Recently I held session atÂ Citrix User Group conference in Norway regarding Framehawk. That resulted in a blogpost where I described my thoughts and experiences of testing the technology.
The feedback from that postÂ inspired Marius Sandbu (@msandbu)Â and meÂ to do a co-written blog where we take a look at the resource usageÂ between theÂ Framehawk and Thinwire Compatibility Mode
That post will be up in a few days time.
After my session at the cruise-ship, I was asked by some of the attendees if I could write a post with some of the info I had presented, mainly regarding installation and limitations as of today.
So, without further ado;
Framehawk is as described earlier a new protocol in the HDX stack that does marvels when we are having a connection with packet loss, something Thinwire cannot handle so well.
An important part to note is that we are depending on good bandwith when using this technology, at least a 4-5Mbps connection + 150Kbps per user. (Compared to Thinwire which has a recommendation of 1,5Mbps and 150Kbps per user
To read more about the Framehawk technology I recommend the following blog posts by Derek Thorslund and Mayunk Jain:
Framehawk came out to the public with XenDesktop Feature Pack 2 as a standalone implementationÂ , and with the release of Feature pack 3 it was supported in the VDA.
With XenDesktop 5.6 and XenApp 6.5 we used optimization technologies as Progressive display, Adaptive Display and Aero Redirection.
With XenDesktop we can now also use Legacy thinwire. Thinwire Advance (H.264), Thinwire Compatibility Mode, DCR and Framehawk.
All these possibilities gives us an the tools we need to meet the most scenarios and challenges, and still deliver a good user experience for a remote user.
The problem for the admin isÂ to know when to use what.Â Citrix has this great table where weÂ can compareÂ them.
Basically isÂ Framehawk at its peak when we have packet lossÂ with or without latency, but itÂ needs bandwidth!
So in most cases will Thinwire Plus (Thinwire Compatibilty Mode, A loved child has many names) be better to use since it needs less bandwidth,Â uses less CPU and has the best compatibility, meaning it works on allÂ endpoints, requires nothing except receiver.
To be able to use this feature we need to download FP3 from Citrix downloads and install the following components
Server hosting Citrix Director
- New version of Director to show information regarding Framehawk
- WMIProxyÂ (so theÂ directorÂ can retrieve information from the VDAs)
- Citrix Group Policy Management 7.6.300 (to be able to enable Framehawk through policies)
- Powershell modules
- New VDA for Servers and Desktops
We get the following new policies when we have installed Citrix Group Policy management on the Delivery Controller
We can now enable Framehawk and, if needed, change the ports it gonna use (Default UDP 3224 – 3324)
As ofÂ NetScaler Gateway 11.0-62.10 we finally have support for external users (which imho is where we find the use cases)
To enable this we need to do the following;
The first thing we need to do is activating DTLS on the virtual server. (DTLS is for UDP what SSL is for TCP)
This should be reflected in the overview under Basic Settings
We now need to rebind the Server Certificate so it will be valid for DTLS
Click Server certificates and choose unbind.
Click close and verify that there is no server certificate bound and the state of the virtual server is down.
Click Server Certificates once again and choose the same certificate you had bound earlier and bind it again.
You will get the following error message which you safely can ignore (according to citrix articleÂ CTX135519)
Verify that the State is up and that you have a Server Certificate bound to the Virtual Server
If you are planning to use Framehawk with iOS you have to add the following parameter in default.ica
We can monitor the sessions in Director and verifying if Framehawk is in use or not by go to the details apge in the session and scroll down to the HDX overview and click on Framehawk.
Here we are looking for two values
- Provider should show V3D3 (for desktops) or 4 (for XenApp sessions)
- Connected should show True
If it isn’t so you need to conform that the right ports are open in the firewalls.
You can use a fee tool called iPerf to do so since telnet is not able to check UDP ports.
The followingÂ picture shows which ports are used when using Framehawk or Thinwire:
There are still “a few” improvements needed when it comes to Netscaler support
- Netscaler Gateway
- Netscaler Gateway with GSLB
- Netscaler Gatewya with Unified Gateway
- HDX Insight
- Netscaler Gateway in IPv6 mode
- Multiple STA on Netscaler Gateway
- Netscaler Gateway in HA
- Netscaler Gateway Clustering
- Netscaler in Double Hop
- Multi monitor is not supported (will fall back to Thinwire)
- 4K displays is not supported (will fall back to Thinwire)
- Maximum resolution is 2048 x 2048
- Netscaler session may crash after prolonged use
- If both Legacy Mode and Framehawk is enabled,Â theÂ following will happen
- Desktop OS : Framehawk will be used
- Server OS:Â Â Â Â Legacy Mode will be used