0
Branch RepeaterHDX WAN Optimization
The release we’ve been waiting for…                        • Quality                        • Performance            v6.1 ...
List of key features in Delos releaseSigned SMB (with multi domain support)Encrypted MAPI (with multi domain support)BR-VP...
Citrix ICA is highly optimized for a WAN……but there are optimizations that cannot occur at theserver farm Remote          ...
Rome                                Boston               San Francisco                                                    ...
Key Data Points Repeater Sizing• Bandwidth ○   Consider the sites that do not have Repeater ○   Make the customer aware of...
WAN Optimization                                      AdaptiveAdaptive TCP           Adaptive                          Sma...
Initial Configuration
Branch Repeater Licensing• Click the Licensing node in the Configuration menu.• Chose the License Server tab if your licen...
Policy Based Routing      • Reconfigure the router to forward inbound and outbound WAN traffic to       the WANScaler.    ...
WCCP To LAN                                 To WAN            Switch             Router                      GRE Tunnel   ...
WCCP       Citrix Confidential - Do Not Distribute
WCCP       Citrix Confidential - Do Not Distribute
Inline Mode• All link traffic passes through the WANScaler appliance.• Traffic cannot bypass the appliance.• Deployed at t...
First things first…                                                             apA2                                      ...
Quality of ServiceLink Definition• Define Links   •   By Accelerated Port   •   By Source or Destination Network   •   By ...
Must configure the default apA links• Click on the Links node in the  Configuration menu.• Click the Edit button for the f...
Signed SMB / Secure Partnerconfiguration
SMB Support in v5.7• Branch Repeater 5.7 and earlier  supported compression and  acceleration of unsigned SMB1  traffic on...
SMB Acceleration in v6.0• There are three SMB acceleration  scenarios you may observe when  monitoring SMB CIFS connection...
SMB Acceleration Requirements• There are three SMB acceleration  scenarios you may observe when                           ...
SMB Acceleration Requirements• Domain membership is only required on  the server-side Branch Repeater.• Once joined, the a...
SMB Acceleration Requirements• A secure connection must be  established between Branch  Repeaters (secure partners).• SSL ...
SMB Acceleration Requirements• SSL Support must be enabled by  clicking the SSL Encryption node  under Configuration.• Tru...
SMB Acceleration Requirements• The Secure Partner connection is  configured on a per appliance basis.• A signaling mechani...
MultiStream ICA (MSI)
The Single Stream ICA Problem                             compressed and encrypted ICA data                    •The user c...
The Single Stream ICA Problem                             compressed and encrypted ICA data                    •The user t...
The Single Stream ICA Problem                             compressed and encrypted ICA data                    •The user t...
Multistream ICA in Action                                compressed and encrypted ICA data                       •Applicat...
Repeater Product Overview
Integrated Windows                       Services                  Branch Repeater with          Repeater 8520           R...
Branch Repeater Capacity: Industry Leading                       Feature           Repeater 500 on              Repeater 1...
New Hardware OverviewRepeater 310 on NetScaler SDX                   Feature         Repeater 310Total Throughput         ...
Daniel künzli branch repeater
Upcoming SlideShare
Loading in...5
×

Daniel künzli branch repeater

497

Published on

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
497
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
18
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Transcript of "Daniel künzli branch repeater"

  1. 1. Branch RepeaterHDX WAN Optimization
  2. 2. The release we’ve been waiting for… • Quality • Performance v6.1 • QoS
  3. 3. List of key features in Delos releaseSigned SMB (with multi domain support)Encrypted MAPI (with multi domain support)BR-VPX on Hyper-VWCCP Mask enhancements to support low end routersShowTechSupport - Diagnostic Data Collections - UI enhancementsSupport for WCCP -L2 with NSLB on all platforms (SDX and general BR appliances)
  4. 4. Citrix ICA is highly optimized for a WAN……but there are optimizations that cannot occur at theserver farm Remote Optimized WAN Datacenter Repeater Repeater 1011011010 SSL 1011011010 SSL 1011011010 SSL 1011011010 SSL 1011011010 SSL 101101110 SSL 1011 101101110 SSL 1011 Acceleration TCP Flow Control Data Compression Plug-in Data De-duplication Speed Screen QoS / Traffic Shaping Video Transcoding
  5. 5. Rome Boston San Francisco London Sydney Frankfurt Datacenter BrusselsHong Kong Madrid Hyderabad New York250 ms 200 ms 150 ms 30 ms 20 ms RTT Latency
  6. 6. Key Data Points Repeater Sizing• Bandwidth ○ Consider the sites that do not have Repeater ○ Make the customer aware of the BW requirements of XD and XA ○ Network conditions• TCP Connections ○ Get the concurrent ICA connection count• Network Diagram ○ Stop installation issues before they happen• Application List ○ Find out what the business critical applications are
  7. 7. WAN Optimization AdaptiveAdaptive TCP Adaptive Smart ProtocolFlow Control Compression Acceleration Acceleration WAN Branch Repeater Repeater
  8. 8. Initial Configuration
  9. 9. Branch Repeater Licensing• Click the Licensing node in the Configuration menu.• Chose the License Server tab if your license requires using a stand alone Citrix License server. • Retail (Appliance, Plug-in, Crypto) • XenDesktop Platinum Entitlement• Chose the Local Licenses tab if your license type required local
  10. 10. Policy Based Routing • Reconfigure the router to forward inbound and outbound WAN traffic to the WANScaler. • Route inbound traffic from the WAN interface to the WANScaler. LAN Traffic WAN Traffic Ingress Ingress Source IP: 10.200.1.203 Source IP: 172.16.5.23 Destination IP: 172.16.5.23 Destination IP: 10.200.1.203 ip next-hop <WANScaler IP> WANScaler
  11. 11. WCCP To LAN To WAN Switch Router GRE Tunnel WANScaler WCCP Mode
  12. 12. WCCP Citrix Confidential - Do Not Distribute
  13. 13. WCCP Citrix Confidential - Do Not Distribute
  14. 14. Inline Mode• All link traffic passes through the WANScaler appliance.• Traffic cannot bypass the appliance.• Deployed at the LAN/WAN boundary. WANScaler WANScaler WAN Router WAN Router WAN Server Client
  15. 15. First things first… apA2 apA1• Branch Repeater 6.x needs to know where the LAN and WAN are.• Determine and remember which accelerated pair port is connected to the WAN and which to the LAN. •Switch Straight Through Crossover •Router (inline mode) •DSL Modem Cable Cable •Direct to Server •Cable Modem •Direct to Client• Either port can be connected to either side using the proper cables. apA1 apA2 apA1 apA2
  16. 16. Quality of ServiceLink Definition• Define Links • By Accelerated Port • By Source or Destination Network • By WCCP Service Group • By Source or Destination MAC Address • By VLAN Tag• By default link definitions are automatically created for each adapter port.• The number of supported links are limited by Branch Repeater model: • 83xx, 85xx = 5 links • 88xx = 10 links • VPX = up to 5 links• If Links are misconfigured there will be compression values less than 1:1.
  17. 17. Must configure the default apA links• Click on the Links node in the Configuration menu.• Click the Edit button for the first pre- defined apA link.• Configure the link according to network it is connected to; • Link Type (LAN of WAN side) • Bandwidth In • Bandwidth Out • Descriptive Link Name (optional)• Click Save.• Repeat this configuration on both the apA1 and apA2 links.
  18. 18. Signed SMB / Secure Partnerconfiguration
  19. 19. SMB Support in v5.7• Branch Repeater 5.7 and earlier supported compression and acceleration of unsigned SMB1 traffic only.• If enabled, Signed SMB had to be turned off on servers and clients via group policy to enable acceleration.• Connections from Vista and Win7 clients had SMB2 connections rolled back to SMB1. Citrix Confidential - Do Not Distribute
  20. 20. SMB Acceleration in v6.0• There are three SMB acceleration scenarios you may observe when monitoring SMB CIFS connections. • Unaccelerated SMB 1 or 2 Connections • Accelerated SMB 1 or 2 Connections • Accelerated Signed SMB 1 or 2 Connections Citrix Confidential - Do Not Distribute
  21. 21. SMB Acceleration Requirements• There are three SMB acceleration scenarios you may observe when Connection Type Secure Windows NTLMv1 Partner Domain Required monitoring SMB CIFS connections. Member • Unaccelerated SMB 1 or 2 Connections SMB 1 No No No • Accelerated SMB 1 or 2 Connections • Accelerated Signed SMB 1 or 2 Connections SMB 2 No No No Signed SMB 1 Yes Yes Yes Signed SMB 2 Yes Yes Yes Citrix Confidential - Do Not Distribute
  22. 22. SMB Acceleration Requirements• Domain membership is only required on the server-side Branch Repeater.• Once joined, the appliance or VPX should now have a machine account in the specified domain.• NOTE: Signed SMB is not enabled yet!
  23. 23. SMB Acceleration Requirements• A secure connection must be established between Branch Repeaters (secure partners).• SSL credentials (cert and key) are used for authentication and trust between Branch Repeaters.• The SSL Key Store must be enabled to hold the SSL credentials used by the Branch Repeaters.• A Crypto license is required to enable the SSL feature set. Citrix Confidential - Do Not Distribute
  24. 24. SMB Acceleration Requirements• SSL Support must be enabled by clicking the SSL Encryption node under Configuration.• Trusted SSL credentials must be installed and used to authenticate all Branch Repeaters and create a secure data channel between them. Citrix Confidential - Do Not Distribute
  25. 25. SMB Acceleration Requirements• The Secure Partner connection is configured on a per appliance basis.• A signaling mechanism is used to provide discovery and communication between trusted appliances. Citrix Confidential - Do Not Distribute
  26. 26. MultiStream ICA (MSI)
  27. 27. The Single Stream ICA Problem compressed and encrypted ICA data •The user creates an ICA session. •User interface traffic is tagged with a priority bit of zero (thin wire). •Branch Repeater identifies the priority tags in real time and applies QoS appropriately.Session Bandwidth
  28. 28. The Single Stream ICA Problem compressed and encrypted ICA data •The user then starts a print job within the ICA session. •Print traffic is tagged with a priority bit of three (real time). •Branch Repeater identifies the new priority tags in real time and applies QoS appropriately.Session Bandwidth
  29. 29. The Single Stream ICA Problem compressed and encrypted ICA data •The user then either returns to the app’s user interface or starts a second application. (thin wire) •The new observed priority bits of the session cause the session to be QoS’ed as a priority zero. •Prioritization of printing traffic is now lost.Session Bandwidth
  30. 30. Multistream ICA in Action compressed and encrypted ICA data •Application UI performance level is maintained. •Printing traffic does not adversely affect this or any other WAN users. Maintain the user experience Session 1 GUI Session 1 Printing Session 2 GUI
  31. 31. Repeater Product Overview
  32. 32. Integrated Windows Services Branch Repeater with Repeater 8520 Repeater310 on Repeater 1000 on Repeater 2000 on Windows Server Repeater 8540 NetScaler SDX 10505 NetScaler SDX 13505 NetScaler SDX 19555 100 / 200 / 300 Branch Repeater 100 / 200 / 300 Repeater Branch Repeater 500 on Repeater 1500 on Plug-in Branch Repeater NetScaler SDX 11505 NetScaler SDX 17555 Repeater Repeater 8810 VPX-20 / 45 Repeater 8820 VPX-2 / 10Mobile User Branch Office Regional HQ Med. Data Center Large Data Center XL Data Center (1-10 Mbps) (10-45 Mbps) (45-155 Mbps) (500Mbps-1.5Gbps) <2 Gbps)
  33. 33. Branch Repeater Capacity: Industry Leading Feature Repeater 500 on Repeater 1000 Repeater 1500 Repeater 2000 on NetScaler 11505 on NetScaler on NetScaler SDX NetScaler SDX 13505 17555 19555 Total accelerated WAN throughput 500 Mbps 1.0 Gbps 1.5 Gbps 2.0 Gbps (mixed traffic, 3.5:1 compression) Estimated total QoS and TBD TBD 2.0 Gbps* 3.0 Gbps* compression throughput Simultaneous HDX Sessions 1,200 2,500 3,500 5,000 Total active sessions 60,000 120,000 120,000 160,000 Citrix Confidential - Do Not Distribute
  34. 34. New Hardware OverviewRepeater 310 on NetScaler SDX Feature Repeater 310Total Throughput 310 MbpsICA Sessions 750CPU 2 X Intel 6 core 2.4 GHzRAM 48 GBSSD 4 x 600 GB, 1x 256 GBHDD 1 x 1 TB HDDInterfaces 4 x 10 GigE, 8 x 1 GigEHot swappable power supplies 2Rack unit height 2
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×