What is a CNAME?
A DNS CNAME record, sometimes referred to as an alias record, is used to map an alias to a hostname, or more specifically map an alias to a canonical name.
A typical use case for CNAME records is where multiple services, e.g. ftp.foo.com and www.foo.com, need to be mapped to one underlying system, e.g. service123.foo.com. In this situation CNAMEs could be employed as follows:
- DNS CNAME record maps ftp.foo.com to service123.foo.com
- DNS CNAME record maps www.foo.com to service123.foo.com
- DNS A record maps service123.foo.com to its IP address
In this example if the IP address of service123.foo.com changes, only the DNS A record for service123.foo.com needs to be updated.
CNAMEs and XenDesktop
Prior to Citrix XenDesktop 7.0, a Delivery Controller (DDC) name could, by default, be specified via a CNAME record rather than a canonical name. From XenDesktop 7.0 onwards Citrix deprecated CNAME support in favour of the “Delivery Controller auto-update” feature that was introduced in that release (see Citrix article CTX137960).
CNAMEs and the Linux VDA
The ability to specify DDC names via CNAME record is still very popular with customers, so this feature has been added to version 1.1 of the Citrix Linux Virtual Desktop Agent (VDA).
Provided that CNAME support has been enabled, the Linux VDA will attempt to locate a DNS CNAME record for each configured DDC name. For each CNAME record that is found, the associated canonical name will be added to the list of DDCs to which the Linux VDA can register. If a CNAME record does not exist for a configured DDC name, then that name will be used as is in the registration process.
For example, consider the following environment:
- CNAME support is enabled in the Linux VDA
- Canonical name of the DDC is w2k12-xd76-123.central.mycorp.net
- A DNS CNAME record aliases ddc1.central.mycorp.net to w2k12-xd76-123.central.mycorp.net
In this environment if I configure the Linux VDA with a DDC name of ddc1.central.mycorp.net, the Linux VDA will implicitly register with w2k12-xd76-123.central.mycorp.net.
Regardless of whether or not CNAME support is enabled I can also configure the Linux VDA with a DDC name of w2k12-xd76-123.central.mycorp.net
Enabling CNAME Support
CNAME support is disabled by default. It can be enabled in one of two ways:
- During the post install configuration phase via the /usr/local/sbin/ctxsetup.sh configuration script.
- At any time after the post install configuration phase via the /usr/local/bin/ctxreg tool.
Enabling CNAME Support via the ctxsetup.sh Configuration Script
The configuration script may be run manually with prompting or automatically with pre-configured responses. To get help on the script run:
sudo /usr/local/sbin/ctxsetup.sh --help
When the configuration script is run manually, answering “Y” to the question “Allow DDC names to be specified via CNAMEs?” will enable CNAME support. Here is an example of the answers I would supply if I wanted to use a DNS alias of ddc1.central.mycorp.net in an environment where Active Directory integration is supplied via WinBind.
$ sudo /usr/local/sbin/ctxsetup.sh Gathering information... Checking CTX_XDL_SUPPORT_DDC_AS_CNAME. CTX_XDL_SUPPORT_DDC_AS_CNAME is not set. Allow DDC names to be specified via CNAMEs? (y/n) [n]: Y Checking CTX_XDL_DDC_LIST. CTX_XDL_DDC_LIST is not set. Please provide the FQDN of at least one DDC: ddc1.central.mycorp.net Checking CTX_XDL_VDA_PORT. CTX_XDL_VDA_PORT is not set. Enter the TCP/IP port the Virtual Delivery Agent service should use to register with the Delivery Controller : Checking CTX_XDL_REGISTER_SERVICE. CTX_XDL_REGISTER_SERVICE is not set. Register service so that XDL starts on boot? (y/n) [y]: Checking CTX_XDL_ADD_FIREWALL_RULES. CTX_XDL_ADD_FIREWALL_RULES is not set. Add firewall exceptions to allow incoming XDL connections? (y/n) [y]: Checking CTX_XDL_AD_INTEGRATION. CTX_XDL_AD_INTEGRATION is not set. What AD integration tool does this system use? 1: Winbind 2: Quest 3: Centrify Choose from the above options (1-3) : Checking CTX_XDL_START_SERVICE. CTX_XDL_START_SERVICE is not set. Start XDL service once configuration is complete? (y/n) [y]:
To enable CNAME support using pre-configured script responses set the environment variable CTX_XDL_SUPPORT_DDC_AS_CNAME to “Y” prior to running the configuration script. Here’s the same example.
export CTX_XDL_SUPPORT_DDC_AS_CNAME=Y export CTX_XDL_DDC_LIST= ddc1.central.mycorp.net export CTX_XDL_REGISTER_SERVICE=Y export CTX_XDL_ADD_FIREWALL_RULES=Y export CTX_XDL_AD_INTEGRATION=1 export CTX_XDL_START_SERVICE=Y sudo -E /usr/local/sbin/ctxsetup.sh
Enabling CNAME Support via the ctxreg Tool
To enable via the ctxreg tool, run:
sudo /usr/local/bin/ctxreg update \ -k "HKLM/Software/Citrix/VirtualDesktopAgent" \ -v "UseCnameLookup" \ -d "1"
To disable via the ctxreg tool, run:
sudo /usr/local/bin/ctxreg update \ -k "HKLM/Software/Citrix/VirtualDesktopAgent" \ -v "UseCnameLookup" \ -d "0"
Note that if CNAME support is enabled or disabled via the ctxreg tool, the Linux Broker Agent service (ctxvda) must be restarted for the change to take effect. To restart run:
sudo /sbin/service ctxvda restart
As of Linux VDA v1.1, a DDC name may be specified via a DNS alias (CNAME record). Using this feature can reduce a network administrator’s burden by minimizing the number of DNS records that need to be updated when the IP address of a server that is hosting the DDC is changed.
Enabling support for CNAME records within the Linux VDA can be as simple as answering “Y” in response to the question “Allow DDC names to be specified via CNAMEs?” when the Linux VDA is first configured.
To read more from the Linux Virtual Desktop Team, please refer to the Linux Virtual Desktop Team blog here.