After selecting the best matching deployment modes, it's time to start the installation. It always starts with configuration of the management interface for physical appliances or the accelerated bridge port for the virtual appliance.
The default management IP of the physical appliance is 192.168.100.1.
Some of the deployment modes require additional configuration settings in the Citrix CloudBridge appliance; for example, WCCP needs to be enabled as a feature before WCCP is supported.
In order to use the Citrix CloudBridge features, we need to install the license. The license could be installed on the appliance or from the Citrix License Server configured in your network.
The license file will be registered on the host ID. This host ID can be found in the Citrix CloudBridge appliance. After a reboot, the features are available and ready for configuring.
The compression technology from Citrix CloudBridge can be enabled as a feature. The built-in compression algorithm scans the data. In the data Citrix CloudBridge will search for strings of data that match strings that have sent before. When there is no match the data will be sent from the original source. If there is a match the compressed data will be sent to the destination. So it could be possible that gigabytes of data can be represented by a pointer that contains only a few bytes. Only those few bytes will be sent over the connection.
The compression engine is limited by the configured and available size of the compression history. The traditional compression algorithms in the Citrix CloudBridge appliance use compression histories of 64 KB or less. So, the more matches the compression algorithms can find, the better the compression ratio will be.
One of the advantages of a large compression history is that precompressed data will be compressed easily again with Citrix CloudBridge. A PNG image, for example, isn't compressed the first time. But whenever the file needs to be sent again the entire transfer is reduced to just the compression information, even if the file is sent by different users or with different protocols.
Normally, encrypted traffic can't be compressed because of the security layer, but Citrix CloudBridge can compress encrypted connection when Citrix CloudBridge is part of the security infrastructure. Citrix CloudBridge will join the security infrastructure automatically with Citrix XenApp/XenDesktop, SSL, CIFS, and MAPI joined manually.
As we said in the previous chapter, encrypted traffic can't be accelerated by default because Citrix CloudBridge can't look into the package. So by default Citrix CloudBridge appliance isn't capable of optimizing CIFS, SMB, MAPI, and SSL traffic.
To get access to the CIFS, SMB, and MAPI secure traffic we need to configure Citrix CloudBridge as a member of the domain. Citrix CloudBridge can't be an actual member server but with the right configuration Citrix CloudBridge can see the encrypted traffic through a created delegated user in the Active Directory. This delegated user needs special permission. The configuration of the delegated user can be found here: http://support.citrix.com/proddocs/topic/cloudbridge-74/cb-conf-sec-win-traffic-con.html.
If we don't configure the Citrix CloudBridge appliance with a delegated user, CIFS, SMB, and MAPI encrypted traffic can't be accelerated.
CIFS acceleration has three parts:
- TCP flow-control acceleration: This is performed on all accelerated CIFS connections, regardless of protocol version.
- CIFS protocol acceleration: This optimization functionality increases the CIFS performance by reducing the number of round-trips needed for running a CIFS command. These optimizations are performed automatically on SMB1 and SMB2 CIFS connections.
- CIFS compression: CIFS connections are compressed automatically whenever they meet the requirements.
|
SMB version |
TCP flow control |
Compression |
Protocol acceleration |
|---|---|---|---|
|
Signing disabled | |||
|
SMB 1.0 |
Y |
Y |
Y |
|
SMB 2.0 |
Y |
Y |
Y |
|
SMB 2.1 |
Y |
Y |
N |
|
SMB 3.0 |
Y |
Y |
N |
|
Signing enabled, CloudBridge has joined domain | |||
|
SMB 1.0 |
Y |
Y |
Y |
|
SMB 2.0 |
Y |
Y |
Y |
|
SMB 2.1 |
Y |
Y |
N |
|
SMB 3.0 |
Y |
Y |
N |
|
Signing enabled, CloudBridge has not joined domain | |||
|
SMB 1.0 |
Y |
N |
N |
|
SMB 2.0 |
Y |
N |
N |
|
SMB 2.1 |
Y |
N |
N |
|
SMB 3.0 |
Y |
N |
N |
SSL compression is also one of the supported features. SSL compression can be configured with two modes: transparent proxy or split proxy.
- SSL transparent proxy: In this mode the server-side appliance (the appliance closest to the server) will act as the server. The SSL server private keys are installed on Citrix CloudBridge appliance. This mode supports client authentication, but Temp RSA and Diffie-Hellman aren't supported.
- SSL split proxy: In this mode the server-side appliance will act as the server to the client, and as a client to the server. The SSL server private keys are installed on the server-side appliance to allow it to act on the server's behalf.
Traffic shaping is a sort of Quality of Service (QoS) for link connections. For a lot of MPLS/WAN connections, QoS is very expensive or impossible to enable. When using Citrix CloudBridge it's possible to have QoS. The traffic shaping feature is highly configurable when necessary, but the default settings are fine in the most circumstances.
Traffic shaping is based on bandwidth-limited fair queuing. The feature applies policies to determine the right mix of traffic. Every traffic connection has a policy configured. The traffic shaping policy will be examined in a three-stage process:
- The traffic will be examined by the application classifier to determine the type of application.
- The application is looked up in the service-class list.
- Finally, the policy will get the configured priority and other parameters for this traffic.
XenApp/XenDesktop acceleration uses three components:
- Compression: The Citrix CloudBridge appliance cooperates with XenApp and XenDesktop clients and servers to compress the data streams for interactive data (such as: mouse, keyboard, display, and audio) and batch data (printing and file transfers). XenApp/XenDesktop compression requires no configuration changes on the Citrix CloudBridge appliance.
- Multistream ICA: The Citrix CloudBridge appliance has support for the Multistream ICA protocol. This multistream ICA protocol can be enabled on the Citrix XenApp/XenDesktop environment as well as on the Citrix CloudBridge appliance. When the multistream ICA protocol is enabled, the ICA protocol will be split into four different connections; this provides better responsiveness and priority definition.
- Traffic shaping: Citrix CloudBridge traffic shaping uses the priority settings in the Citrix XenApp/XenDesktop data protocols. It's possible to adjust the priority of all the available virtual channels of the ICA protocol. So it's possible to give the file transfer channel a lower priority than for example the display virtual channel.