How does Citrix traffic cross the wire(less)? An overview of Citrix networking technologies.
Jo Harder takes us on a tour of ICA, Session Reliability, HDX, Framehawk, and Enlightened Data Transport.
Citrix was originally founded on two key technologies: multi-user and a unique protocol named Independent Computing Architecture (ICA). ICA has been the fundamental pillar of user session efficiency, and in this article, we’ll explain Citrix transport protocols in detail, as well as navigate through numerous developments and enhancements.
First, please realize that Citrix sessions require sufficient bandwidth. Exactly how much bandwidth is dependent upon numerous factors, including: number of users, graphical nature of applications, user activities, screen display, and number of monitors.
ICA Round-Trip Time (ICA RTT) is often used to quantify the user experience and is based on the amount of time it takes for user input to reach the server and that response appear on the client device. For example, if the user types the digits “100” in a spreadsheet cell, the ICA RTT would be the amount of time it takes for 100 to appear on the user screen. In general:
- <100ms = Very good
- 100-200ms = Good
- 200-300ms = Users will start complaining
- >300ms = Your phone will be ringing
HDX Insight, which is an option for integrating NetScaler Gateway data into Director, is useful for monitoring ICA RTT, session latency, and similar metrics. Of course, the use of NetScaler SD WAN for compression and optimization, as well as the new technologies discussed below, may significantly impact ICA RTT and the user experience.
ICA, Session Reliability, and HDX
The ICA protocol functions at Layer 6 of the OSI model and is composed of virtual channels. Think of virtual channels as individual wires within a cable in that each wire can carry unique traffic to the endpoint. The virtual channels each transport distinct traffic types such as audio, printing, clipboard and Thinwire, which is the Citrix display remoting technology that transfers mouse movements and keystrokes. Each virtual channel is assigned a priority level, i.e., 0 through 3, with 0 being the highest priority.
Optionally, Multi-Streaming or Multi-Port (the name depends on version) can be enabled via Citrix policies to designate a TCP port for the four virtual channel priority levels. For example, the highest priority traffic can be assigned to TCP 2500 and that port can then be prioritized as deemed appropriate.
Communications to the XenApp server or XenDesktop virtual workstation are sent via TCP 1494, and a dynamically allocated port is used for communications from the Citrix resource. By default, Session Reliability—which is based on the Citrix Common Gateway Protocol (CGP)—is enabled, and user sessions instead communicate via TCP 2598. Session Reliability minimizes or hides the impact of minor network failures; it buffers user input for three minutes by default without causing the user session to fall into a disconnected state. In many cases, Session Reliability addresses minor network issues satisfactorily, and no administrative configuration is required.
A key benefit of ICA is its compression features. When less bandwidth is available, session data is further compressed. Further, in conjunction with the printing engine, print jobs are significantly compressed as they cross the wire.
Largely a marketing term, HDX signifies High-Definition User Experience. Many enhancements to the ICA protocol are bundled under the umbrella of HDX. Frequently, the acronyms ICA and HDX are used interchangeably, e.g., NetScaler Gateway functionality are often referenced as either ICA proxy or HDX proxy.
UDP-Based Technologies
Some Citrix virtual channels traverse the network via UDP, rather than TCP, either optionally or exclusively. For example, audio and Flash Redirection can be configured to run over UDP, whereas Framehawk communicates exclusively via UDP.
Framehawk was introduced in June 2015 as part of XenDesktop 7.6 Feature Pack 2. The primary use case for Framehawk are networks that are subject to high packet loss and/or latency, such as cellular. Framehawk focuses on speed, not precision of the display, and some data is dropped because an inherent characteristic of UDP is that no retransmission occurs. Framehawk can be configured to replace Thinwire for remoting; thus, the remoting mechanism can be either Thinwire (TCP) or Framehawk (UDP), but not both.
To understand the difference between Session Reliability and Framehawk, picture a scenario where a user is accessing a spreadsheet within a XenApp or XenDesktop wireless session that is subjected to extreme packet loss. During a brief network interruption, the user keeps clicking the mouse in an attempt to scroll downward, but the application is unresponsive. If Session Reliability were enabled, the mouse clicks would be buffered and then would execute quickly when the network is restored, which would cause the application to show the bottom of the spreadsheet. This is not what the user truly desires. When Framehawk is enabled, however, the additional mouse clicks are dropped during that same network blip, causing the screen focus to instead remain in the desired area of the spreadsheet.
Taking Framehawk one step further, as part of XenDesktop 7.12 released in December 2016, Citrix previewed Adaptive Transport for HDX, which is also known as Enlightened Data Transport (EDT). EDT transmits all user session communications via UDP 1494 and 2598, rather than exclusively or primarily relying on TCP. One key difference between Framehawk and EDT is that if the user session is configured to use Framehawk, it uses only Framehawk; however, if EDT is enabled, the user session will traverse the network via UDP but will flip back to TCP if conditions warrant.
As Enlightened Data Transport matures, it holds promise for revolutionizing and greatly improving on the basic ICA protocol. Watch this space!