Citrix NetScaler Load Balancer ICMP Response

Citrix NetScaler Load Balancer ICMP Response

Citrix NetScaler Load Balancer ICMP Response

This post has already been read 15519 times!

A common practice when setting up Load Balancers and creating highly available services is the need to have a keep alive test to ensure the service is up and running well.  Normally we monitor servers and alert if they go down then get the relevant people in to fix the issue and restore service.  In the world of Citrix NetScalers and high availability this practice does not always suit.  More often than not a service will contain more than one back-end server, a single server going down does not always mean a service has failed.  However, if both servers in a HA pair go down then you want to know about it immediately right?  This is the issue with Citrix NetScaler and “some” 3rd party monitoring software.

There is a solution to monitoring this that Citrix provide for free called Citrix Command Center (a future post will describe the setup and configuration of this) however if you use a simple monitoring tool to send ICMP echo requests to the Virtual Server vIP then an out the box configuration on the NetScaler will leave you with failed alerting.

The reason behind this is that the NetScaler will respond to ICMP echo requests on behalf of the vIP in the event that all the back end services are down unless you specifically specify otherwise.

To resolve this follow these steps.

  • Log into your NetScaler and navigate to Traffic Management – Load Balancing – Virtual Servers
  • Double click the Virtual Server you want to edit
  • Under the heading “Traffic Settings” click the pencil icon to edit the settings

Traffic Settings

  • Ensure that the “ICMP Virtual Server Response” is set to ACTIVE (This will ensure that the NetScaler responds even if a single service within the Virtual Server is up.  If you leave it as PASSIVE the NetScaler will always repond to ICMP Requests)
  • Click “Done” to save the Virtual Server
  • Navigate to System – Network – IPs
  • Find the IP Address for the Virtual Server you edited in the previous step and double click it to open the properties
  • in the “ICMP Response” field ensure you have “VSVR_CNTRLD” selected
  • Click “Done” to save the IP Properties


Once you have done this your Virtual Server will STOP responding to ICMP echo requests when all of the back-end attached services are in a “down” or “out of service” state.

Please, as ever, share and comment.

7 thoughts on “Citrix NetScaler Load Balancer ICMP Response

    1. Dave Brett

      I Believe there is using:

      set lb vserver -icmpVsrResponse (PASSIVE | ACTIVE)


      PS: Apologies for the delayed response – was pretty manic at home yesterday !!

  1. Anon

    If the VIP is down (e.g. server:8080 because its backend servers server1:8080 and server2:8080 are down via a monitor) when I telnet to VIP’s address and port it waits maybe for a minute and I get a timeout (ETIMEDOUT) instead of getting instantly denied (ECONNREFUSED).

    When telnet-ing directly to server1:8080 and server2:8080 I immediately get denied.

    I looked at available parameters for a vserver in NetScaler NS10.5: Build but didn’t spot anything related to this how it should respond on a vserver down.

    1. Erik

      I just opened a case for the exact same issue and got the following solution that works for me:

      You can toggle this behavior by issuing the following command.

      set ns tcpparam -downStateRST ENABLED

      Alternatively you can check the box “Down service reset” in “System -> Settings -> Change TCP Parameters”.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.