Product Documentation

Support for DTLS protocol

Note

DTLS is supported on Citrix ADC MPX/SDX (N2 and N3 based), VPX, and MPX 14000 FIPS appliances. It is not supported on Intel Coleto SSL chip based appliances and external HSMs.

Citrx ADC MPX 14000 FIPS platform is supported in build 12.1-49.x and later.

The Citrix ADC appliance supports only DTLS 1.0 protocol.

The SSL and TLS protocols have traditionally been used to secure streaming traffic. Both of these protocols are based on TCP, which is very slow. In addition, TLS cannot handle lost or reordered packets.

UDP is the preferred protocol for audio and video applications, such as Lync, Skype, iTunes, YouTube, training videos, and flash. However, UDP is not secure or reliable. The DTLS protocol is designed to secure data over UDP and is used for applications such as media streaming, VOIP, and online gaming for communication. In DTLS, each handshake message is assigned a specific sequence number within that handshake. When a peer receives a handshake message, it can quickly determine whether that message is the next one expected. If it is, the peer processes the message. If not, the message is queued for handling after all the previous messages have been received.

You must create a DTLS virtual server and a service of type UDP. By default, a DTLS profile (nsdtls_default_profile) is bound to the virtual server. Optionally, you can create and bind a user-defined DTLS profile to the virtual server.

Note: RC4 ciphers are not supported on a DTLS virtual server.

DTLS configuration

You can use the command line (CLI) or the configuration utility (GUI) to configure DTLS on your ADC appliance.

Create a DTLS configuration by using the CLI

At the command prompt, type:

add lb vserver <vserver_name> DTLS <IPAddress>  <port>
add service  <service_name>  <IPAddress> UDP 443
bind lb vserver  <vserver_name>  <udp_service_name>

The following steps are optional:

add dtlsProfile dtls1 -maxretryTime <positive_integer>
set ssl vserver <vserver_name> -dtlsProfileName <dtls_profile_name>

Create a DTLS configuration by using the GUI

  1. Navigate to Traffic Management > Load Balancing > Virtual Servers.
  2. Create a virtual server of type DTLS, and bind a UDP service to the virtual server.
  3. A default DTLS profile is bound to the DTLS virtual server. To bind a different profile, in SSL Parameters, select a different DTLS profile. To create a new profile, click the plus (+) next to DTLS Profile.

Support for SNI on a DTLS virtual server

From release 12.1 build 49.x, SNI is supported on a DTLS virtual server. For information about SNI, see Configure an SNI virtual server for secure hosting of multiple sites.

Configure SNI on a DTLS virtual server by using the CLI

At the command prompt, type:

set dtls vserver <vServerName> -SNIEnable ENABLED
bind dtls vserver <vServerName> -certkeyName <string> -SNICert
show dtls vserver <vServerName>

Example:

set ssl vserver v1 -sniEnable ENABLED
bind ssl vserver  v1 -certkeyName san2 -sniCert
bind ssl vserver  v1 -certkeyName san13 –sniCert
bind ssl vserver  v1 -certkeyName san17 –sniCert
sh ssl vserver v1

Advanced SSL configuration for VServer v1:
DH: DISABLED
DH Private-Key Exponent Size Limit: DISABLED
Ephemeral RSA: ENABLED
Refresh Count: 0
Session Reuse: ENABLED
Timeout: 1800 seconds
Cipher Redirect: DISABLED

ClearText Port: 0
Client Auth: DISABLED
SSL Redirect: DISABLED
Non FIPS Ciphers: DISABLED
SNI: ENABLED
OCSP Stapling: DISABLED
HSTS: DISABLED
HSTS IncludeSubDomains: NO
HSTS Max-Age: 0
DTLSv1: ENABLED
Send Close-Notify: YES
Strict Sig-Digest Check: DISABLED
Zero RTT Early Data: DISABLED
DHE Key Exchange With PSK: NO
Tickets Per Authentication Context: 1

DTLS profile name: nsdtls_default_profile

ECC Curve: P_256, P_384, P_224, P_521

1) CertKey Name: ca
CA Certificate  OCSPCheck: OptionalCA_Name Sent
2) CertKey Name: san2 Server Certificate for SNI
3) CertKey Name: san17 Server Certificate for SNI
4) CertKey Name: san13 Server Certificate for SNI


1) Cipher Name: DEFAULT
Description: Default cipher list with encryption strength >= 128bit
Done

Configure SNI on a DTLS virtual server by using the GUI

  1. Navigate to Traffic Management > Load Balancing > Virtual Servers.
  2. Open a DTLS virtual server and, in Certificates, click Server Certificate.
  3. Add a new certificate or select a certificate from the list and select Server Certificate for SNI.
  4. In Advanced Settings, click SSL Parameters.
  5. Select SNI Enable.

Features not supported by a DTLS virtual server

The following options cannot be enabled on a DTLS virtual server:

  • SSLv2
  • SSLv3
  • TLSv1
  • TLSv1.1
  • TLSv1.2
  • Push encrypt trigger
  • SSLv2Redirect
  • SSLv2URL
  • Secure renegotiation

Parameters not used by a DTLS virtual server

The following SSL parameters, even if set, are ignored by a DTLS virtual server:

  • Encryption trigger packet count
  • PUSH encryption trigger timeout
  • SSL quantum size
  • Encryption trigger timeout
  • Subject/Issuer Name Insertion Format

Configure renegotiation on a DTLS service

From build 49.x, non-secure renegotiation is supported on a DTLS service. You can use the CLI or the GUI to configure this setting.

Configure renegotiation on a DTLS service by using the CLI

At the command prompt, type:

set ssl parameter -denysslreneg NONSECURE

Example:

set ssl parameter -denysslreneg NONSECURE
sh ssl parameter
Advanced SSL Parameters
-----------------------
SSL quantum size                                      : 8 KB
Max CRL memory size                                   : 256 MB
Strict CA checks                                      : NO
Encryption trigger timeout                            : 100 ms
Send Close-Notify                                     : YES
Encryption trigger packet count                       : 45
Deny SSL Renegotiation                                : NONSECURE
Subject/Issuer Name Insertion Format                  : Unicode
OCSP cache size                                       : 10 MB
Push flag                                             : 0x0 (Auto)
Strict Host Header check for SNI enabled SSL sessions : NO
PUSH encryption trigger timeout                       : 1 ms
Crypto Device Disable Limit                           : 0
Global undef action for control policies              : CLIENTAUTH
Global undef action for data policies                 : NOOP
Default profile                                       : DISABLED
SSL Insert Space in Certificate Header                : YES
Disable TLS 1.1/1.2 for SSL_BRIDGE secure monitors    : NO
Disable TLS 1.1/1.2 for dynamic and VPN services      : NO
Software Crypto acceleration CPU Threshold            : 0
Hybrid FIPS Mode                                      : DISABLED
Signature and Hash Algorithms supported by TLS1.2     : ALL
SSL Interception Error Learning and Caching           : DISABLED
SSL Interception Maximum Error Cache Memory           : 0 Bytes
Done

Configure renegotiation on a DTLS service by using the GUI

  1. Navigate to Traffic Management > Load Balancing > Services.
  2. Select a DTLS service and click Edit.
  3. Navigate to SSL > Advanced Settings.
  4. Select Deny SSL Renegotiation.

Features not supported by a DTLS service

The following options cannot be enabled on a DTLS service:

  • SSLv2
  • SSLv3
  • TLSv1
  • TLSv1.1
  • TLSv1.2
  • Push encrypt trigger
  • SSLv2Redirect
  • SSLv2URL
  • SNI
  • Secure renegotiation

Parameters not used by a DTLS service

The following SSL parameters, even if set, are ignored by a DTLS service:

  • Encryption trigger packet count
  • PUSH encryption trigger timeout
  • SSL quantum size
  • Encryption trigger timeout
  • Subject/Issuer Name Insertion Format

Note:

SSL session reuse handshake fails on a DTLS service because session reuse is not currently supported on DTLS services.

Workaround: Manually disable session reuse on a DTLS service. At the CLI, type:

set ssl service <dtls-service-name> -sessReuse DISABLED

DTLS profile

A DTLS profile with the default settings is automatically bound to a DTLS virtual server. However, you can create a new DTLS profile with specific settings to suit your requirement.

You must use a DTLS profile with a DTLS virtual server or a VPN DTLS virtual server. You cannot use an SSL profile with a DTLS virtual server.  

Create a DTLS profile by using the CLI

add ssl dtlsProfile <name>

show ssl dtlsProfile<name>

Example:

> add dtlsProfile dtls1 -helloVerifyRequest ENABLED -maxretryTime 4

Done

> show dtlsProfile dtls1

    1)      Name: dtls1
            PMTU Discovery: DISABLED
            Max Record Size: 1460 bytes
            Max Retry Time: 4 sec
            Hello Verify Request: ENABLED
            Terminate Session: DISABLED
            Max Packet Count: 120 bytes
     Done

Create a DTLS profile by using the GUI

Navigate to System > Profiles > DTLS Profiles ** and configure a new profile.

Example for an end-to-end DTLS configuration

enable ns feature SSL LB

add server s1 198.51.100.2

en ns mode usnip

add service svc_dtls s1 DTLS 443

add lb vserver v1 DTLS 10.102.59.244 443

bind ssl vserver v1 -ciphername ALL

add ssl certkey servercert -cert servercert_aia_valid.pem -key serverkey_aia.pem

bind ssl vserver v1 -certkeyname servercert

bind lb vserver lb1 svc_dtls

sh lb vserver v1

                    v1 (10.102.59.244:4433) - DTLS     Type: ADDRESS
                    State: UP
                    Last state change was at Fri Apr 27 07:00:27 2018
                    Time since last state change: 0 days, 00:00:04.810
                    Effective State: UP
                    Client Idle Timeout: 120 sec
                    Down state flush: ENABLED
                    Disable Primary Vserver On Down : DISABLED
                    Appflow logging: ENABLED
                    No. of Bound Services :  1 (Total) 0 (Active)
                    Configured Method: LEASTCONNECTION
                    Current Method: Round Robin, Reason: A new service is bound         BackupMethod: ROUNDROBIN
                    Mode: IP
                    Persistence: NONE
                    L2Conn: OFF
                    Skip Persistency: None
                    Listen Policy: NONE
                    IcmpResponse: PASSIVE
                    RHIstate: PASSIVE
                    New Service Startup Request Rate: 0 PER_SECOND, Increment Interval: 0
                    Mac mode Retain Vlan: DISABLED
                    DBS_LB: DISABLED
                    Process Local: DISABLED
                    Traffic Domain: 0
                    TROFS Persistence honored: ENABLED
                    Retain Connections on Cluster: NO

    1) svc_dtls (10.102.59.190: 4433) - DTLS State: UP  Weight: 1
Done


    > sh ssl vserver v1

                    Advanced SSL configuration for VServer v1:
                    DH: DISABLED
                    DH Private-Key Exponent Size Limit: DISABLED        Ephemeral RSA: ENABLED                               Refresh Count: 0
                    Session Reuse: ENABLED                 Timeout: 1800 seconds
                    Cipher Redirect: DISABLED
                    ClearText Port: 0
                    Client Auth: DISABLED
                    SSL Redirect: DISABLED
                    Non FIPS Ciphers: DISABLED
                    SNI: DISABLED
                    OCSP Stapling: DISABLED
                    HSTS: DISABLED
                    HSTS IncludeSubDomains: NO
                    HSTS Max-Age: 0
                    DTLSv1: ENABLED
                    Send Close-Notify: YES
                    Strict Sig-Digest Check: DISABLED
                    Zero RTT Early Data: DISABLED
                    DHE Key Exchange With PSK: NO
                    Tickets Per Authentication Context: 1
                    DTLS profile name: nsdtls_default_profile

                    ECC Curve: P_256, P_384, P_224, P_521

    1)            CertKey Name: servercert               Server Certificate

    1)            Cipher Name: DEFAULT
                    Description: Default cipher list with encryption strength >= 128bit

    2)            Cipher Name: ALL
                    Description: All ciphers supported by NetScaler, excluding NULL ciphers
     Done

> sh service svc_dtls

                    svc_dtls (10.102.59.190:4433) - DTLS
                    State: UP
                    Last state change was at Fri Apr 27 07:00:26 2018
                    Time since last state change: 0 days, 00:00:22.790
                    Server Name: s1
                    Server ID : None                 Monitor Threshold : 0
                    Max Conn: 0        Max Req: 0           Max Bandwidth: 0 kbits
                    Use Source IP: NO
                    Client Keepalive(CKA): NO
                    Access Down Service: NO
                    TCP Buffering(TCPB): NO
                    HTTP Compression(CMP): NO
                    Idle timeout: Client: 120 sec           Server: 120 sec
                    Client IP: DISABLED
                    Cacheable: NO
                    SC: OFF
                    SP: OFF
                    Down state flush: ENABLED
                    Monitor Connection Close : NONE
                    Appflow logging: ENABLED
                    Process Local: DISABLED
                    Traffic Domain: 0

    1)            Monitor Name: ping-default
                                    State: UP               Weight: 1              Passive: 0
                                   Probes: 5              Failed [Total: 0 Current: 0]
                                    Last response: Success - ICMP echo reply received.
                       Response Time: 2.77 millisec
     Done

    > sh ssl service svc_dtls

                    Advanced SSL configuration for Back-end SSL Service svc_dtls:
                    DH: DISABLED
                    DH Private-Key Exponent Size Limit: DISABLED        Ephemeral RSA: DISABLED
                    Session Reuse: ENABLED                 Timeout: 1800 seconds
                    Cipher Redirect: DISABLED
                    ClearText Port: 0
                    Server Auth: DISABLED
                    SSL Redirect: DISABLED
                    Non FIPS Ciphers: DISABLED
                    SNI: DISABLED
                    OCSP Stapling: DISABLED
                    DTLSv1: ENABLED
                    Send Close-Notify: YES
                    Strict Sig-Digest Check: DISABLED
                    Zero RTT Early Data: ???
                    DHE Key Exchange With PSK: ???
                    Tickets Per Authentication Context: ???
                    DTLS profile name: nsdtls_default_profile
                    ECC Curve: P_256, P_384, P_224, P_521
    1)            Cipher Name: DEFAULT_BACKEND
                    Description: Default cipher list for Backend SSL session
     Done


> sh dtlsProfile nsdtls_default_profile

    1)            Name: nsdtls_default_profile
                    PMTU Discovery: DISABLED
                    Max Record Size: 1459 bytes
                    Max Retry Time: 3 sec
                    Hello Verify Request: DISABLED
                    Terminate Session: DISABLED
                    Max Packet Count: 120 bytes
     Done

DTLS cipher support

Note: From release 12.1 build 49.x, ADH ciphers are no longer supported with the DTLS protocol.

How to read the tables:

Unless a build number is specified, a cipher suite is supported for all builds in a release.

Example:

  • 10.5, 11.0, 11.1, 12.0, 12.1: All builds of 10.5, 11.0, 11.1, 12.0, 12.1 releases.
  • NA: not applicable.

DTLS cipher support on Citrix ADC VPX, MPX/SDX (N2 and N3 based) appliances

Cipher Suite Name Hex Code Wireshark Cipher Suite Name Builds Supported (frontend) Builds Supported (backend)
TLS1-AES-256-CBC-SHA 0x0035 TLS_RSA_WITH_AES_256_CBC_SHA 11.0, 11.1, 12.0, 12.1 12.0, 12.1
TLS1-AES-128-CBC-SHA 0x002f TLS_RSA_WITH_AES_128_CBC_SHA 11.0, 11.1, 12.0, 12.1 12.0, 12.1
SSL3-DES-CBC-SHA 0x0009 TLS_RSA_WITH_DES_CBC_SHA 11.0, 11.1, 12.0, 12.1 NA
SSL3-DES-CBC3-SHA 0x000a TLS_RSA_WITH_3DES_EDE_CBC_SHA 11.0, 11.1, 12.0, 12.1 12.0, 12.1
SSL3-EDH-RSA-DES-CBC3-SHA 0x0016 TLS_DHE_RSA_WITH_3DES_EDE_CBC_S 11.0, 11.1, 12.0, 12.1 NA
SSL3-EDH-RSA-DES-CBC-SHA 0x0015 TLS_DHE_RSA_WITH_DES_CBC_SHA 11.0, 11.1, 12.0, 12.1 NA
TLS1-ECDHE-RSA-AES256-SHA 0xc014 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 12.1 12.1
TLS1-ECDHE-RSA-AES128-SHA 0xc013 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 12.1 12.1
TLS1-ECDHE-RSA-DES-CBC3-SHA 0xc012 TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA 12.1 NA
TLS1-DHE-RSA-AES-128-CBC-SHA 0x0033 TLS_DHE_RSA_WITH_AES_128_CBC_SHA 12.1 12.1
TLS1-DHE-RSA-AES-256-CBC-SHA 0x0039 TLS_DHE_RSA_WITH_AES_256_CBC_SHA 12.1 12.1

DTLS cipher support on the Citrix ADC MPX 14000 FIPS platform

Note: Enlightened Data Support (EDT) is supported on the FIPS platform in build 49.x and later if all of the following conditions are met:

  • UDT MSS value set on StoreFront is 900.
  • Windows client version is 4.12 or later.
  • DTLS enabled VDA version is 7.17 or later.
  • Non-DTLS VDA version is 7.15 LTSR CU3 or later.
Ciphersuite Name Hex Code Wireshark Ciphersuite Name Builds Supported (frontend) Builds Supported (backend)
TLS1-AES-256-CBC-SHA 0x0035 TLS_RSA_WITH_AES_256_CBC_SHA 11.0, 11.1, 12.0, 12.1-49.x 12.0, 12.1-49.x
TLS1-AES-128-CBC-SHA 0x002f TLS_RSA_WITH_AES_128_CBC_SHA 11.0, 11.1, 12.0, 12.1-49.x 12.0, 12.1-49.x
SSL3-DES-CBC-SHA 0x0009 TLS_RSA_WITH_DES_CBC_SHA 11.0, 11.1, 12.0, 12.1-49.x NA
SSL3-DES-CBC3-SHA 0x000a TLS_RSA_WITH_3DES_EDE_CBC_SHA 11.0, 11.1, 12.0, 12.1-49.x 12.0, 12.1-49.x
SSL3-EDH-RSA-DES-CBC3-SHA 0x0016 TLS_DHE_RSA_WITH_3DES_EDE_CBC_S 11.0, 11.1, 12.0, 12.1-49.x NA
SSL3-EDH-RSA-DES-CBC-SHA 0x0015 TLS_DHE_RSA_WITH_DES_CBC_SHA 11.0, 11.1, 12.0, 12.1-49.x NA
TLS1-ECDHE-RSA-AES256-SHA 0xc014 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 12.1-49.x 12.1-49.x
TLS1-ECDHE-RSA-AES128-SHA 0xc013 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 12.1-49.x 12.1-49.x
TLS1-ECDHE-RSA-DES-CBC3-SHA 0xc012 TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA 12.1-49.x NA
TLS1-DHE-RSA-AES-128-CBC-SHA 0x0033 TLS_DHE_RSA_WITH_AES_128_CBC_SHA 12.1-49.x 12.1-49.x
TLS1-DHE-RSA-AES-256-CBC-SHA 0x0039 TLS_DHE_RSA_WITH_AES_256_CBC_SHA 12.1-49.x 12.1-49.x

DTLS cipher support to achieve Perfect Forward Secrecy (PFS)

  • SSL3-EDH-RSA-DES-CBC3-SHA (frontend only)
  • SSL3-EDH-RSA-DES-CBC-SHA (frontend only)
  • TLS1-ECDHE-RSA-AES256-SHA
  • TLS1-ECDHE-RSA-AES128-SHA
  • TLS1-ECDHE-RSA-DES-CBC3-SHA (frontend only)
  • TLS1-DHE-RSA-AES-128-CBC-SHA
  • TLS1-DHE-RSA-AES-256-CBC-SHA