Linux Virtual Delivery Agent

Rendezvous V2 (preview)

When using the Citrix Gateway service, the Rendezvous protocol allows traffic to bypass the Citrix Cloud Connectors and connect directly and securely with the Citrix Cloud control plane.

There are two types of traffic to consider: 1) control traffic for VDA registration and session brokering; 2) HDX session traffic.

Rendezvous V1 allows for HDX session traffic to bypass Cloud Connectors, but it still requires Cloud Connectors to proxy all control traffic for VDA registration and session brokering.

Standard AD domain joined machines and non-domain joined machines are supported for using Rendezvous V2 with single-session and multi-session Linux VDAs. With non-domain joined machines, Rendezvous V2 allows for both HDX traffic and control traffic to bypass the Cloud Connectors.

Requirements

The requirements for using Rendezvous V2 are:

  • Access to the environment using Citrix Workspace and Citrix Gateway service.
  • Control Plane: Citrix Virtual Apps and Desktops Service (Citrix Cloud).
  • VDA version 2201 or later.
  • Enable the Rendezvous protocol in the Citrix policy. For more information, see Rendezvous protocol policy setting.
  • The VDAs must have access to https://*.nssvc.net, including all subdomains. If you cannot whitelist all subdomains in that manner, use https://*.c.nssvc.net and https://*.g.nssvc.net instead. For more information, see the Internet Connectivity Requirements section of the Citrix Cloud documentation (under Virtual Apps and Desktop service) and the Knowledge Center article CTX270584.
  • The VDAs must be able to connect to the addresses mentioned previously:
    • On TCP 443, for TCP Rendezvous.
    • On UDP 443, for EDT Rendezvous.

Proxy configuration

The Linux VDA currently does not support Rendezvous V2 connections through a proxy.

How to configure Rendezvous V2

Following are the steps for configuring Rendezvous in your environment:

  1. Make sure that all requirements are met.
  2. After the VDA is installed, run the following command to set the required registry key:

    /opt/Citrix/VDA/bin/ctxreg create -k "HKLM\Software\Citrix\VirtualDesktopAgent" -t "REG_DWORD" -v "GctRegistration" -d "0x00000001" --force
    <!--NeedCopy-->
    
  3. Restart the VDA machine.
  4. Create a Citrix policy, or edit an existing one:
    • Set the Rendezvous Protocol setting to Allowed.
    • Ensure that the Citrix policy filters are set properly. The policy applies to the machines that need Rendezvous enabled.
    • Ensure that the Citrix policy has the correct priority so that it does not overwrite another one.

Rendezvous validation

To check whether a session is using the Rendezvous protocol, run the /opt/Citrix/VDA/bin/ctxqurey -f iP command in the terminal.

The transport protocols displayed indicate the type of connection:

  • TCP Rendezvous: TCP - TLS - CGP - ICA
  • EDT Rendezvous: UDP - DTLS - CGP - ICA
  • Not Rendezvous: TCP - CGP - ICA

If Rendezvous V2 is in use, the protocol version shows 2.0.

Tip:

If you enable Rendezvous and the VDA can’t reach the Citrix Gateway service directly, the VDA falls back to proxy the HDX session through the Cloud Connector.

Rendezvous V2 (preview)