Session Reliability in Linux VDA

Session Reliability in Linux VDA

book

Article ID: CTX230028

calendar_today

Updated On:

Description

This article introduces the Session Reliability feature in Linux VDA: what it is, how it works and what the settings are.

Instructions

With this release, Citrix adds session reliability to all the supported Linux platforms. By default, session reliability is enabled and no specific procedures are required to use this feature.
Note: Data transmitted through a session reliability connection is in plaintext by default. For the security purpose, Citrix recommends that you enable SSL encryption. For more information about SSL encryption, see How to enable or disable SSL Encryption For Secure User Sessions.

What is Session Reliability?

Citrix offers auto client reconnect and session reliability to provide a smoother ICA reconnection during network interruptions. In a default configuration, session reliability starts and then auto client reconnect follows.

  • Session reliability queues outgoing ICA data while a TCP connection is temporarily down and inform the ICA Transport Driver when a resume request is received. Thus, the ICA session stays as active for the configured time interval during network interruptions. Take desktop sessions for example, when session reliability is in progress, the network interruption notification looks like the following - the session window becomes translucent and a countdown timer shows the time until the reconnections occur:
User-added image
  • While Auto client reconnect relaunches the client engine to reconnect to a disconnected session. When auto client reconnect is in progress, the ICA session is disconnected and the system sends desktops network interruption notification to the user as follows - the session window is grayed out and a countdown timer shows the time until the reconnections occur:
User-added image
For more information about session reliability and auto client reconnect, see Auto client reconnect and session reliability.
 
How Session Reliability Works in Linux VDA
With this release, we implemented Common Gateway Protocol (CGP) in Linux VDA. CGP is a tunneling protocol, it includes mechanisms to monitor connection quality and recover the connection if transport TCP connection fails. Session Reliability is one of the benefits it offers. CGP also serves as an authorization protocol through NetScaler Gateway.
We performed the following changes to support Session Reliability in Linux VDA:
  1. Modified the underlying ICA Transport Driver (TD) with CGP layer added.
  2. Added new ICA listener to listen on CGP port (default: 2598). With this listener, ICA data can be transmitted through CGP over TCP or CGP over EDT (Enlightened Data Transport, experimental in this release). We also added a new key “cgp” under ConfDB path HKLM\System\CurrentControlSet\Control\Citrix\WinStations for the CGP listener to function with proper initial values. You can get all related keys from command:
/opt/Citrix/VDA/bin/ctxreg list -k "HKLM\System\CurrentControlSet\Control\Citrix\WinStations\cgp"
  1. Implemented Session Reliability in the Transport Driver (TD) based on CGP.
  2. Enhanced HDX service to retrieve and apply Session Reliability related policies, which are configured through Citrix Studio or Group Policy.
  3. Integrated CGP with SSL encryption, so that data transmitted through a session reliability connection can also be encrypted. Citrix recommends that you enable SSL encryption for security purpose.
In summary, Session Reliability can function through CGP listener (default port: 2598) or through SSL listener (default port: 443), as long as the feature is enabled through the session reliability connections policy.
 
Settings for Session Reliability in Linux VDA
Session Reliability is enabled by default, you can use this feature directly with default settings. If you want to customize Session Reliability related settings, you can configure them through policy settings in Citrix Studio or settings on the Linux VDA.
  1. Policy settings in Citrix Studio
You can set the following policies for session reliability in Citrix Studio:
  • Session reliability connections
  • Session reliability timeout
  • Session reliability port number
  • Reconnection UI transparency level
For more information, see Session reliability policy settings and Auto client reconnect policy settings.
Note: After you set Session reliability connections or Session reliability port number policy, restart the VDA service and the HDX service in Linux VDA in sequence to make your settings effective.
  1. Settings on the Linux VDA
Enable/disable the session reliability TCP listener
By default, the session reliability TCP listener is enabled and listening on port 2598. To disable the listener, run the following command.
ctxreg update -k "HKLM\System\CurrentControlSet\Control\Citrix\WinStations\cgp" -v "fEnableWinStation" -d "0x00000000"
Note: Restart the HDX service to make your setting effective. Disabling the TCP listener does not mean disabling session reliability. Session reliability is still available through other listeners (for example, SSL) if the feature has been enabled through the session reliability connections policy.
 
Session reliability port number
The session reliability port number can also be set with the following command (using port number 2599 as an example).
ctxreg update -k  "HKLM\System\CurrentControlSet\Control\Citrix\WinStations\cgp"   -v  "PortNumber" -d  "2599"
Note: Restart the HDX service to make your setting effective. If the port number has been set through the policy setting in Citrix Studio, your setting on the Linux VDA is ignored. Ensure that the firewall on the VDA machine is configured not to prohibit network traffic through the set port.

Server-to-client keep-alive interval
Session reliability keep-alive messages are sent between the Linux VDA and the ICA client when there is no activity in the session (for example, no mouse movement, no screen update). The keep-alive messages are used to detect whether the client is still responsive. If there is no response from the client, the session is suspended until the client reconnects. This setting specifies the number of seconds between successive keep-alive messages sent from the Linux VDA to the ICA client. By default, this setting is not configured. To configure it, run the following command (using 10 seconds as an example).
ctxreg create -k "HKLM\Software\Citrix\XTEConfig"  -t "REG_DWORD"  -v  "CgpServerToClientKeepAlive"  -d  "10"  --force
 
Client-to-server keep-alive interval
This setting specifies the number of seconds between successive keep-alive messages sent from the ICA client to the Linux VDA. By default, this setting is not configured. To configure it, run the following command (using 10 seconds as an example).
ctxreg create -k "HKLM\Software\Citrix\XTEConfig"  -t "REG_DWORD"  -v  "CgpClientToServerKeepAlive"  -d  "10"  --force


 
 

 

Issue/Introduction

This article introduces the Session Reliability feature in Linux VDA: what it is, how it works and what the settings are. This feature is available on Linux VDA 7.16 and above

Additional Information

Powered by Wolken Software