Академический Документы
Профессиональный Документы
Культура Документы
www.citrix.com
Contents
1. Introduction .......................................................................................................................................................2
1. Introduction
IT departments at enterprises of all sizes always remain concerned with the topic of ensuring acceptable
application delivery to branch office and mobile employees. A decade ago, they were satisfied with any solution
in any form, fit and function that met their needs and allowed them to check that box next to application
acceleration for all. That was then. Fast forward to today where application acceleration for all is given. The
quest is to make it more flexible than an acrobat, more standard than a school uniform, more elastic than a
rubber band and at a price points that keep concerned business units smiling all the way.
Today, enterprises of all sizes are clamoring to standardize user experience and improve productivity across their
employee pool by delivering applications via exciting technologies like Citrix XenDesktop and Citrix XenApp no
matter where these employees are – in branch offices, in regional offices or even on the road. Their IT
departments are building private clouds to deliver metered IT services to business units within enterprises. On
the other side, service providers such as Amazon and Microsoft are eager to satisfy unmet needs of enterprises
by building public cloud infrastructures. Especially for SMB segment, these service providers are their only IT
departments. It is a tall order for enterprises and service providers to pull these off without sacrificing flexibility,
standardization, elasticity and the cost advantage that they have come to expect of this age.
Broadly speaking, WAN Optimization controllers (WOC) are the linchpin of application delivery infrastructure in
scenarios such as but not limited to datacenter to branches, private cloud of an enterprise, service provider
operated public cloud or a hybrid cloud that connects both – enterprises and cloud providers.
While Citrix Branch Repeater appliance offers robust WAN Optimization solution, Citrix Branch Repeater VPX
takes the center stage when flexibility, standardization, elasticity and cost advantage is of paramount
importance.
Citrix Branch Repeater (BR) VPX is a virtualized software product that delivers the same features as the Repeater
85xx series hardware appliances, with a few caveats that are detailed within this document. BR VPX can be
deployed in any datacenter (either on‐premise or hosted by a service provider) that allows access to the
hypervisor. As a virtual machine, Branch Repeater VPX can be deployed exactly where and when you need it, and
can be combined with other virtual machines such as servers, security units, other networking devices or other
virtual appliances, to create a virtualized server unit that suits your business and IT needs.
For the purpose of this document, acceleration works on TCP/IP connections and packets that pass through any
supported combination of two acceleration units:
• Any combination of Repeater hardware, Branch Repeater hardware, and Branch Repeater VPX appliances
• One Repeater hardware appliance and one Repeater Plug‐in.
• One Branch Repeater VPX appliance and one Repeater Plug‐in.
• Traffic in both directions must pass through both acceleration units.
Once these criteria are met, acceleration is automatic.
A successful deployment of Branch Repeater VPX is neither elaborate nor difficult; the purpose of this document
is to provide some guidance on best practices for deploying Branch Repeater VPX ensuring successful
deployments that accelerate and optimize network traffic as expected.
Please note that improper deployments may cause network‐ (and/or bandwidth‐) related issues and may also
result in inadequate acceleration. Follow the guidelines in this document for the best possible results. While the
document provides some configuration steps, this is not an end‐to‐end training guide. The document assumes
that the reader has a basic understanding of Repeater concepts, technology and terminology. For additional
information, please refer to the Branch Repeater Administrator guide, which is available on Citrix Support Site in
the Branch Repeater Product Section. http://support.citrix.com/product/brrepeat
The absolute minimum (60 GB disk) configuration is not for production environments, but can be useful for ad
hoc testing and demonstrations on machines with inadequate resources. The minimum system requirements for
production systems can be found in table 1.
The server hosting Branch Repeater VPX needs resources greater than or equal to these, with the exception of
Ethernet ports. Possible Ethernet options include:
1. Mapping Branch Repeater VPX’s two virtual ports to two physical ports, rendering its operation equivalent to
a stand‐alone branch repeater inline.
2. Mapping one of Branch Repeater VPX’s virtual ports to a physical port, and the other to a virtual network
containing one or more virtual machines on the same server, thus creating an accelerated server.
3. Mapping each of Branch Repeater VPX’s virtual ports to a virtual network, thus chaining Branch Repeater
VPX between two sets of virtual machines on the same server.
Server standardization
Standardize on preferred server vendor’s platforms
Manage using preferred server or hypervisor management tools
Low cost
Leverage low‐priced virtual appliances for branch offices with <45Mbps
Scalability
Datacenters aggregating traffic from multiple branches generally require more than 45 Mbps
Branches or datacenters with >45Mbps WAN links exceed the maximum throughput for BR VPX
Receiver plug‐in exceed the maximum connections of 500 users for BR VPX
Availability
Hardware appliances have built‐in HA and Fail‐to‐Wire for business continuity in branches or datacenters
Predictability
Purpose‐built hardware appliances provide more consistency than VPX. The predictability of VPX
performance depends on other factors including server sizing & resources (especially disk subsystem
performance) when sharing them with other VM workloads. Physical appliances may be highly desirable
where WOC Service Level Agreements (SLAs) are extremely important.
Branch IT Consolidation
Use Branch Repeater with Windows Server (CBRwWS) hardware appliances to consolidate or eliminate
branch servers but maintain critical Windows services (file, print, etc.) in branches
Managed CBRwWS appliances using familiar Microsoft SCCM/SCOM
2. Click on Properties for the virtual interface to which the Branch Repeater is connected
3. Select the vSwitch and click on Edit
4. Under the Security tab select Accept from the Promiscuous Mode dropdown menu
5. Click OK until all dialog windows are closed
Before enabling the bridging, please make sure to assign the two Branch Repeater bridge ports (accelerated pair
ports) to different virtual and physical Ethernet segments. Only when the Bridging is enabled can packets pass
through the BR VPX for acceleration.
The second option to avoid outage in case of hypervisor failure is to deploy Branch Repeater VPX using WCCP
mode.
WCCP mode is recommended when inline mode is not practical. Supported by most routers, WCCP only requires
three lines of router configuration code. To use WCCP mode on a Cisco router, it should be running at least IOS
version 12.0(11)S or 12.1(3)T.
(WCCP stands for “Web Cache Communications Protocol,” but the protocol was greatly expanded with version
2.0 to support a wide variety of network devices.)
1. Enable PortFast on XenServer connected ports
PortFast allows a switch port running Spanning Tree Protocol (STP) to go directly from blocking to
forwarding mode; skipping learning and listening. PortFast should only be enabled on ports connected to
a single server. Port cannot be a trunk port and port must be in access mode. Ports used for storage
should have PortFast enabled.
NOTE: It is important that you enable PortFast with caution, and only on ports that do not connect to
multi‐homed devices such as hubs or switches .
2. Disable Port Security on XenServer connected ports
Port security prevents multiple MACs from being presented to the same port. In a virtual environment,
you see multiple MACs presented from VMs to the same port causing your port to shut down if you have
Port Security enabled.
3. Disable Spanning Tree Protocol on XenServer connected ports
Spanning Tree Protocol should be disabled if you are using Bonded or teamed NICs in a virtual
environment. Because of the nature of Bonds and NIC teaming, Spanning Tree Protocol should be
disabled to avoid failover delay issues when using bonding.
4. Disable BPDU guard on XenServer connected ports
BPDU is a protection setting part of the STP that prevents you from attaching a network device to a switch
port. When you attach a network device the port shuts down and has to be enabled by an administrator.
A PortFast port should never receive configuration BPDUs.
NOTE: When BPDUs are received by a PortFast port, this reception indicates another bridge is somehow
connected to the port, and it means that there is a possibility of a bridging loop forming during the
Listening and Learning phases. In a valid PortFast configuration, configuration BPDUs should never be
received, so Cisco switches support a feature called PortFast BPDU Guard, which is a feature that shuts
down a PortFast‐enabled port in the event a BPDU is received. This feature ensures that a bridging loop
cannot form, because the switch's shutting down the port removes the possibility for a loop forming.
5. It is recommended to always change port speed and duplex settings to static with any switch.
NOTE: To use DRS with HA for load balancing, the servers in the cluster must be part of a VMotion
network. If the servers are not in the VMotion network, however, DRS can still make initial placement
recommendations
3.9.2. HA Failover
Since HA is accomplished by starting a new Branch Repeater virtual machine within the hypervisor resource pool
the failover differs significantly from the failover between two Branch Repeater appliances. Our testing has
shown it will take 2 – 5 min for the new Branch Repeater virtual machine to be operational. Each hypervisor has
multiple parameters like failure detection time, heart beat interval, etc. which can be fine‐tuned based on the
best practices guidelines for the corresponding hypervisors. Those parameters value depends on the factors like
number of VMs present in a pool, machine hardware, network infrastructure, disk storage, etc. Changing these
hypervisor specific parameters, will have impact to detect the HA failures and changes the time taken for the BR
VPX VM to be up on a different server within the same resource pool.
One big benefit of using the hypervisor’s HA functionality is that the disk compression history is not lost in the
case of a failover due to shared storage of the virtual machines. The BR VPX virtual machine booting on the
second hypervisor is using the exact same image on the shared storage as the previously failed BR VPX virtual
machine, hence no compression history is lost.
Connecting two network adapters to a single network interface
NOTE: To prevent network loops in this configuration the upstream networking device has to have
STP configured on the ports to which the hypervisor connects
4. Use cases
4.1. Accelerated datacenter servers
By installing Branch Repeater VPX on every server in the datacenter, you have a solution that scales perfectly as
you add server capacity, while minimizing the number of servers by adding acceleration to the servers
themselves. Once you have more than a few accelerated servers, the aggregate acceleration provided by
multiple Branch Repeater VPX instances will exceed anything that can be provided with a single appliance.
Branch Repeater VPX will accelerate all kinds of network applications, including XenApp, XenDesktop, Citrix
Merchandising Server, network file systems, databases, Web server, and more using HDX IntelliCache.
HDX IntelliCache adaptively orchestrates with Citrix® XenApp™ to disable the native ICA compression used for
optimizing user sessions. It then optimizes XenApp delivery across multiple user sessions by locally caching and
de‐duplicating transmission of commonly accessed data including bitmap graphics, files, print jobs and streamed
media. Branch caching for hosted applications occurs transparently, requiring no additional configuration or
tuning on the Branch Repeater appliance or XenDesktop server. It fully supports basic and advanced ICA
encryption to maintain end‐to‐end security while optimizing traffic delivered to the branch. Users in locations
without Branch Repeater and mobile users working outside the office continue to benefit from Native ICA
compression for individual user sessions. More details about HDX IntelliCache can be found in the Citrix
knowledge base:
CTX120455 ‐‐ Understanding Citrix HDX Technology for Optimizing the Branch Office
2. On the XenServer portal page click on the XenCenter installer link
3. When prompted click on Run to install the XenCenter application
4. Follow the onscreen instructions to complete the installation process
2. Click on the Download vSPhere Client link
3. When prompted click on Run to install the vSphere client application
4. Follow the onscreen instructions to complete the installation process
NOTE: In the same section you can download the user guide and release notes
6. Save the file to the local hard disk of the same PC with XenCenter installed
7. Un‐compress the zip file you downloaded to your local hard disk
8. Start the XenCenter application and connect to your XenServer
9. Click on File and click on Import
10. In the Import dialog window click on Browse
11. In the Open file dialog window browse to the BR VPX file for XenServer from your local hard disk and click
Open
12. Back in the import dialog window click on Next
13. In the next dialog select the Home Server for the BR and click on Next
14. In the next dialog select the storage for the BR VPX and click on Import
NOTE: If you intent to configure XenServer HA for the BR VPX you MUST select an external storage which is
shared by all servers in the resource pool. At minimum the advanced license must be installed on all servers
within the XenServer resource pool to enable HA. Please see the XenServer user guide for details on how to
configure external storage. The XenServer user guide can be downloaded from http://support.citrix.com
15. In the next dialog window the BR VPX interfaces are mapped to the XenServer interfaces / network cards
NOTE: If both BR VPX interfaces are assigned to the same XenServer network card or virtual network
interface you are creating a loop as described in section Avoiding Network Loops
Interface0 (example)
Interface1 (example)
16. Click on Next to continue
17. On the last screen confirm that all settings are correct and click Finish
18. The import can take anywhere from 1 to 10 min. Do not disconnect the PC from the network or close
XenCenter as the import process would be disrupted. To view the progress of the import click on the BR VPX
within XenCenter and click on the Log tab to the right
19. Within XenCenter click on Start to boot up the BR VPX
20. Click on the Console tab to the see boot up progress and to access the BR VPX CLI
21. Log on to the BR
Username: Admin
Password: password
22. In the console type the following to assign an IP address to the branch repeater (the values below are for
illustration only, you must use values that are applicable to your environment)
admin> set adapter apa ‐ip 172.16.0.213 ‐netmask 255.255.255.0 –gateway 172.16.0.1
admin> restart
23. After the BR VPX is rebooted it will be accessible via WebUI from the address you configured
24. Open your Web browser and enter the same IP address into the address bar to connect to the BR WebUI
NOTE: In the same section you can download the user guide and release notes
6. Save the file to the local hard disk of the same PC with vSphere Client installed
7. Un‐compress the zip file you downloaded to your local hard disk
8. Start the vSphere client application and connect to your vSphere server
9. Click on File and select Deploy OVF Template from the dropdown menu
10. In the Deploy OVF Template dialog window click on Browse
11. In the Open file dialog window browse to the BR VPX file for XenServer from your local hard disk and click
Open
12. Back in the import dialog window click on Next
13. Name the BR VPX image and click on Next
14. In the next dialog select the storage for the BR VPX and click on Next
NOTE: If you intent to configure vSphere HA for the BR VPX you MUST select an external storage which is
shared by all servers in the resource pool. At minimum the vSphere essentials Plus license must be installed
on all servers within the vSphere resource pool to enable HA. Please see the vSphere user guide for details
on how to configure external storage and HA. The vSphere user guide can be downloaded from
http://www.vmware.com/support/pubs/
15. In the Disk Format dialog select Thick provisioning format and click on Next
16. In the next dialog window the BR VPX interfaces are mapped to the XenServer interfaces / network cards
NOTE: If both BR VPX interfaces are assigned to the same XenServer network card or virtual network
interface you are creating a loop as described in section Avoiding Network Loops
17. Click on Next to continue
18. On the last screen confirm that all settings are correct and click Finish
19. The import can take anywhere from 1 to 10 min. Do not disconnect the PC from the network or close
vSphere client as the import process would be disrupted.
20. Within vSphere client click on the Play button to boot up the BR VPX
21. Click on the Console tab to the see boot up progress and to access the BR VPX CLI
22. Log on to the BR
Username: Admin
Password: password
23. In the console type the following to assign an IP address to the branch repeater (the values below are for
illustration only, you must use values that are applicable to your environment)
admin> set adapter apa ‐ip 172.16.0.213 ‐netmask 255.255.255.0 –gateway 172.16.0.1
admin> restart
24. After the BR VPX is rebooted it will be accessible via WebUI from the address you configured
25. Open your Web browser and enter the same IP address into the address bar to connect to the BR WebUI
5.2. HA
5.2.1. XenServer High Availability
To configure XenServer HA please revisit the chapter XenServer / vSphere Server HA Requirements to ensure the
XenServer HA prerequisites are met
To configure XenServer HA
1. Start the XenCenter application and connect to your XenServer
2. Select the Resource Pool at the root and click on the HA tab on the right
3. Within the HA tab click on Enable HA
4. Click Next in the Prerequisite screen
5. Select a heartbeat storage that will be used to monitor the availability and health of servers in the resource
pool. Heartbeat storage must be shared storage. Click on Next
6. If there are more than 3 servers in the resource pool reduce the Number of server failures to allow down to
3
7. Select the BR VPX from the list of virtual machines running in your resource pool and select Restart first
from the Restart priority dropdown menu
8. Click on Next
9. Verify the accuracy of the setting on the last screen and click on Finish to complete the HA wizard
10. XenCenter will change to the log screen automatically where the HA setup status is displayed. The process
will take anywhere between 1 – 5 min
NOTE: Do not close XenCenter or the operation will not complete