaler appliance being monitored.

Configurable parameters for the test
Parameter Description

Test Period

How often should the test be executed.

Host

The IP address of the host for which the test is being configured.

NetScaler Username and NetScaler Password

To monitor a NetScaler device, the eG agent should be configured with the credentials of a user with read-only privileges to the target NetScaler device. Specify the credentials of such a user in the NetScaler Username and NetScaler Password text boxes.

Confirm Password

Confirm the NetScaler Password by retyping it here.

SSL

The eG agent collects performance metrics by invoking NITRO (NetScaler Interface Through Restful interfaces and Objects) APIs on the target NetScaler device. Typically, the NITRO APIs can be invoked through the HTTP or the HTTPS mode. By default, the eG agent invokes the NITRO APIs using the HTTPS mode. This is why, the SSL flag is set to Yes by default. If the target NetScaler device is not SSL-enabled, then the NITRO APIs can be accessed through the HTTP mode only. In this case, set the SSL flag to No.

Measurements made by the test
Measurement Description Measurement Unit Interpretation

Total client connections

Indicates the number of client connections on this NetScaler device.

Number

These measures include connections in the Opening, Established, and Closing states.

Total server connections

Indicates the total number of server connections on this NetScaler device.

Number

 

Opening client connections

Indicates the number of client connections that are currently in the Opening state.

Number

A connection is said to be OPENING if the handshakes between the server and the client are not completed.

Opening server connections

Indicates the number of server connections that are currently in the Opening state.

Number

Established client connections:

Indicates the number of client connections that are currently in the ESTABLISHED state.

Number

An established connection indicates that the data transfer can occur between the NetScaler device and the client/server.

Established server connections

Indicates the number of server connections that are currently in the ESTABLISHED state.

Number

Closing client connections

Indicates the number of client connections that are currently in the CLOSING state.

Number

A connection is said to be in the CLOSING state when the connection termination process has been initiated but not completed.

Closing server connections

Indicates the number of server connections that are currently in the CLOSING state.

Number

Opened client connections

Indicates the number of client connections that were initiated on this NetScaler device since startup.

Number

 

Opened server connections

Indicates the number of server connections that were initiated on this NetScaler device since startup.

Number

 

Percent of established client connections

Indicates the percentage of client connections in ESTABLISHED state.

Percent

 

Percent of established server connections

Indicates the percentage of server connections in ESTABLISHED state.

Percent

 

Percent of closing client connections

Indicates the percentage of client connections in CLOSING state.

Percent

 

Percent of closing server connections

Indicates the percentage of server connections in CLOSING state.

Percent

 

Surge queue connections

Indicates the number of connections in the surge queue of this NetScaler device.

Number

The NetScaler device can be used to limit the number of simultaneous requests that are passed on to a server. When a request is completed, additional requests are forwarded to the server. If a request arrives and the server is handling the maximum configured number of requests, the NetScaler device places the new request in a surge queue, where the request waits for its turn to be sent to the server for processing. The surge queue allows a server to run at peak capacity without the risk of having it spiral out of control because of a surge of incoming requests. The surge queue length indicates whether a server is able to keep up with its incoming workload or not. If the surge queue is consistently greater than 0, this indicates that the server is not able to keep up with the workload and additional server capacity is required. On the other hand, a periodic surge is not a cause for concern.

When a surge in client requests overloads a server, server response becomes slow, and the server is unable to respond to new requests. The Surge Protection feature ensures that connections to the server occur at a rate that the server can handle. The response rate depends on how surge protection is configured. The NetScaler appliance also tracks the number of connections to the server, and uses that information to adjust the rate at which it opens new server connections.

Spare connections:

Indicates the number of spare connections ready to be used in this NetScaler device.

Number

The NetScaler does connection multiplexing between clients and physical servers. When it receives a client request to access a service on a server, the NetScaler looks for an already established connection to the server that is free. If it finds a free/spare connection, it uses that connection to establish a virtual link between the client and the server.

To save time and resources in establishing another connection for a new client, the connection on the server is not closed after completing the request from the first client and is available for serving future requests.

Server active connections

Indicates the number of TCP connections to the server that are currently serving requests.

Number

 

Client idle flushed

Indicates the number of client connections that were flushed during the last measurement period.

Number

The client connection would be flushed when the client has remained idle for a specified time.

Server idle flushed:

Indicates the number of server connections that were flushed during the last measurement period.

Number

The server connections would be flushed when there are no client requests in the queue for a specified time.

Client half opened flushed

Indicates the number of half-open client connections that were flushed during the last measurement period.

Number

A half-opened connection often refers to the TCP connection that is in the process of being established. These connections are flushed when the three-way handshake (SYN, SYN/ACK and ACK) process is not completed.

The TCP protocol has a three-way handshake process for opening a connection. First, the originating endpoint (A) sends a SYN packet to the destination (B). A is now in an embryonic state (specifically, SYN_SENT), and awaiting a response. B now updates its kernel information to indicate the incoming connection from A, and sends out a request to open a channel back (the SYN/ACK packet).

At this point, B is also in an embryonic state (specifically, SYN_RCVD). Note that B was put into this state by another machine, outside of B's control.

Under normal circumstances (see denial-of-service attack for deliberate failure cases), A will receive the SYN/ACK from B, update its tables (which now have enough information for A to both send and receive), and send a final ACK back to B.

Once B receives this final ACK, it also has sufficient information for two-way communication, and the connection is fully open. Both endpoints are now in an established state.

Server half opened flushed

Indicates the number of half-open server connections that were flushed during the last measurement period.

Number

Client active half closed flushed

Indicates the number of half-closed client connections that were flushed during the last measurement period.

Number

A half-closed connection refers to the connections closed by the client/server and there is no activity taking place on the connection. A half-closed connection may also be referred to as the connection through which the client/server would have stopped sending data but still data is received through the same.

Server active half closed flushed

Indicates the number of half-closed server connections that were flushed during the last measurement period.

Number

Client passive half closed flushed

Indicates the number of passive half-closed client connections that were flushed during the last measurement period.

Number

A passive half-closed connection refers to the connections closed by the NetScaler and there is no activity taking place on the connection.

Server passive half closed flushed

Indicates the number of passive half-closed server connections that were flushed during the last measurement period.

Number

Zombie cleanup calls

Indicates the number of times the zombie cleanup function was called during the last measurement period.

Number

Every time a connection is flushed, it is marked for cleanup. The zombie cleanup function clears all these connections at predefined intervals.

Data received

Indicates the amount of TCP data received during the last measurement period.

MB

These are good indicators of the load on the NetScaler appliance.

Data transmitted

Indicates the amount of TCP data transmitted during the last measurement period.

MB

Packets received:

Indicates the number of TCP packets received during the last measurement period.

Number

Packets transmitted

Indicates the number of TCP packets transmitted during the last measurement period.

Number

SYN packets received

Indicates the number of SYN packets received during the last measurement period.

Number

 

Server probes

Indicates the number of probes from this NetScaler device to the server during the last measurement period.

Number

The NetScaler sends a SYN packet to the server to check its availability and expects a SYN_ACK packet from the server before a specified response timeout.

FIN packets from client

Indicates the number of FIN packets received from the clients during the last measurement period.

Number

 

FIN packets from server

Indicates the number of FIN packets received from the server during the last measurement period.

Number

 

SYN packets received in time wait state

Indicates the number of SYN packets received on connections that are in the TIME_WAIT state during the last measurement period.

Number

Packets cannot be transferred on a connection in this state.

Data received in time wait state

Indicates the amount of data received on connections that are in the TIME_WAIT state during the last measurement period.

MB

 

SYN packets held

Indicates the number of SYN packets held on this NetScaler device during the last measurement period.

Number

The SYN packets would be held when the NetScaler device is waiting for the server connection.

SYN packets flushed

Indicates the number of SYN packets flushed on this NetScaler device during the last measurement period.

Number

The SYN packets would be flushed when there is no response from the server for 3 or more seconds.

Time wait connections closed

Indicates the number of connections that were closed on this NetScaler device because the number of connections in the TIME_WAIT state exceeded the default value of 7000 during the last measurement period.

Number