Citrix Virtual Apps and Desktops service

Adaptive transport

Adaptive Transport is a mechanism in Citrix Virtual Apps and Desktops that provides the ability to use Enlightened Data Transport (EDT) as the transport protocol for ICA connections. Adaptive Transport switches to TCP when EDT is not available.

EDT is a Citrix-proprietary transport protocol built on top of User Datagram Protocol (UDP). It delivers a superior user experience on challenging long-haul connections while maintaining server scalability. EDT improves data throughput for all ICA virtual channels on unreliable networks, providing a better and more consistent user experience.

Network stack

When Adaptive Transport is set to Preferred, EDT is used as the primary transport protocol and TCP is used for fallback. By default, Adaptive Transport is set to Preferred. You can set Adaptive Transport to Diagnostic mode for testing purposes, which only allows EDT and disables the fallback to TCP.

With Citrix Workspace app for Windows, Mac, and iOS, EDT, and TCP connections are attempted in parallel during the initial connection, session reliability reconnection, and automatic client reconnection. Doing so reduces the connection time if the underlying UDP transport is unavailable and TCP must be used instead. If Adaptive Transport is set to Preferred and the connection is established using TCP, Adaptive Transport continues to attempt to switch to EDT every five minutes.

With Citrix Workspace app for Linux and Android, EDT connections are attempted first. If the connection is unsuccessful, Citrix Workspace app tries to connect using TCP after the EDT request times out.

Adaptive transport

System requirements

The following are the requirements for using Adaptive Transport and EDT:

  • Control plane
    • Citrix Virtual Apps and Desktops Service
    • Citrix Virtual Apps and Desktops 1912 or later
  • Virtual Delivery Agent
    • Version 1912 or later (2103 or later recommended)
    • Version 2012 is the minimum required for using EDT with Citrix Gateway Service
  • StoreFront (applies only when used in deployment)
    • Version 3.12.x
    • Version 1912.0.x
  • Citrix Workspace app
    • Windows: version 1912 or later (2105 or later recommended)
    • Linux: version 1912 or later (2104 or later recommended)
    • Mac: version 1912 or later
    • iOS: latest version available in Apple App Store
    • Android: latest version available in Google Play
  • Citrix Gateway (ADC)
    • 13.0.52.24 or later
    • 12.1.56.22 or later
  • Firewall (from VDA perspective)
    • UDP 1494 inbound – if session reliability is disabled
    • UDP 2598 inbound – if session reliability is enabled
    • UDP 443 inbound – if VDA SSL is enabled for ICA encryption (DTLS)
    • UDP 443 outbound – if using Citrix Gateway Service. For more information, see the Citrix Gateway service documentation.

Considerations

Configuration

Adaptive Transport is enabled by default. You can configure the following options using the HDX Adaptive Transport setting in Citrix policy.

  • Preferred. This is the default setting. Adaptive Transport is enabled, and it uses EDT as the preferred transport protocol, with fallback to TCP.
  • Diagnostic mode. Adaptive Transport is enabled, and it forces the use of EDT. Fallback to TCP is disabled. This setting is recommended for testing and troubleshooting only.
  • Off. Adaptive Transport is disabled, and only TCP is used for transport.

To confirm that EDT is being used as the transport protocol for the session, you can use Director or the CtxSession.exe command-line utility on the VDA.

In Director, look up the session and select Details. If the Connection type is HDX and the Protocol is UDP, EDT is being used as the transport protocol for the session. If the Connection type is RDP, ICA is not in use, and the Protocol displays N/A. For more information, see Monitor sessions.

EDT Director

To use the CtxSession.exe utility, launch a Command Prompt or PowerShell within the session and run ctxsession.exe. To see verbose statistics, run ctxsession.exe -v. If EDT is in use, the transport protocol shows one of the following:

  • UDP > ICA (Session Reliability disabled)
  • UDP > CGP > ICA (Session Reliability enabled)
  • UDP > DTLS > CGP > ICA (ICA is DTLS-encrypted end-to-end)

EDT Session

EDT MTU Discovery

MTU Discovery allows EDT to automatically determine the Maximum Transmission Unit (MTU) when establishing a session. Doing so prevents EDT packet fragmentation that might result in performance degradation or failure to establish a session.

Requirements

  • VDA minimum version 1912 (2103 or later recommended)
  • Citrix Workspace app
    • Windows: version 1912 or later (2105 or later recommended)
    • Mac: version 2108 or later
    • Android: version 21.5 or later
  • Citrix ADC:
    • 13.0.52.24
    • 12.1.56.22
  • Session Reliability must be enabled

If you use client platforms or versions that don’t support this feature, see CTX231821 for details about configuring a custom EDT MTU that is appropriate for your environment.

Important:

MTU Discovery is not supported with Multi-Stream ICA.

To control EDT MTU Discovery on the VDA

MTU Discovery is enabled by default. To disable this feature, delete the EDT MTU Discovery registry value and restart the VDA. For more information, see the EDT MTU Discovery setting in the list of HDX features managed through the registry.

Warning:

Editing the registry incorrectly can cause serious problems that might require you to reinstall your operating system. Citrix cannot guarantee that problems resulting from the incorrect use of Registry Editor can be solved. Use Registry Editor at your own risk. Be sure to back up the registry before you edit it.

To control EDT MTU Discovery on the client

You can control EDT MTU Discovery selectively on the client by adding the MtuDiscovery parameter in the ICA file. To disable the feature, set the following under the Application section:

MtuDiscovery=Off

To re-enable the feature, remove the MtuDiscovery parameter from the ICA file.

Important:

For this ICA file parameter to work, enable the feature on the VDA. If the feature is not enabled on the VDA, the ICA file parameter has no effect.

Loss tolerant mode

Important:

  • The feature requires a minimum of Citrix Workspace app 2002 for Windows.
  • Loss tolerant mode is not supported on Citrix Gateway or Citrix Gateway Service. This mode is available only with direct connections.

Loss tolerant mode uses the EDT Lossy transport protocol to enhance the user experience for users connecting through networks with high latency and packet loss.

Initially, sessions are established using EDT. If the latency and packet loss thresholds are reached or surpassed, the applicable virtual channels switch from EDT to EDT Lossy, while leaving the other virtual channels on EDT. If the latency and packet loss decrease below the thresholds, the applicable virtual channels switch back to EDT.

The default thresholds are:

  • Packet loss: 5%
  • Latency: 300 ms (RTT)

Loss tolerant mode is enabled by default. You can disable the mode or adjust the packet loss and latency thresholds using the loss tolerant mode thresholds setting.

Requirements

  • Citrix Virtual Delivery Agent (VDA) 2003
  • Citrix Workspace app 2002 for Windows
  • Session reliability enabled. For more information about session reliability, see Session reliability policy settings.

Known issues

Adaptive Transport and EDT contain the following issues:

  • Packet fragmentation can cause performance degradation or even failure to launch sessions. You can adjust the EDT MTU to avoid this. Use MTU Discovery or the workaround described in CTX231821.

  • A gray or black screen might appear when launching a session from a Windows client if MTU Discovery is enabled. To address this issue, upgrade to Workspace app for Windows 2105 or later or Workspace app for Windows 1912 CU4 or later.

  • Fallback to TCP might fail on Linux and Android clients when connecting through Citrix Gateway or Citrix Gateway Service. This happens when there is a successful EDT negotiation between the client and the Gateway, and the EDT negotiation fails between the Gateway and the VDA. To address this issue, upgrade to Workspace app for Linux 2104 or later and Workspace app for Android 21.5 or later.

  • Asymmetrical network paths can cause MTU Discovery to fail for connections that do not go through Citrix Gateway or Citrix Gateway Service. To address this issue, upgrade to VDA version 2103 or later. [CVADHELP-16654]

  • When using Citrix Gateway or Citrix Gateway Service, asymmetrical network paths can cause MTU Discovery to fail. This is due to an issue on Gateway that causes the Don’t Fragment (DF) bit in the EDT packets’ header not to be propagated. A fix for this issue is not yet available. [CGOP-18438]

  • MTU Discovery might fail for users that connect through a DS-Lite network. Some modems fail to honor the DF bit when packet processing is enabled, preventing MTU Discovery from detecting fragmentation. In this situation, these are the available options:

    • Disable packet processing on the user’s modem.
    • Disable MTU Discovery and use a hardcoded MTU as described in CTX231821.
    • Disable Adaptive Transport to force sessions to use TCP. If only a subset of users is affected, consider disabling it on the client-side so that other users can continue to use EDT.

Troubleshoot

To troubleshoot Adaptive Transport and EDT, we suggest the following:

  1. Thoroughly review and validate the requirements, considerations, and known issues.
  2. Check if there are Citrix policies in Studio or GPO overwriting the desired HDX Adaptive Transport setting.
  3. Check if there are settings on the client overwriting the desired HDX Adaptive Transport setting. This can be a GPO preference, a setting configured using the optional Workspace app administrative template, or a manual configuration of the HDXoverUDP setting in the registry or client’s configuration file.
  4. On multi-session VDA machines, ensure that the UDP listeners are active. Open a command prompt in the VDA machine and run netstat -a -p udp. For more information, see How to Confirm HDX Enlightened Data Transport Protocol.
  5. Launch a direct session internally, bypassing the Citrix Gateway, and check the protocol in use. If the session uses EDT, the VDA is ready to use EDT for external connections through Citrix Gateway.
  6. If EDT works for direct internal connections and not for sessions going through Citrix Gateway:

    • Ensure that Session Reliability is enabled
    • Ensure that the Gateway has DTLS enabled
  7. Check if the appropriate firewall rules have been configured in both network firewalls and firewalls running on the VDA machines.
  8. Check if your users’ connections require a non-standard MTU. Connections with an effective MTU lower than 1500 bytes cause EDT packet fragmentation, which in turn can affect performance or even cause session launch failures. This issue is common when using VPN, some Wi-Fi access points, and mobile networks, such as 4G and 5G. For information on how to address this issue, see the MTU Discovery section.

Interoperability with Citrix SD-WAN

Citrix SD-WAN WAN optimization (WANOP) offers cross-session tokenized compression (data deduplication), including URL-based video caching, providing significant bandwidth reduction. The reduction occurs if two or more people at the office location watch the same client-fetched video or transfer or print significant portions of the same file or document. Furthermore, by running the processes for ICA data reduction and print job compression on the branch office appliance, WANOP offers VDA server CPU offload and enables higher Citrix Virtual Apps and Desktops server scalability.

Currently, SD-WAN WANOP does not support EDT. However, there is no need to disable Adaptive Transport if SD-WAN WANOP is in use. When a user launches a session that goes through an SD-WAN with WANOP enabled, it automatically sets the session to use TCP as the transport protocol. Non-WANOP sessions continue to use EDT whenever possible.

Adaptive transport