Google Answers Logo
View Question
 
Q: Citrix over MPLS network ( Answered 4 out of 5 stars,   0 Comments )
Question  
Subject: Citrix over MPLS network
Category: Computers > Software
Asked by: ithead-ga
List Price: $100.00
Posted: 19 Feb 2004 08:49 PST
Expires: 20 Mar 2004 08:49 PST
Question ID: 308400
Our enterprise is planning to run all core business applications
through Citrix (central farm for local and remote sites). An MPLS
network will be implemented to provide the links to all sites, and it
is proposed that Expand bandwidth accelerators will be used on each
MPLS link to boost throughput/performance.

We are keen to use the QOS (quality of service) inherent within MPLS.
This would not be a problem with normal non-citrix traffic, but we are
told that if all applications (e.g. IBM As/400 traffic, Lotus Notes,
Web browsing) are running via Citrix, they will all enter the Expand
boxes and MPLS network as a single citrix stream and we will not be
able to prioritise or split traffic in any way. We are planning on
using only Class of Service 3 on the MPLS network.

Our key question is, is there any way of prioritising or segregrating our Citrix
traffic so, for example, heavy web browsing does not impact on AS/400 traffic etc.

Thanks in advance for your help

Request for Question Clarification by aht-ga on 26 Feb 2004 20:29 PST
Hello again, ithead-ga!

Sorry for not spotting this Question earlier. It has been a week since
you posted it; are you still looking for an Answer?

Your question caught my interest because it is actually something I've
been wondering about myself. Based on several solutions on the market
that I have now come across, it appears that there is indeed a
hardware solution for your specific question about prioritizing
different types of Citrix traffic.

Please let me know if you are still seeking an Answer, and then we can
begin our dialog leading to the Answer!

Regards,

aht-ga
Google Answers Researcher

Clarification of Question by ithead-ga on 27 Feb 2004 01:03 PST
Yes, the question is still open. From talking to our Citrix provider,
I'm told Citrix uses a number of data channels for (i) all normal
citrix data, (ii) printing from Citrix, (iii) Citrix driver info., but
that the normal citrix data cannot be split ?

Can you help ?

Regards.

Request for Question Clarification by aht-ga on 27 Feb 2004 07:27 PST
The key to segregating different 'classes' of applications being run
over Citrix is to use the 'published application' approach at the
application level, rather than simply using Citrix to create a remote
desktop. This way, a user would double-click on a, for example, MS
Word icon on their thin client desktop, and the associated application
that launches is Citrix, connecting directly to the MS Word
application that has been 'published' by the server. By using the
'published application' approach, each stream can be identified by
application type. Then, by using a traffic shaper that can recognize
these Layer 7 tags used to label the different application streams,
you can prioritize which traffic gets presented to your Expand
Accelerator first.

Does this sound like the sort of approach you would be able to pursue?
If so, let me know and I will compose and post an Answer that gives
several references to this 'published applications' approach, and some
options for traffic shapers that can work with 'published
applications' to give you the prioritization you seek.

Regards,

aht-ga
Google Answers Researcher

Clarification of Question by ithead-ga on 27 Feb 2004 09:52 PST
Thanks for your reply. We are expecting to use a 'published desktop'
approach rather than 'published application' approach to allow us to
lock down the existing desktops as much as possible. Does this
preclude prioritisation of traffic by application ? Can the Expand
boxes split out the Citrix traffic in any way ?

Thanks

Request for Question Clarification by aht-ga on 27 Feb 2004 10:12 PST
Hmm, the published desktop approach, unfortunately, encapsulates the
entire desktop session into a single Citrix ICA stream. The best way
of looking at Citrix is to think of it as a series of snapshots, being
transmitted from the server to the thin clients on a constant basis.
Mouse movements and keypresses from the thin client are transmitted
back to the server, but the bulk of the traffic is the screen updates
(bitmaps) from the server to the client.

When using the published desktop approach, however, the Citrix screen
updates are of the entire visible desktop. There really is no way to
know what is on that visible desktop. For example, a user could be
running Oracle and Internet Explorer at the same time. The IE window
is generating the most traffic (let's say there's an animated graphic
in the visible window). However, as far as the Citrix server is
concerned, both Oracle and IE are running.

There is still the possibility, however, of deploying using the
published application method, a handful of icons (for the different
apps) on the thin client desktop, and extremely restrictive policies
on the thin client PC to prevent anything BUT the Citrix app icons
from being executed. You can still control the profiles for the users
to ensure that the 'correct' local desktop is pulled up from a roaming
profile each time a user logs in every morning. This is not as easy as
simply putting everything into a Citrix published desktop, but will
allow you to shape the traffic for different applications executed
through Citrix.

What do you think of this?

aht-ga
Google Answers Researcher

Clarification of Question by ithead-ga on 27 Feb 2004 10:41 PST
Thanks. Guess we have to either go with a Published Desktop and accept
that we cannot avail of the traffic prioritisation (or QOS on the MPLS
network), or go with Published Apps. and get the prioritisation.

Would be a shame to miss out on QOS/prioritisation of traffic as MPLS
stats. will then only tell us a line is saturated and we cannot get
any indication of what application is causing the problem.

Probably no other options. If so, happy to take this as the answer and
close question.

Regards

Request for Question Clarification by aht-ga on 27 Feb 2004 11:52 PST
Perhaps I'm overly confusing myself, but.... if you are running all
core apps through Citrix ICA streams that are compressed by the Expand
Accelerators into an IP tunnel between the central site and each of
the remote sites, won't your QoS reporting and management be only at
the Expand box level, and not the MPLS? The MPLS stats would show you
the Expand tunnels as IP traffic, along with other traffic that isn't
being compressed by the Expand boxes. So, you will still need to refer
to the Expand logs and the MPLS reports to get the total picture,
right?

If you went with 'published applications' as an approach, you will
still need a traffic shaper that works with Layer 7 labelling, before
that traffic hits the Expand Accelerator. Conceptually, this means
traffic is first prioritized by the traffic shaper, then compressed by
the Expand Accelerator, then fired into the MPLS cloud by your router.
The process reverses itself at the other end. As you can tell from
this, it would mean acquiring additional hardware in the form of the
traffic shapers. Here's the two I found that work with Citrix 'out of
the box' (using the 'published applications' approach):

Packeteer 
http://www.packeteer.com/prod-sol/solutions/citrix.cfm

Allot NetEnforcer
http://www.allot.com/pages/product_content.asp?intGlobalId=6

At this point, I think it would be best to ask your Citrix provider
whether or not they have any experience with Layer 7 traffic
prioritization solutions. If not, then perhaps you should have a
conversation with a Packeteer or Allot representative before
finalizing your deployment plans. I would also suggest talking to the
Expand representative about how your daily/weekly/monthly QoS reports
will work with the fact that you are using an MPLS solution for your
WAN. It isn't clear to me from the info on Expand's website that this
will necessarily be elegant.

If you like, we can move this conversation thread into the Answers
section; however, I'd prefer to give you the time to speak with your
vendors first. Please let me know how you would like us to proceed
with this.

Thanks,

aht-ga
Google Answers Researcher

Clarification of Question by ithead-ga on 01 Mar 2004 05:45 PST
Having talked to both Expand and our Citrix provider, options are
limited to those already explored. However, we will be able to get
management reporting through citrix (resource manager function) which
should be sufficient to identify bottlenecks. In reality as each
Citrix session is limited to 20Kb bandwidth, only the number of users
and mot what they are doing, will impact on network performance.

Thanks for your help - it triggered some action from the vendors !
Happy to close the question at this point.

Regards.
Answer  
Subject: Re: Citrix over MPLS network
Answered By: aht-ga on 01 Mar 2004 08:33 PST
Rated:4 out of 5 stars
 
ithead-ga:

Well, I am glad that this discussion was of some help, even if it did
not result in a breakthrough for your traffic management needs.

Allow me to summarize the information I provided above, in case you
end up needing to refer back to it:

-----------------------------------

Traffic prioritization schemes involving Citrix hinge on the use of
'published applications' as opposed to 'published desktops'. The
challenge with using 'published applications' is the requirement for
developing a strict user profile to be deployed to all of your client
stations.

Specialized traffic such as Citrix ICA streams can only be prioritized
prior to entering the Expand Accelerators for compression; this
requires additional equipment in the form of traffic shapers capable
of recognizing the 'published applications' contained within the ICA
streams.

QoS over an MPLS network depends on the use of labels attached to the
packets of data, in effect classifying the information. It is up to
Expand to develop this into their product, as their compressed stream
will contain multiple data types as configured during your deployment.

Traffic shapers that would work with your scenario include sytems from
Packeteer and Allot NetEnforcer; however, each can be pricey given the
fact that you will need one per location.

As you stated in your final clarification, both Expand and Citrix have
advised that their solutions do no inherently provide any solution for
this situation; however, based on the size of each ICA stream, you now
think that this may not pose too great a problem; and, at the minimum,
you will be able to control the situation based simply managing the
users.

-----------------------------------

I'm sorry that I was not able to take this through to a novel solution
for you this time. However, it does appear that your vendors have
stepped up to recognize your needs better. Hopefully, Expand will
continue developing their product firmware to the point where Citrix
ICA streams can receive some form of traffic management without
requiring the deployment of additional hardware.

Regards,

aht-ga
Google Answers Researcher
ithead-ga rated this answer:4 out of 5 stars

Comments  
There are no comments at this time.

Important Disclaimer: Answers and comments provided on Google Answers are general information, and are not intended to substitute for informed professional medical, psychiatric, psychological, tax, legal, investment, accounting, or other professional advice. Google does not endorse, and expressly disclaims liability for any product, manufacturer, distributor, service or service provider mentioned or any opinion expressed in answers or comments. Please read carefully the Google Answers Terms of Service.

If you feel that you have found inappropriate content, please let us know by emailing us at answers-support@google.com with the question ID listed above. Thank you.
Search Google Answers for
Google Answers  


Google Home - Answers FAQ - Terms of Service - Privacy Policy