With XenDesktop 5.5 and Citrix Receiver for Windows 3.0, HDX has added support for real-time transport –UDP/RTP to handle lossy and congested network access scenarios. Our use of UDP is quite unique from the industry’s other remoting protocols. HDX uses UDP only for real-time data where it makes most sense rather than using it to remote the entire desktop. In the case of real-time data delivery, timeliness is more important than reliability. By using UDP only for real-time data, we don’t need to put a complex reliability layer on top of UDP to make it behave like TCP. Also, instead of using a propriety application level protocol over UDP, we use Real Time Protocol (RTP) over UDP which is an industry standard for delivering real time data over the internet. By sticking to the standards, it will be much easier to adopt this technology in the enterprise. As most Unified Communications applications already use RTP, administrators are already familiar with this networking protocol. HDX uses UDP opportunistically so anytime UDP can’t be used for whatever reason it falls back to using TCP automatically.
How to configure UDP transport in XenDesktop 5.5
In XenDesktop 5.5 with Citrix Receiver for Windows 3.0, UDP is the preferred transport for voice-over-IP. To enable this feature, select Medium Quality optimized-for-speech Audio by using a Policy.
Once Medium quality is enabled then HDX will opportunistically try to use UDP to deliver bidirectional audio data. If it can’t use UDP to deliver audio data, it will automatically fall back to TCP transport.
UDP could be explicitly controlled by using a policy even for medium quality audio as shown below.
To get the full benefit of UDP audio for at-home workers, it is best to use an IPSec VPN. Although the Citrix Access Gateway supports UDP, it currently does so by tunneling the UDP traffic within TCP, which sacrifices the key benefits.
How to know whether UDP transport is being used?
HDX Monitor 2.0 could be used by Citrix administrators to know whether UDP is being used or not in a specific session. True value in RTP_InUse parameter indicates that UDP transport is being currently used. It also exposes other UDP transport data like the UDP port range, actual VDA side UDP port that is being used and whether UDP/RTP is enabled by a policy or not.
Firewall and UDP ports
By default this feature uses UDP port range 16500-16509 and picks up the first available port pair. During VDA installation, it opens up the UDP port range on the server side. On the client side, it doesn’t explicitly open up any UDP ports during installation of Citrix Receiver for Windows 3.0. During connection setup, Citrix Receiver uses UDP hole punching to open up the UDP port automatically. Corporate firewalls need to also open up the necessary port range for HDX-over-UDP to work.
Administrators can configure different port range if the default one is not desired using Citrix Machine Policies. The following machine policy could be used to configure a different UDP port range. Citrix Machine Policies would need a VDA reboot to take effect.
By using a separate UDP stream for real-time data, true network level QoS could be applied. Citrix Branch Repeater and other third party QoS routers can implement QoS by using the UDP port number. More information on HDX QoS capabilities could be found in Kalyan Valicherla’s recent blog post on Multi-Stream ICA.