Oded nahum branch repeater 6 technical introduction
 

Oded nahum branch repeater 6 technical introduction

on

  • 628 views

 

Statistics

Views

Total Views
628
Views on SlideShare
620
Embed Views
8

Actions

Likes
0
Downloads
11
Comments
0

1 Embed 8

http://www.digicomp.ch 8

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Oded nahum branch repeater 6 technical introduction Oded nahum branch repeater 6 technical introduction Presentation Transcript

    • Branch Repeater 6.0A Technical IntroductionOded Nahum – Branch Repeater Product SpecialistSeptember 2011
    • Agenda• Introducing Branch Repeater 6.0• Initial Configuration – Exercise 1 • Licensing • Configuring Links • Management Access • Monitoring Mode• Quality of Service – Exercise 2 • Links • Application Classifiers • Traffic Shaping Policies • Service Classes• CIFS Acceleration – Exercise 3 • CIFS (SMB and Signed SMB) Traffic• MultiStream ICA – Exercise 4 • Enabling and testing• Reporting and Monitoring – Exercise 5 • Monitoring Links, Applications and Service Classes Citrix Confidential - Do Not Distribute • Customizing and Generating Reports
    • Introducing Branch Repeater 6.0
    • Branch Repeater 6.0General Availability: RTW June 27th The next generation of Branch Repeater Technology Advanced traffic classification, prioritization, shaping and reporting Improved XenDesktop and XenApp acceleration Clustering via NetScaler SMB 2, Encrypted MAPI and Outlook/Exchange 2010 Acceleration Centralized licensing – Citrix License Server
    • WAN Optimization Adaptive Adaptive Adaptive Smart TCP Protocol Compression AccelerationFlow Control Acceleration WAN Branch Repeater Repeater
    • SmartService-centric WAN Optimization Acceleration… Not just network-centric WAN optimization Assess • Assess and identify all services • Classify 500+ services out-of-the-box • Control bandwidth allocation, compression, shaping and enforcement Remediate Classify • Monitor services delivery and report • Sense network conditions, remediate and respond; minimize help desk calls Monitor Control
    • SmartAcceleration for Deeper Visibility and Granular Control XenApp • Visibility for 500+ apps and protocols out-of- the-box, + more custom Voice, Video 100010100001110 000111000 • Prioritize XenDesktop, multimedia, web and 0011100011101001110111000 Windows apps, custom services XenDesktop 1001100110011101000011000 • Auto-detect and auto-configure XenDesktop; no changes to network or XenDesktop MicrosoftApps • Prioritize by app, branch or user location, File, Print app type, protocol, traffic direction, more
    • Smarter, Granular Prioritization Policies Global Datacenter SF NY London Beijing Partner Office Branch Lo pri Med pri Med pri Hi pri Med pri Service Class Video XenDesktop Med pri Hi pri Sub-class Citrix TV YouTube Exec XDs Employee XDs Hi pri Lo pri Hi pri Lo pri
    • User-centric XenDesktop Prioritization Branch Office XenApp Data Center Sales Product Voice, Video 100010100001110 000111000 0011100011101001110111000 XenDesktop 1001100110011101000011000 MicrosoftApps Executive File, Print Prioritize different types of Prioritize published apps and traffic (mouse, print, etc) desktops by user groups across user sessions
    • Faster Encrypted Email and File Transfers Branch Office Data Center 100010100001110 000111000 0011100011101001110111000 1001100110011101000011000 Microsoft email (Encrypted MAPI Microsoft file serversLayer 7 optimizations and Exchange 2010) (SMBv2, Signed SMB v1/v2)
    • Platform Support and Upgrades• Initial Branch Repeater 6.0 release is intended for Linux-based appliances and VPX appliances on XenServer and VMWare.• The same update file downloaded from MyCitrix will work for both platforms.• The Repeater Plug-In 6.0 release will follow soon after the Capri release.• The Branch Repeater with Windows Server will be updated with the BR 6.0 technology in a subsequent release.
    • Branch Repeater Product FamilyFlexibility to Meet All Your Needs Branch Repeater VPX Repeater Branch Repeater with – Virtual Appliance Repeater Plug-in – Appliances Windows Server Software Software Client BR 6.0 Coming Coming BR 6.0 Initial Later… Soon… Initial Release Release
    • Initial Configuration
    • First things first… apA1 apA2• Branch Repeater 6.0 needs to know where the LAN and WAN are.• Determine and remember which accelerated pair port is connected to the WAN and which to the LAN. •Switch •Router (inline mode) •DSL Modem Straight Through Cable Crossover Cable •Direct to Server •Cable Modem •Direct to Client• Either port can be connected to either side using the proper cables. apA1 apA2 apA1 apA2
    • New Quick Installation Page• Click the Quick Installation node in the Command menu.• This page is a collection of all the configuration steps condensed into one simple form.
    • New Quick Installation Page• The Quick Installation is intended for simple Branch Repeater deployments.• If any of the following are needed, a manual configuration is required; • Virtual Inline Mode • WCCP Deployment Mode • Group Mode • High Availability • SSL Acceleration • Repeater Plugin Support • Hardboost Bandwidth Mode • Encrypted SMB or MAPI Support
    • New Quick Installation Page• Enter all the required information and click the Install button.• Once completed, the appliance will reboot and then you should see successful traffic flow in the Dashboard.
    • Branch Repeater Licensing• Click the Licensing node in the Configuration menu.• Chose the License Server tab if your license requires using a stand alone Citrix License server. • Retail (Appliance, Plug-in, Crypto) • XenDesktop Platinum Entitlement• Chose the Local Licenses tab if your license type required local installation. • Evaluation License • Not for Re-sale • Express
    • Must configure the default apA links• Click on the Links node in the Configuration menu.• Click the Edit button for the first pre- defined apA link.• Configure the link according to network it is connected to; • Link Type (LAN of WAN side) • Bandwidth In • Bandwidth Out • Descriptive Link Name (optional)• Click Save.• Repeat this configuration on both the apA1 and apA2 links.
    • Branch Repeater Features page• Traffic Processing • Master enable/disable switch. When disabled, all features of the Appliance are disabled and all traffic passes through without modification or traffic shaping• Traffic Acceleration • enables and disables the acceleration engine• Traffic Shaping • enables and disables the traffic-shaping engine• Traffic Bridging (VPX Only) • Enable / Disable the software bridge, default for new installs is disabled Citrix Confidential - Do Not Distribute
    • Traffic Processing and Acceleration• Branch Repeater can ne installed in a “monitoring-only” mode• No compression, flow control or traffic shaping will be used, however full traffic visibility will be available.• Use the Features node in the Command Menu to disable; • Traffic Acceleration • Traffic Shaping.
    • Bandwidth Management• Link level In / Out - Regulates all traffic, accelerated as well as non- accelerated• Bandwidth Management – Regulate only accelerated traffic, effects inbound traffic only• Recommended configuration – Use local WAN link sizing Citrix Confidential - Do Not Distribute
    • Today’s Lab Environments Your student work environment (WinXP)
    • Complete Exercise 1
    • Quality of Service
    • Quality of Service in v5.7 and prior releases• Five queues (Named “A” though “E”. Names can be changed)• All traffic is assigned to Queue A by default Service Classes• Each Service Class can be assigned to a one traffic queue. ICA Packet Bandwidth• Each queue determines the minimum Priorities QoS Queues Allocations bandwidth allocation when bandwidth contention with a higher queue occurs.• ICA Packet priorities are mapped to Acceleration quality of service (QoS) queues. Engine
    • Quality of Service – The Basics of Traffic Shaping• All WAN traffic is subject to traffic shaping • Accelerated connections, non-accelerated connections, non-TCP traffic such as UDP flows, GRE streams, etc.• The algorithm used is weighted fair queuing • Every connection is assigned a weight based on the appliance’s policies between 1 and 256. • Traffic shaping is applied to the WAN in both inbound and outbound after the compression engine • Weighted priorities are applied during bandwidth contention to both ingress and egress traffic even when the other side of the link is not equipped with QoS.• DSCP Is fully supported both as a classifier and an enforcer• More information in Branch Repeater Traffic Shaping technology can be found here http://www.citrix.com/skb/articles/RDY4005
    • Quality of Service in v6.0 - Configuration• Quality of Service is applied using 4 mechanisms. • Links: Tells the traffic shaper which WAN link the packet is using. In a site with multiple link, each link has its own bandwidth limits and is managed independently. • Application Classifiers: Identify and determines which protocol or application class traffic belongs to. • Traffic Shaping Policies: Tell the traffic shaper weighted priority and bandwidth limits to assign to which traffic type (application classifier). • Service Classes: Map applications to acceleration decisions, traffic filters and traffic-shaping policies.
    • Quality of Service Data Center 1Link Definition• Links : Physical or Logical XenApp Traffic Link • WAN connections between remote sites. • WAN links between datacenters and branches. • WAN links between cities or countries. • WAN data paths between branches and specific servers or server farms. Data Center 2 Branch 1 Streaming Traffic Link DC1 Link DC2 Link
    • Quality of ServiceLink Definition• Define Links • By Accelerated Port • By Source or Destination Network • By WCCP Service Group • By Source or Destination MAC Address • By VLAN Tag• By default link definitions are automatically created for each adapter port.• The number of supported links are limited by Branch Repeater model: • 83xx, 85xx = 5 links • 88xx = 10 links • VPX = up to 5 links• If Links are misconfigured there will be compression values less than 1:1.
    • Quality of ServiceTraffic Shaping Policies• By default there are 10 pre-configured traffic shaping policies. (subject to change) • VOIP Traffic • High Priority Traffic • Medium Priority Traffic • Low Priority Traffic • Default QoS • ICA Priorities• Each traffic shaping policy has a weighted priority value associated with it.• The maximum number of traffic shaping policies supported is 50 per appliance.
    • Quality of ServiceTraffic Shaping Policies• Weighted Priority is used to determine traffic precedence when calculating send and receive rates.• And.. Or…Bandwidth limits can also now used to control allocation. • Percentage of Link Bandwidth • Absolute Fixed Date Rate.• Even within an SSL tunnel !!* *Citrix Patent Pending
    • Quality of ServiceApplication Classifiers• Application classifiers are used by service classes to distinguish between application traffic types.• Applications are classified by: • Ethertype  not all competitors can do this • IP Classification (TCP, GRE, L2TP, etc) • TCP Port • UDP Port • Web URL • ICA Published App  not all competitors can do this• Application classifiers are categorized into 1 of 25 Application Groups
    • Quality of ServiceApplication Classifiers• Custom application classifiers can be created.• The maximum number of classifiers supported is 600 per appliance.• The classification parameters entered cannot conflict with an existing classifier.
    • Quality of ServiceApplication Classifiers – XenApp and XenDesktop• ICA Published Applications or Desktops groups can be manually created or auto-discovered.• Once discovered, they will appear in the application classifier list as well as in all reports and monitoring pages.• Temporarily enabling and then disabling auto discovery can be used to prepopulate the online applications list for editing or exporting at a later time.
    • Quality of ServiceService Classes in v5.7 and prior• Service Classes in Branch Repeater 5.7 and prior releases identified traffic two possible ways: • IP address/range (client or server) • TCP port number• Service Classes were evaluated in order with mirrored policies required on all appliances.• If Service Classes did not match on both appliances with an acceleration pair, those connections would pass through un-accelerated (UR Code 6).
    • Quality of ServiceService Classes in v6.0• Service Classes are the main QoS mechanism, bringing together: • Traffic Shaping Policies • Application Classifiers • Link Configurations• Service Classes are evaluated in order with policies higher in the list having priority over ones lower.• Service classes need to exist but not be mirrored on all appliances; will result in lowest common setting being used.
    • Quality of ServiceService Classes• Service Classes are still used to enforce bandwidth priority among traffic types however now map to Traffic Shaping Policies instead of QoS Queues.• Traffic Shaping Policies within a Service Class can be applied by: • Single Traffic Shaping Policy per Single Service Class • Per-link Traffic Shaping Policies per Single Service Class• The maximum number of supported Service Classes is 64 per appliance.
    • Quality of ServiceService Classes• Service classes can use AND rules as well as OR rules.• Rules can include any and all of the following filters: • Application Name • Source IP • IP sync/direction AND • Destination IP • VLAN Tag • DiffServ bit OR • SSL Profile• The maximum number of Service Class Filter Rules supported is 10 per Service Class.
    • Complete Exercise 2
    • Signed SMB / Secure Partnerconfiguration
    • SMB Support in v5.7• Branch Repeater 5.7 and earlier supported compression and acceleration of unsigned SMB1 traffic only.• If enabled, Signed SMB had to be turned off on servers and clients via group policy to enable acceleration.• Connections from Vista and Win7 clients had SMB2 connections rolled back to SMB1. Citrix Confidential - Do Not Distribute
    • SMB Acceleration in v6.0• There are three SMB acceleration scenarios you may observe when monitoring SMB CIFS connections. • Unaccelerated SMB 1 or 2 Connections • Accelerated SMB 1 or 2 Connections • Accelerated Signed SMB 1 or 2 Connections Citrix Confidential - Do Not Distribute
    • SMB Acceleration Requirements• There are three SMB acceleration scenarios you may observe when Connection Secure Windows NTLMv1 monitoring SMB CIFS connections. Type Partner Domain Required Member • Unaccelerated SMB 1 or 2 Connections • Accelerated SMB 1 or 2 Connections SMB 1 No No No • Accelerated Signed SMB 1 or 2 Connections SMB 2 No No No Signed SMB 1 Yes Yes Yes Signed SMB 2 Yes Yes Yes Citrix Confidential - Do Not Distribute
    • SMB Acceleration Requirements• Domain membership is only required on the server-side Branch Repeater.• Once joined, the appliance or VPX should now have a machine account in the specified domain.• NOTE: Signed SMB is not enabled yet!
    • SMB Acceleration Requirements• A secure connection must be established between Branch Repeaters (secure partners).• SSL credentials (cert and key) are used for authentication and trust between Branch Repeaters.• The SSL Key Store must be enabled to hold the SSL credentials used by the Branch Repeaters.• A Crypto license is required to enable the SSL feature set. Citrix Confidential - Do Not Distribute
    • SMB Acceleration Requirements• SSL Support must be enabled by clicking the SSL Encryption node under Configuration.• Trusted SSL credentials must be installed and used to authenticate all Branch Repeaters and create a secure data channel between them. Citrix Confidential - Do Not Distribute
    • SMB Acceleration Requirements• The Secure Partner connection is configured on a per appliance basis.• A signaling mechanism is used to provide discovery and communication between trusted appliances. Citrix Confidential - Do Not Distribute
    • Complete Exercise 3
    • MultiStream ICA (MSI)
    • ICA Review – Virtual ChannelsWhat is an ICA Virtual Channel? A Citrix Independent Computing Architecture (ICA) virtual channel is a bidirectional connection for the exchange of generalized packet data between a Citrix XenApp Server and a ICA compliant client. Virtual channels correspond to virtual drivers; each providing a specific function. Some are required for normal operation, and others are optional. Virtual drivers operate at the presentation layer protocol level. There can be a number of these protocols active at any given time by multiplexing channels. There are a total of 32 virtual channels in the ICA protocol. However for most user sessions, between 8 -12 are usually utilized.
    • ICA Priority Packet Tagging• ICA Priority Tagging consists of a two bit tag within each ICA packet header.• These tags can be evaluated on the fly and the application activity determined.• Earlier versions of MetaFrame use a framing header that does not contain the two priority bits.
    • Channel Name Default Priority Description Virtual Driver CTXTW 0 Remote Session Screen Update (THINWIRE) vdtw30n.dllVirtual Channels CTXTWI CTXTWN 0 0 Seamless Windows Screen Update (THINWIRE) Winstation vdtwin.dll wfica32.exe CTXEUEM 0 End User Experience Monitoring vdeuemn.dll CTXZLFK 0 Local Text Echo and Keyboard Feedback vdzlcn.dll CTXZLC 0 Speed Screen Latency Reduction - Screen vdzlcn.dll CTXZLFK 0 Speed Screen Latency Reduction - Fonts vdfon30n.dll CTXCTL 0 ICA Session Control vdctln.dll CTXFLSH 1 Multimedia - Flash vdflash.dll CTXGUSB 1 USB Redirection vdgusbn.dll CTXMM 1 Multimedia - Streaming vdmmn.dll CTXCLIP 1 Client Clipboard Mapping vdclipn.dll CTXCAM 1 Client Audio Mapping vdcamN.dll CTXLIC 1 License Management wfica32.exe CTXVFM 1 Video Server – (no longer used) n/a CTXPN 1 Program Neighborhood vdpnn.dll CTXCCM 2 Client COM Port Mapping vdcom30N.dll CTXCDM 2 Client Drive Mapping vdcdm30n.dll CTXPASS 2 Transparent Key Pass-Through vdkbhook.dll CTXCPM 3 Printer Mapping for Spooling Clients vdcpm30N.dll CTXCM 3 Client Management (Auto-Update) vdcmN.dll CTXLPT1 3 Legacy LP1 Port Mapping wfica32.exe CTXLPT2 3 Legacy LPT2 Port Mapping wfica32.exe CTXCOM1 3 Legacy COM1 Port Mapping wfica32.exe CTXCOM2 3 Legacy COM2 Port Mapping wfica32.exe
    • ICA QoS in BR 5.7 ICA Priority Packet Tagging allows prioritization of ICA sessions based on the virtual channel data being transmitted. (what the user is doing within the app/session) This is done by associating each virtual channel’s two-bit priority to a packet priority. The two priority bits combine to form four priority values: 00 (0) - High Priority 01 (1) - Medium Priority 10 (2) - Low Priority 11 (3) - Background Priority These priority bits can then be assigned to Branch Repeater Quality of Service queues to allow dynamic QoS.
    • ICA QoS in BR 6.0 (Single Stream) ICA Priority Packet Tagging allows prioritization of ICA sessions based on the virtual channel data being transmitted. (what the user is doing within the app/session) This is done by associating each virtual channel’s two-bit priority to a packet priority. The two priority bits combine to form four priority values: 00 (0) - High Priority 01 (1) - Medium Priority 10 (2) - Low Priority 11 (3) - Background Priority These priority bits can then be assigned to Branch Repeater Quality of Service queues to allow dynamic QoS.
    • The Single Stream ICA Problem compressed and encrypted ICA data •The user creates an ICA session. •User interface traffic is tagged with a priority bit of zero (thin wire). •Branch Repeater identifies the priority tags in real time and applies QoS appropriately.Session Bandwidth
    • The Single Stream ICA Problem compressed and encrypted ICA data •The user then starts a print job within the ICA session. •Print traffic is tagged with a priority bit of three (real time). •Branch Repeater identifies the new priority tags in real time and applies QoS appropriately.Session Bandwidth
    • The Single Stream ICA Problem compressed and encrypted ICA data •The user then either returns to the app’s user interface or starts a second application. (thin wire) •The new observed priority bits of the session cause the session to be QoS’ed as a priority zero. •Prioritization of printing traffic is now lost.Session Bandwidth
    • Enter Multi-Stream ICA
    • Channel Name Default Priority Description Virtual Driver CTXTW 0 Remote Session Screen Update (THINWIRE) vdtw30n.dllVirtual Channels CTXTWI CTXTWN 0 0 Seamless Windows Screen Update (THINWIRE) Winstation vdtwin.dll wfica32.exe CTXEUEM 0 End User Experience Monitoring vdeuemn.dll CTXZLFK 0 Local Text Echo and Keyboard Feedback vdzlcn.dll CTXZLC 0 Speed Screen Latency Reduction - Screen vdzlcn.dll CTXZLFK 0 Speed Screen Latency Reduction - Fonts vdfon30n.dll CTXCTL 0 ICA Session Control vdctln.dll CTXFLSH 1 Multimedia - Flash vdflash.dll ICA Stream #1 CTXGUSB 1 USB Redirection vdgusbn.dll CTXMM 1 Multimedia - Streaming vdmmn.dll CTXCLIP 1 Client Clipboard Mapping vdclipn.dll ICA Stream #2 CTXCAM 1 Client Audio Mapping vdcamN.dll CTXLIC 1 License Management wfica32.exe ICA Stream #3 CTXVFM 1 Video Server – (no longer used) n/a CTXPN 1 Program Neighborhood vdpnn.dll CTXCCM 2 Client COM Port Mapping vdcom30N.dll ICA Stream #4 CTXCDM 2 Client Drive Mapping vdcdm30n.dll CTXPASS 2 Transparent Key Pass-Through vdkbhook.dll CTXCPM 3 Printer Mapping for Spooling Clients vdcpm30N.dll CTXCM 3 Client Management (Auto-Update) vdcmN.dll CTXLPT1 3 Legacy LP1 Port Mapping wfica32.exe CTXLPT2 3 Legacy LPT2 Port Mapping wfica32.exe CTXCOM1 3 Legacy COM1 Port Mapping wfica32.exe CTXCOM2 3 Legacy COM2 Port Mapping wfica32.exe
    • Multi-Stream ICA Terminology• Single-port, Multi-stream ICA (MSI Default) • 4 random ports at client, 1 primary port on server • Automatically enabled on ICA server by Branch Repeater 6.0.• Multi-port, Multi-stream ICA • 4 random ports at client, 1 primary and up to 3 secondary ports on server • Most common deployment if used without Branch Repeater• Single-port, Single-stream ICA • 1 random port at client, 1 primary port on server • The pre-MSI default connection type • If any Branch Repeater on the link vetos MSI, or old versions used Citrix Confidential - Do Not Distribute
    • Enable MSI on ICA Server Citrix Confidential - Do Not Distribute
    • Enable MSI on Branch Repeater For backward compatibility, MSI is disabled by default on Branch Repeater, XenDesktop and XenApp Citrix Confidential - Do Not Distribute
    • Up to 4 TCP connections for a single ICA application This is the first view that MSI is working as expected Citrix Confidential - Do Not Distribute
    • How MSI streams are identified Under Monitoring  Citrix (ICA/CGP)  ICA Statistics  ICA Session Count If MSI is active and connected, Multi Stream counter will be non-zero Citrix Confidential - Do Not Distribute
    • What is the competitive advantage• Only Branch Repeater can parse a single port/multi-stream ICA connection and apply QoS appropriately.• The benefits: • Lower overhead on the network and server infrastructure • Works on standard ICA (CGP) ports, does not require Firewalls reconfiguration • Hassle-free, automated IT administration• In all other cases, you get multi-server port MSI or single- stream ICA Citrix Confidential - Do Not Distribute
    • Multi-Stream ICA in Action compressed and encrypted ICA data •Application UI performance level is maintained. •Printing traffic does not adversely affect this or any other WAN users.Session 1 GUI Session 1 Printing Session 2 GUI
    • Complete Exercise 4
    • Reporting, Monitoringand Statistics
    • The New Dashboard• The Branch Repeater Admin Console now has a landing page called Dashboard.• The Dashboard can be automatically refreshed as well as manually refreshed by clicking the Refresh button.• The sections that are displayed and the refresh rate can be customized also buy clicking the Customize button. Citrix Confidential - Do Not Distribute
    • The New Graphs and Tables• Branch Repeater has a new graphing and statistics rendering engine.• Graphing options include • Pie Charts • Stacked Area Graphs • Line Graphs • Dynamic bar graphs• Data and statistics can be displayed in tables with hyperlinked cells for data drill down.
    • The New Graphs and Tables• Branch Repeater has a new graphing and statistics rendering engine.• Graphing options include • Pie Charts • Stacked Area Graphs • Line Graphs • Dynamic bar graphs• Data and statistics can be displayed in tables with hyperlinked cells for data drill down.
    • The New PDF Reports with Historical Data• Generating reports now produces a multi-page PDF document that can be saved or printed.• Graphs displayed in reports are determined by the graph display settings within the Admin console.• Reports can include historical data as well as can be run as a aggregate or drill down report. • (more on this later)
    • The Monitoring Pages• The Monitoring pages are now listed in a collapsible Monitoring node, and listed alphabetically.• Changes, enhancements or additions have been made to the following monitoring pages: • Connections • Filesystem (CIFS/SMB) • Citrix (ICA/CGP) • Secure Partners Citrix Confidential - Do Not Distribute
    • Monitoring Changes• The Connections page now used a tabular interface with separate tabs for Accelerated and non- accelerated connections.• Connection filtering can now be done by Service Class.• The connections lists now have customizable columns.
    • UR:0 NONE "internal (accelerated)" UR:21 OUT_OF_SOCKETS "too many proxy connections: failed to allocate a socket"UR:1 UNKNOWN "unknown"UR:2 NO_ORBITAL "no partner unit detected" "routing asymmetry detected: not all packets are going through this UR:22 NO_HANDSHAKE_SEEN "no initial TCP handshake seen"UR:3 NO_SYN_SEEN unit" "a different member of the appliance group accelerates this "routing asymmetry detected, not all packets are going through this UR:23 GROUP connection"UR:4 NO_SYN_ACK_SEEN unit, (no SYN-ACK seen)" "not enough room left in the TCP packet header to append unit UR:24 NO_AUTO_DISCOVERY "auto-discovery disabled"UR:5 NO_SPACE_FOR_OPTIONS specific options"UR:6 POLICY "service policy rule" UR:25 GROUP_PASSTHROUGH "acceleration disabled in group mode"UR:7 PORT_EXCLUDE "acceleration port include or exclude list"UR:8 IP_EXCLUDE "acceleration ip address include or exclude list" EDGE_CONNECTION_WITH_ "appliance received an Citrix Acceleration Plug-in connection "one unit is configured with softboost mode and the other with UR:26UR:9 MODE_MISMATCH BAD_VIP with wrong destination VIP" hardboost mode"UR:10 MAX_CONNECTIONS_LIMIT "maximum number of accelerated connection reached" NO_CONNECTION_TO_APPLI UR:27 "no connection to appliance" ANCE MAX_SYN_TRIES_EXCEED "could not connect to the destination when unit specific options UR:28 INCORRECT_MODE "Transparent connection at an appliance in redirector mode"UR:11 ED were appended to the tcp packet" "could not connect to the destination when unit specific options UR:29 CLIENT_RULES "client rules disallow acceleration"UR:12 DONT_PROBE were appended to the tcp packet, but connection without such options succeeded" NO_SIGNALING_CONN_TO_C UR:30 "no signaling connection to client" LIENTUR:13 ORBS_ON_BOTH_SIDES "this unit is between two other units and daisy-chaining is enabled" ISA_CACHED_LOCAL_CONNE UR:31 "ISA cached local connection" CTIONUR:14 MAX_FAST_FLOWS_LIMIT "maximum number of simultaneous partner units reached" ISA_NAT_INITIATED_LOCAL_ UR:32 "ISA NAT local connection" CONNECTIONUR:15 BAD_LOCAL_SRC_IP "no proxy entry for source IP address is configured" MAX_ACTIVE_CONNECTIONS UR:33 "maximum number of active accelerated connection reached" _LIMITUR:16 SIMULATION_MODE "unit runs in simulation mode" SYN_ACK_WITHOUT_OPTION UR:34 "a syn-ack was received without options" "connections with this TCP port are not allowed to be accelerated SUR:17 PORT_LIMIT_LICENSE by the license" SSL_VPN_CONNECTION_REF "an ssl VPN is causing packets to transverse the Acceleration UR:35 LECTING_TRAFFIC Plug-in multiple times"UR:18 BAD_PROXY_CONFIG "bad proxy configuration detected on the partner unit" UR:36 APPLIANCE_IS_ON_LAN "Appliance/Client are on the same LAN", "bad proxy configuration detected, acceleration for connectionsUR:19 PROXY_EXLUDED_PORT with this source or destination TCP port is disabled by port include APPLIANCE_SIGNALING_CON or exclude list" UR:37 "Signaling connection to partner appliance" NECTION CACHED_LOCAL_CONNECTIUR:20 PROXY_LOOP "bad proxy configuration detected: there is a loop" UR:38 "HTTP Cached Local Connection" ON
    • The Reporting PagesAdmin console reporting has been rewritten and organized into the Reportsnode.The aggregate reports available are: • Compression • LAN vs. WAN Traffic • Link Usage • Service Classes • Top Applications • Traffic Shaping• Within each of these aggregate report views, several drill down reports are available in addition to all PDF reports.
    • Report Creation Example• The Top Applications report breaks out total throughput and relative bandwidth usage by application and optionally by link for both send and receive traffic.• Report windows range from the last minute to last month, as well as since last appliance restart.• Up to 10 applications can be reported on at a time, while being displayed in either line graphs or stacked area graphs.• Click Customize allows you to select specific links as well as the number of applications to report on.
    • Report Creation Example• Clicking on the Active Applications tab displays a list of all identified application and service traffic (TCP and UDP) at the current moment.• Clicking Customize allows the specifying if configured Links to report on.• Then clicking an application name hyperlink displays application specific link usage for send and receive traffic.
    • Report Creation Example• Clicking on the Active Applications tab displays a list of all identified application and service traffic (TCP and UDP) at the current moment.• Clicking Customize allows the specifying if configured Links to report on.• Then clicking an application name hyperlink displays application specific link usage for send and receive traffic.
    • Report Creation Example• Click the PDF Report button to generate a report isolating that application only.
    • Configuration – Refresh and Clear• Clicking on the Administrator Interface node under Configuration accesses all GUI access and display related settings.• Enabling and disabling of graphs, graph combinations, and refresh rates are all controlled here.• Clicking on the Clear Statistics node under System Maintenance accesses the clearing of link, application, traffic shaping and service class statistics.
    • Complete Exercise 5
    • The “Ask me anything…” slide oded.nahum@citrix.com