Vinay Menon1709155290 Posted September 21, 2015 Share Posted September 21, 2015 Not sure if anyone else is seen this before on NetScaler Firmware build 11.0 62_10 Issue: NetScaler Gateway STA appears to be DOWN when a FQDN is being supplied and it only works if we supply an IP address. Note: The diagnostics have been run (nstcpdump and dns looks (host, ping)) and it seems successful. i.e. NetScaler can actually resolve the FQDN and ports are reachable as well but from the "add STA Wizard" it simply doesn't work!! Bug maybe? has anyone encountered this before? cheers Vinay Link to comment Share on other sites More sharing options...
CarlStalhood Posted September 21, 2015 Share Posted September 21, 2015 If you run "show vpn vserver MyGatewayvServerName" does it show them as down? Link to comment Share on other sites More sharing options...
Vinay Menon1709155290 Posted September 21, 2015 Author Share Posted September 21, 2015 Yes, it does still show as DOWN from the command line. I did even try adding the STAServer FQDN via the command line and no joys either. cheers Vinay Link to comment Share on other sites More sharing options...
Paul Cross Posted September 21, 2015 Share Posted September 21, 2015 Just tried this on one of my gateways and it works fine, see attached. NS Version 11.0 62.10 Link to comment Share on other sites More sharing options...
Andrzej Starmach1709152599 Posted September 21, 2015 Share Posted September 21, 2015 Vinay-can you share more info about your setup? single / dual hop ? STA port, how many STAs configured . If you dont use "STA wizard" ..is it same? What was last working firmware and build Link to comment Share on other sites More sharing options...
Vinay Menon1709155290 Posted September 22, 2015 Author Share Posted September 22, 2015 Odd one this... I've got a single hop implementation and STA's run on standard port (80). Update Added the second STA server with FQDN and works absolutely fine! I've ruled out DNS issues and Network connectivity (TCPDUMPs successful syn-acks). On a development build of NetScaler running the latest firmware and identical setup - I'm able to add the first STA server with FQDN and status is absolutely fine!!? Not sure why i'm only experiencing this with the production pair. I've scheduled a reboot - will let you know how it goes. On a side note, we do use GSLB with split-brain and quirky DNS Views that works a treat. But not sure if these affect the standard DNS resolution of non-GSLB services. Diagnostics below (from Production NetScaler to STA in question) root@MPL-NS01# nstcpdump.sh -c 10 -nn host 172.XX.XX.4 reading from file -, link-type EN10MB (Ethernet) 09:56:54.192616 IP 172.XX.XX.100.35995 > 172.XX.XX.4.80: Flags , seq 1530131242, win 8188, options [mss 1460], length 0 09:56:54.193017 IP 172.XX.XX.4.80 > 172.XX.XX.100.35995: Flags [s.], seq 3726813426, ack 1530131243, win 8192, options [mss 1460], length 0 09:56:54.193019 IP 172.XX.XX.100.35995 > 172.XX.XX.4.80: Flags [F.], seq 1, ack 1, win 8188, length 0 09:56:54.193203 IP 172.XX.XX.4.80 > 172.XX.XX.100.35995: Flags [.], ack 2, win 64240, length 0 09:56:54.193732 IP 172.XX.XX.4.80 > 172.XX.XX.100.35995: Flags [F.], seq 1, ack 2, win 64240, length 0 09:56:54.193733 IP 172.XX.XX.100.35995 > 172.XX.XX.4.80: Flags [.], ack 2, win 8188, length 0 root@MPL-NS01# host sta01.example.org.uk sta01.example.org.uk has address 172.XX.XX.4 cheers Vinay Link to comment Share on other sites More sharing options...
Hussain Saifee Posted February 19, 2016 Share Posted February 19, 2016 Hi Vinay, I am seeing similar issue in production. NS version: NS 11, 62.10nc I have 2 STA, both has been configured with FQDN. One shows UP another shows DOWN Both are in same subnet x.x.x.15/x.x.x.16 If I configure STA with IP address, it shows UP I have verified DNS and Reachability from NS to STA all seems to be fine. DNS Name Server is UP in NS Question: What is the status of your problem ? Is this a bug ? Thanks, Saifee Hussain Link to comment Share on other sites More sharing options...
Vinay Menon1709155290 Posted February 19, 2016 Author Share Posted February 19, 2016 Hi Saifee, I'd to upgrade to NS 11.0 64.34 to get rid of this problem. What platform are your experiencing this on btw? i.e. MPX, VPX cheers Vinay Link to comment Share on other sites More sharing options...
Michael Szabo Posted February 28, 2016 Share Posted February 28, 2016 Hi guys, We've seen this issue too running 11.0 64.34.nc. STAs are fine but showing as down. Adding them in via IP address resolves the issue. Seems like a bug to me. Link to comment Share on other sites More sharing options...
Richard Conway1709156110 Posted March 14, 2016 Share Posted March 14, 2016 Same issue here, running Netscaler 11.0 build 63.16. STAs show down when entered with FQDN, but are up when entered via IP. DNS resolution to same servers works fine everywhere else except for STA. Adding static DNS records on the Netscaler does not resolve the issue. Worth noting, issue started immediately after upgrading delivery controllers from 7.5 to 7.6 FP3. Prior to upgrade, STA worked fine via FQDN. Link to comment Share on other sites More sharing options...
Hussain Saifee Posted March 15, 2016 Share Posted March 15, 2016 Hi Saifee, I'd to upgrade to NS 11.0 64.34 to get rid of this problem. What platform are your experiencing this on btw? i.e. MPX, VPX cheers Vinay Its VPX and it was working fine with FQDN before but as Richard said, there was a upgrade of XD as well in my environment. Yups agree could be a bug. Link to comment Share on other sites More sharing options...
Christopher Baertsch Posted August 22, 2016 Share Posted August 22, 2016 I'm having the same issue with NS VPX 11.0 66.11. 1 Link to comment Share on other sites More sharing options...
FRASER ROBERTSON Posted December 14, 2016 Share Posted December 14, 2016 I'm also having the same issue with NS 11.0.66.11nc 1 Link to comment Share on other sites More sharing options...
William Fulmer Posted December 15, 2016 Share Posted December 15, 2016 Seeing issues here with multiple clients, on different versions of 11.x Specifically 11.0 Build 62.10 11.0 Build 63.16 11.0 Build 64.34 After an HA failover, or restart of a device, all FQDN STAs will show down. The NetScaler is able to resolve the FQDN and can ping and telnet to it successfully. After swapping the STAs from FQDN to IP Addresses, they will show up immediately (same STA #) 1 Link to comment Share on other sites More sharing options...
Steve Elgan1709153303 Posted March 7, 2017 Share Posted March 7, 2017 Same issue here, running Netscaler 11.0 build 63.16. STAs show down when entered with FQDN, but are up when entered via IP. DNS resolution to same servers works fine everywhere else except for STA. Adding static DNS records on the Netscaler does not resolve the issue. Worth noting, issue started immediately after upgrading delivery controllers from 7.5 to 7.6 FP3. Prior to upgrade, STA worked fine via FQDN. Same issue here. Same NS build. We were already on 7.6 FP3. All we did was an HA fail over and the problem presented itself. Link to comment Share on other sites More sharing options...
Salil Dogra Posted March 8, 2017 Share Posted March 8, 2017 The STA with FQDN down is present in the NS 11 build 64.34. It has been fixed in later build - 11.0 Build 67.12 about 2 months ago. You can upgrade to 11.0 Build 67.12 to overcome this issue. Link to comment Share on other sites More sharing options...
infra producao Posted March 8, 2017 Share Posted March 8, 2017 Work's fine for me. Build 11.0 69.123 Link to comment Share on other sites More sharing options...
Roberto Lizano Posted April 3, 2019 Share Posted April 3, 2019 In case anyone is still facing this issue you can refer to CTX235273 for more details. https://support.citrix.com/article/CTX235273 Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now