Best Practices for Configuring Provisioning Services Server on a Network

Source: Citrix KB: Best Practices for Configuring Provisioning Services Server on a Network

  • CTX117374
  • Created onMar 26, 2014
  • Updated onOct 21, 2014
Article Topic : Configuration, Performance

Information

This article explains the best practices when configuring Citrix Provisioning Server on a network.Use these best practices when troubleshooting issues such as slow performance, image build failures, lost connections to the streaming server, or excessive retries from the target device.

Disabling Spanning Tree or Enabling PortFast

With Spanning Tree Protocol (STP) or Rapid Spanning Tree Protocol, the ports are placed into a Blocked state while the switch transmits Bridged Protocol Data Units (BPDUs) and listens to ensure the BPDUs are not in a loopback configuration.

The amount of time it takes to complete this convergence process depends on the size of the switched network, which might allow the Pre-boot Execution Environment (PXE) to time out.

To resolve this issue, disable STP on edge-ports connected to clients or enable PortFast or Fast Link depending on the managed switch brand. Refer to the following table:

Switch Manufacturer Fast Link Option Name
Cisco PortFast or STP Fast Link
Dell Spanning Tree FastLink
Foundry Fast Port
3COM Fast Start

Large Send Offload

  • The TCP Large Send Offload option allows the AIX TCP layer to build a TCP message up to 64 KB long and send it in one call down the stack through IP and the Ethernet device driver. The adapter then re-segments the message into multiple TCP frames to transmit on the wire. The TCP packets sent on the wire are either 1500-byte frames for a Maximum Transmission Unit (MTU) of 1500 or up to 9000-byte frames for a MTU of 9000 (jumbo frames).
  • Re-segmenting and storing packets to send in large frames causes latency and timeouts to the Provisioning Server. This should be disabled on all Provisioning Servers and clients.
  • To disable Large Send Offload, open the Network Interface Card (NIC) properties and select the Advanced tab.
    Some NICs do not offer this setting in the properties page. In this case, you must change a registry key change to disable Large Send Offload. To disable, add the following entry to the registry:Caution! Refer to the Disclaimer at the end of this article before using Registry Editor.
  • Target DeviceNote: For Provisioning Server 6.0 and beyond, BNNS driver is no longer used for Windows 7 and 2008, so this registry key is not applicable. However, BNNS is still used for windows XP and 2003.HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesBNNSParameters
    DWORD = EnableOffload
    Value: “0”
  • Provisioning Server and Target DeviceHKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTCPIPParameters
    Key: “DisableTaskOffload” (dword)
    Value: “1”

Auto Negotiation

Auto Negotiation can cause long starting times and PXE timeouts, especially when starting multiple target devices. Citrix recommends hard coding all Provisioning Server ports (server and client) on the NIC and on the switch.

Stream Service Isolation

New advancements in network infrastructure, such as 10 Gb networking, may not require the stream service to be isolated from other traffic. If security is of primary concern, then Citrix recommends isolating or segmenting the PVS stream traffic from other production traffic. However, in many cases, isolating the stream traffic can lead to a more complicated networking configuration and actually decrease network performance in some cases. For more information on whether the streaming traffic should be isolated, refer the following article:

Is Isolating the PVS Streaming Traffic Really a Best Practice?

Firewall and Server to Server Communication Ports

Open the following ports in both directions:

  • UDP 6892 and 6904 (For Soap to Soap communication – MAPI and IPC)
  • UDP 6905 (For Soap to Stream Process Manager communication)
  • UDP 6894 (For Soap to Stream Service communication)
  • UDP 6898 (For Soap to Mgmt Daemon communication)
  • UDP 6895 (For Inventory to Inventory communication)
  • UDP 6903 (For Notifier to Notifier Communication)

Disclaimer

Caution! Using Registry Editor incorrectly can cause serious problems that might require you to reinstall your operating system. Citrix cannot guarantee that problems resulting from the incorrect use of Registry Editor can be solved. Use Registry Editor at your own risk. Be sure to back up the registry before you edit it.
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s