Display Protocol Design

apprehensiveheehawNetworking and Communications

Oct 26, 2013 (3 years and 9 months ago)

593 views

© 2012 VMware Inc. All rights reserved

Display Protocol Design

Module 5

5
-
2

© 2012 VMware Inc. All rights reserved

VMware View: Design Best Practices


Revision A

You Are Here

VMware View: Design Best Practices

Course Introduction

Design Methodology

Use
-
Case Definition

Pool and Desktop Design

Display Protocol Design

View Pod and Block Design

VMware Infrastructure Design

Storage Design

End
-
User Session and Device Design

5
-
3

© 2012 VMware Inc. All rights reserved

VMware View: Design Best Practices


Revision A

VMware® View™ requires a robust network infrastructure to support
the communication requirements between the View components.

View supports two remote display protocols: PCoIP and RDP. The
optimum protocol to use depends on the characteristics of the View
deployment. PCoIP is a flexible choice and provides many tuning
options for optimal performance.

Importance

5
-
4

© 2012 VMware Inc. All rights reserved

VMware View: Design Best Practices


Revision A

View Design Methodology

Use
-
case
definition

Pool and
desktop design

Display
Protocol
Design

Pod and block
design

VMware
infrastructure
design

Storage design

End
-
user
session and
device design

5
-
5

© 2012 VMware Inc. All rights reserved

VMware View: Design Best Practices


Revision A

Module Lessons

Lesson 1:

Access Infrastructure

Lesson 2:

Designing for PCoIP

5
-
6

© 2012 VMware Inc. All rights reserved

VMware View: Design Best Practices


Revision A

Lesson 1:


Access Infrastructure

5
-
7

© 2012 VMware Inc. All rights reserved

VMware View: Design Best Practices


Revision A

After this lesson, you should be able to do the following:


Briefly explain the following network infrastructure considerations in a
View solution:


Bandwidth versus latency


Concurrent session load


Security implications

Learner Objectives

5
-
8

© 2012 VMware Inc. All rights reserved

VMware View: Design Best Practices


Revision A

Access infrastructure provides connectivity between the client
access device and the desktop:


LAN and WAN infrastructure


Connection management by using View components

Due to remote display requirements, the underlying network is
critical for satisfactory user experience.

You must use accurate bandwidth and latency metrics to ensure
expected performance.

If bandwidth and latency assumptions are used, you must conduct a
test to validate the results.

Network infrastructure for application data is a separate analysis.

Access Infrastructure

5
-
9

© 2012 VMware Inc. All rights reserved

VMware View: Design Best Practices


Revision A

Network Architecture Overview

View relies on network connectivity across multiple datacenters and
LAN
-
connected offices.

Users access their virtual desktops through a mix of LAN and WAN
connectivity.

The key considerations for connectivity in a View environment
include:


Each View server must have connectivity to all vCenter Server systems
and virtual desktops within the View pod.


VMware® View™ Client instances must be able to connect directly to
virtual desktops or to a View security server, if one is used.


Virtual desktops must be able to resolve the View Connection Server
system’s fully qualified domain name.


View Connection Servers must be able to resolve the vCenter Server
system’s FQDN by using DNS.

5
-
10

© 2012 VMware Inc. All rights reserved

VMware View: Design Best Practices


Revision A

View Components and Protocols

5
-
11

© 2012 VMware Inc. All rights reserved

VMware View: Design Best Practices


Revision A

Default Network Ports (1)

Access

Incoming
TCP port

Outgoing
TCP

port

View Client
to
View
Connection
Server

443

443

RDP


Direct
connection
from
View Client to a
View desktop

3389

3389

RDP


Tunneled
connection
from
View security
server or View Connection
Server to
View
desktop

3389

3389

PCoIP


Direct
connection
from View
Client
to
View desktop (TCP is used for control and
management.

UDP is used for data exchange.)

4172
TCP/UDP

4172

UDP only

USB
redirection
from View Client to
View desktop

(direct connect
)

32111

32111

USB
redirection
from View Connection Server to
View
desktop (tunneled mode
)

32111

32111

5
-
12

© 2012 VMware Inc. All rights reserved

VMware View: Design Best Practices


Revision A

Default Network Ports (2)

Access

Incoming
TCP port

Outgoing
TCP

port

View
Connection
Server
to VMware® vCenter
Server™ system

㐴Q

㐴Q

s楥w
䍯湮散瑩e渠
卥牶敲r


噍s慲a® s楥w
Composer™ system

ㄸ㐴N

ㄸ㐴N

vCenter
Server to
VMware® ESXi™ host

902

902

View
Connection
Server to Active Directory

389

389

View
Connection
Server to View
Agent (
JMS)

4001

4001

View
Connection
Server to View
Connection
Server
(
JMS inter
-
router)

4100

4100

View Transfer Server to a client system

902

902

View security server to View Connection Server

500 (UDP)

500 (UDP)

5
-
13

© 2012 VMware Inc. All rights reserved

VMware View: Design Best Practices


Revision A


Bandwidth


Connection capacity


Latency


End
-
to
-
end transit time


Load balancing


Performance, scalability, availability


Total and concurrent sessions anticipated


Security


Points of ingress


Other key considerations:


View availability requirements


Existing capacity and utilization


Security and encryption requirements


Network Infrastructure Design Factors

5
-
14

© 2012 VMware Inc. All rights reserved

VMware View: Design Best Practices


Revision A

Access Considerations: Bandwidth


Ensure adequate bandwidth for View sessions.


RDP requirements:


Minimum bandwidth is 30Kbps for a single session.


Streaming multimedia increases bandwidth to 100Kbps.


Average session bandwidth is 100

150Kbps.


Graphics
-
intense application bandwidth is 200

250Kbps.


PCoIP is adaptive and uses UDP for lower overhead:


Plan for an average session bandwidth of 80

150Kbps for a basic office
productivity desktop using optimized Windows and View environments.


Bandwidth can burst to 500Kbps

1Mbps per user at peak.


Bandwidth can be as low as 70Kbps (text application) or even 10Kbps (idle).


View Agent and View Client move some multimedia streams into a
separate channel.


Consider the requirements of your application mix, particularly
multimedia demands.




5
-
15

© 2012 VMware Inc. All rights reserved

VMware View: Design Best Practices


Revision A

Access Considerations: Latency


High network latency causes a sluggish refresh of the desktop display,
which affects the user experience.


Typical latency parameters:


LAN latency can be as low as 1 millisecond.


U.S. domestic WAN latency is typically 100

150ms.


International WAN latency can be as high as 100

200ms.


Multihop satellite links can approach latency of 2,000+ms.


Network latency exceeding 200ms can adversely affect View
performance, irrespective of the remote display protocol:


Up to 150ms is acceptable for most applications.


200ms is tolerated by a few applications.


250+ms is usually unacceptable.


User education can make a difference:


For example, pressing the Page Down key instead of scrolling

5
-
16

© 2012 VMware Inc. All rights reserved

VMware View: Design Best Practices


Revision A


Client devices should be connected at a minimum of 100Mbps,
preferably at 1Gbps.


View desktops must be able to resolve the View Connection Server
FQDNs through the use of DNS.


View desktops must be able to route traffic to the connection server.


View Connection Server must be able to resolve vCenter Server
systems’ FQDNs through the use of DNS.


View Client must be able to resolve the external URL or FQDN of the
View Connection Server or View security server.


View security server, if deployed, must be able to connect to a View
desktop through an IP address.


All necessary firewalls should be configured to ensure network
connectivity as detailed in the network port requirements.

General LAN Considerations

5
-
17

© 2012 VMware Inc. All rights reserved

VMware View: Design Best Practices


Revision A

PCoIP LAN Considerations (1)


Confirm that a full
-
duplex, end
-
to
-
end network link is used.


Confirm that there is sufficient bandwidth available on the network.


The bandwidth used between a virtual desktop and the client device
depends on the activity on the user display.


A typical desktop, using Microsoft Office applications, uses an average of
100
-
200Kbps.


Provision the network with a minimum bandwidth of 250Kbps per user.


The actual bandwidth used depends on the activity on the user’s screen and
can be as low as 10Kbps.


For more demanding desktop environments, consider increasing the
minimum network bandwidth that is available.


5
-
18

© 2012 VMware Inc. All rights reserved

VMware View: Design Best Practices


Revision A


Confirm that the round
-
trip network latency is less than 250ms.


Confirm that routers have buffering set to minimize router latency.


Ensure that there is no traffic shaping occurring at the ESXi vSwitches.


Ensure that PCoIP is included in the traffic shaping policies and has a
high priority to reflect its real
-
time nature. For example, the QoS setting
should be just below the setting for VoIP traffic.

PCoIP LAN Considerations (2)

5
-
19

© 2012 VMware Inc. All rights reserved

VMware View: Design Best Practices


Revision A

WAN Considerations

Latency is unavoidable in a WAN environment due to the number of
hops, circuit lengths, and types of facilities. For example:


Domestic circuits are typically 45
-
50ms.


International circuits might start at 100

200ms.

Imperative to have good data on latencies for existing WAN routes.

For example:


Network

endpoints

Avg. concurrent

user connections

Latency

Bandwidth

Moscow
to
London

20

100ms

10Mbps

Paris
to
London

100

50ms

50Mbps

Bangalore
to

London

2300

150ms

1Gbps MPLS

5
-
20

© 2012 VMware Inc. All rights reserved

VMware View: Design Best Practices


Revision A

Connections between remote client devices and the View
environment must be secure. Two options exist:


Use a VPN (perhaps an existing VPN).


Use the View security server.

Do not use a TCP
-
based VPN for PCoIP traffic.


PCoIP is UDP
-
based, so there is a performance degradation.

The View Connection Server and the security server implement two
security gateways:


The View Secure Gateway server supports SSL tunnels for RDP.


The PCoIP Secure Gateway server supports PCoIP connections.

The View security server is placed in the DMZ, which removes the
encryption and decryption workload from View Connection Server.

Secure Connections

5
-
21

© 2012 VMware Inc. All rights reserved

VMware View: Design Best Practices


Revision A

Comparison of Remote Access Options

Attribute

View security server

Third
-
party solutions

(F5 and
Juniper)

Platform

Windows Server
2008 virtual
machine

Hardware
appliance

Concurrent
connections

2,000 (Windows 2008 with
10GB RAM)

2,000
+

Tunneling

protocol

SSL for

RDP

SSL
or
IPSec

Client
d
evice security

No

Possibly

Display protocol support

RDP and PCoIP

RDP, PCoIP (must support
UDP)

Single
sign
-
on

Yes

Depends

5
-
22

© 2012 VMware Inc. All rights reserved

VMware View: Design Best Practices


Revision A

WAN Acceleration Technology for RDP Connections


Consider using WAN acceleration technology to improve bandwidth
and latency for RDP traffic:


Consider endpoint devices with the following functionality:

-
Data deduplication (reduces transmission of redundant data)

-
Real
-
time quality of service


Less overall network traffic means more bandwidth for View traffic:

-
Most likely would not improve latency.


Consider the application deployment and management methodology:


For software deployment methods: what infrastructure is required, and is it
physical or virtual?


For application virtualization methods: is local caching or permanent storage
required?


PCoIP performance is not improved by WAN acceleration technology
because the traffic is encrypted and compressed.

5
-
23

© 2012 VMware Inc. All rights reserved

VMware View: Design Best Practices


Revision A

Example WAN Acceleration Technologies


Cisco’s Wide Area Application Services (WAAS):


Data redundancy elimination


Application
-
specific acceleration


Transport flow optimization


Riverbed Steelhead appliances:


Remove repetitive traffic


Reduce redundant traffic

5
-
24

© 2012 VMware Inc. All rights reserved

VMware View: Design Best Practices


Revision A

Review of Learner Objectives

You should be able to do the following:


Briefly explain the following network infrastructure considerations in a
View solution:


Bandwidth versus latency


Concurrent session load


Security implications

5
-
25

© 2012 VMware Inc. All rights reserved

VMware View: Design Best Practices


Revision A

Lesson 2:


Designing for PCoIP

5
-
26

© 2012 VMware Inc. All rights reserved

VMware View: Design Best Practices


Revision A

After this lesson, you should be able to do the following:


Compare PCoIP and RDP design criteria.


Explain when the PCoIP optimization controls should be changed from
the default values.


Discuss the key PCoIP tuning parameters that are configurable.

Learner Objectives

5
-
27

© 2012 VMware Inc. All rights reserved

VMware View: Design Best Practices


Revision A

PCoIP is a real
-
time protocol:


Similar to VoIP, IPTV, Telepresence.


Results in significant compression, often more than 10:1.

Host
-
based pixel encoding:


Only changed pixels are sent.


Endpoint device simplicity and compatibility.


No impact to application performance

not required to wait for client
-
side rendering.

UDP
-
based transport:


Avoids TCP overhead.


Reliability is determined at the application layer.


PCoIP Characteristics

5
-
28

© 2012 VMware Inc. All rights reserved

VMware View: Design Best Practices


Revision A

Build to lossless operation:


Gradually builds static screen areas to pixel
-
perfect.


Supports perceptually lossless rendering.

Image decomposition:


Utilizes multiple codecs depending on screen content

icons, text,
video, graphics, photos.

Adaptive bandwidth consumption

Client
-
side caching




PCoIP Features (1)

5
-
29

© 2012 VMware Inc. All rights reserved

VMware View: Design Best Practices


Revision A

Text Codec:


Lossless delivery of text


Increased compression ratio (~2x) on ClearType and Adobe LCD Fonts


10
-
20% bandwidth savings

Disable build
-
to
-
lossless:


Build to “perceptually” lossless


Imperceptible for most use cases


10
-
15% bandwidth savings

Client
-
side caching


Stores frequently accessed static content on the endpoint device


Sends the “address” and “location” of the content, not the content itself


30
-
40% bandwidth savings


PCoIP Features (2)

5
-
30

© 2012 VMware Inc. All rights reserved

VMware View: Design Best Practices


Revision A

Client
-
Side Caching in Operation

Initial content load

Cached “replay”

Cached “replay”

5
-
31

© 2012 VMware Inc. All rights reserved

VMware View: Design Best Practices


Revision A

Client Compatibility for Optimization Controls

PCoIP client

Client
-
side
caching

Enhanced
text codec

Disable
build
-
to
-
lossless

Session
resilience

Expected
bandwidth
reduction

Software


Windows

Yes

Yes

Yes

Yes

50
-
75%

Software


MacOS

Yes

Yes

Yes

Yes

50
-
75%

Software


Linux

Yes

Yes

Yes

Yes

50
-
75%

Software


mobile

No

Yes

Yes

Yes

20
-
30%

Zero
-
client Tera1

No

No

Yes

Yes

10
-
20%

Zero
-
client Tera2

Yes

Yes

Yes

Yes

50
-
75%

5
-
32

© 2012 VMware Inc. All rights reserved

VMware View: Design Best Practices


Revision A

WMI session counters:


Use session statistics for real
-
time visibility into user sessions to
determine if tuning will be beneficial.


30+ statistics in five categories:


General session:

-
Total session duration

-
Total bytes: Tx/Rx


Network:

-
Bandwidth: Tx/Rx

-
Latency and packet loss


Imaging:

-
Bandwidth: Tx/Rx

-
Image quality and frames per second


Audio


USB

Monitoring PCoIP Sessions

5
-
33

© 2012 VMware Inc. All rights reserved

VMware View: Design Best Practices


Revision A

VMware® vCenter™ Operations Manager™ for View

Third
-
party tools:


Lakeside Software


SysTrack


Liquidware Labs


Stratusphere UX


Xangati VDI Dashboard

Free tools:


Windows Perfmon


Teradici’s Viewer program


PCoIP Log Viewer:


Log file analysis


Multiple concurrent session analysis

Tools to Monitor PCoIP Sessions

5
-
34

© 2012 VMware Inc. All rights reserved

VMware View: Design Best Practices


Revision A

Commonly Used PCoIP Statistics (1)

PCoIP session statistic

Definition

AudioRXBWkbitPersec

Bandwidth for incoming audio packets
averaged over the sampling period, in
kilobits per second

AudioTXBWkbitPersec

Bandwidth for outgoing audio packets
averaged over the sampling period, in
kilobits per second

SessionDurationSeconds

Total number of seconds that the PCoIP
session has been open

ImagingEncodedFramesPersec

Number of imaging frames that were
encoded over a one
-
second sampling
period

RoundTripLatencyms

Round
-
trip latency in milliseconds between
the desktop and the PCoIP client

5
-
35

© 2012 VMware Inc. All rights reserved

VMware View: Design Best Practices


Revision A

Commonly Used PCoIP Statistics (2)

PCoIP session statistic

Definition

RXBWkbitPersec

Overall bandwidth for incoming PCoIP
packets averaged over the sampling
period, in kilobit
s per
second

TXBWkbitPersec

Overall bandwidth for outgoing PCoIP
packets averaged over the sampling
period, in kilobit
s per
second

TXPacketLossPercent

Percentage of transmitted packets lost
during a sampling period

RXPacketLossPercent

Percentage of received packets lost
during a sampling period

5
-
36

© 2012 VMware Inc. All rights reserved

VMware View: Design Best Practices


Revision A

PCoIP is a real
-
time protocol:


Ensures the proper QoS/CoS classification:


Classifies PCoIP traffic as real
-
time interactive, typically just below VoIP.


Ensures that QoS/CoS mappings are preserved across WAN links.

Use the View security server for remote access:


Most efficient remote access solution


Allows remote access for zero
-
clients

If you must use a VPN, avoid TCP
-
based SSL
-
based solutions:



Use IPSec, L2TP/IPSec, GRE, or DTLS.

Ensure that PCoIP is bypassed on all WAN acceleration devices.

Ensure that PCoIP is bypassed or trusted on any IDS/IPS devices in
the network path and in endpoint protection software.

Best Practices for PCoIP Implementation (1)

5
-
37

© 2012 VMware Inc. All rights reserved

VMware View: Design Best Practices


Revision A

Prefer fixed bandwidth WAN circuits over burstable circuits:


Understand your use case well and perform accurate measurements to
allow for proper circuit sizing.

If you must use burstable circuits:


Ensure that the CIR is high enough to cover all existing high priority
traffic and the total average traffic for all PCoIP sessions.


PCoIP might see high packet loss when it consumes burst bandwidth:


Carriers tag burst packets as “out of contract” and low priority.


Might artificially limit the total bandwidth PCoIP sees across the circuit.

Use WRED for congestion avoidance:


Avoid tail
-
drop.


Do not configure WRED on the physical interface because it will
override all other QoS policies.

Avoid use cases where round
-
trip latency is greater than 300ms.

Best Practices for PCoIP Implementation (2)

5
-
38

© 2012 VMware Inc. All rights reserved

VMware View: Design Best Practices


Revision A

Do not use per
-
packet load balancing:


Per
-
packet load balancing causes out
-
of
-
order packet delivery, which
leads to PCoIP perceiving a packet loss.


Ensure that affinity or session “stickiness” is enabled.

Use desktop virtual machine optimization guides to configure visual
settings.

Optimize PCoIP tunable parameters for your use case.

Best Practices for PCoIP Implementation (3)

5
-
39

© 2012 VMware Inc. All rights reserved

VMware View: Design Best Practices


Revision A

Parameters can be adjusted by using
pcoip.adm

in an OU for a set of pools or the
parent virtual machine for a pool.

Parameters can also be set directly in the Windows Registry at the following location:


HKEY_LOCAL_MACHINE
\
SOFTWARE
\
Policies
\
Teradici
\
PCoIP
\
pcoip_admin_defaults
\


PCoIP Tunable Parameters

5
-
40

© 2012 VMware Inc. All rights reserved

VMware View: Design Best Practices


Revision A

Turn off the build
-
to
-
lossless feature (On):


pcoip.enable_build_to_lossless

Disables pixel
-
perfect rendering


builds to perceptually lossless.

Optimization Controls: Build
-
to
-
Lossless

Confusing!

Enable to disable?

You must accept

this option for the

setting to apply.

5
-
41

© 2012 VMware Inc. All rights reserved

VMware View: Design Best Practices


Revision A

Configure
PCoIP

client image cache size (250MB):



pcoip.image_cache_size_mb

Controls amount of RAM set aside for image cache storage.

Optimization Controls: Client
-
Side Cache Size

5
-
42

© 2012 VMware Inc. All rights reserved

VMware View: Design Best Practices


Revision A

Maximum PCoIP session bandwidth (90,000Kbps):


pcoip.max_link_rate


This setting is the maximum bandwidth that PCoIP is allowed to use for
any individual session.

PCoIP session bandwidth floor (0Kbps):


pcoip.device_bandwidth_floor


This setting is the lower bound that PCoIP throttles down to when
network congestion is detected.


The sum of bandwidth floors should not exceed the link capacity.

PCoIP session MTU (1300 bytes):


pcoip.mtu_size


Reduce the value if you are seeing packet fragmentation due to VPN or
other encapsulation because fragmentation affects performance.

Tunable Parameters


PCoIP Network Parameters

5
-
43

© 2012 VMware Inc. All rights reserved

VMware View: Design Best Practices


Revision A

Minimum Image Quality (50%):


pcoip.minimum_image_quality


Determines the lower bounds of image quality “compression” when
network congestion triggers increased build
-
to
-
lossless.


Maximum Initial Image Quality (90%):


pcoip.maximum_initial_image_quality


A lower bound on the image quality that PCoIP tries to deliver immediately
when screen updates occur. The higher this setting the more pixel perfect
the initial screen updates will be, at the cost of higher bandwidth peaks.

Maximum Frame Rate (30 fps):


pcoip.maximum_frame_rate


This setting determines the maximum frequency of client screen updates.
Lower values reduce bandwidth when high rates of motion that need to be
rendered occur.

Tunable Parameters


PCoIP Image Quality Levels

5
-
44

© 2012 VMware Inc. All rights reserved

VMware View: Design Best Practices


Revision A

Enable/Disable Audio in the PCoIP Session (Enabled):


pcoip.enable_audio


This setting enables or disables the transmission of audio entirely.


If the desktop use case does not require audio, disable it.

PCoIP session audio bandwidth limit (500Kbps):


pcoip.audio_bandwidth_limit


This setting limits the maximum bandwidth that audio traffic can
consume.


PCoIP can still dynamically adjust this setting down based upon current
network conditions.


Setting this value below 50Kbps might result in no audio being
transmitted at all.


Tunable Parameters


PCoIP Audio Parameters

5
-
45

© 2012 VMware Inc. All rights reserved

VMware View: Design Best Practices


Revision A

Implement the best practices first:


Confirm that the network environment is properly configured and sized.


Confirm that the desktop image optimizations have been done.

Recognize that PCoIP already adapts to congestion and bandwidth
reductions:


Altering parameters can have unexpected results.

You cannot get something for nothing:


Reducing bandwidth almost always has some impact on user
experience.

When to Tune PCoIP

5
-
46

© 2012 VMware Inc. All rights reserved

VMware View: Design Best Practices


Revision A

Visual Impact of Tuning

minor compression
artifacts occur, but you
can still pinpoint
numerous individual stars

major compression artifacts
and smearing exist, so
fewer individual stars are
visible

5
-
47

© 2012 VMware Inc. All rights reserved

VMware View: Design Best Practices


Revision A

Example of Overriding PCoIP Image Quality Levels

The use case is a periodic YouTube
-
like presentation by the CEO

to all employees:


Maximum Image Quality


remains at 50.


Maximum Initial Image

Quality

is reduced to 70.


Maximum Frame Rate


is reduced to 18.


Audio bandwidth is

reduced from 500Kbps

to 250Kbps.

Bandwidth per session

drops from 10Mbps

to 3Mbps .

5
-
48

© 2012 VMware Inc. All rights reserved

VMware View: Design Best Practices


Revision A

In this lab, you will
tune PCoIP for best performance for each use
case and pool combination:


Review the Brightfield case study.


Recommend LAN and WAN configurations.


Determine the optimal PCoIP configuration for each use case and pool
combination.

Lab 5

5
-
49

© 2012 VMware Inc. All rights reserved

VMware View: Design Best Practices


Revision A

Review of Learner Objectives

You should be able to do the following:


Compare PCoIP and RDP design criteria.


Explain when the PCoIP optimization controls should be changed from
the default values.


Discuss the key PCoIP tuning parameters that are configurable.

5
-
50

© 2012 VMware Inc. All rights reserved

VMware View: Design Best Practices


Revision A

Key Points


Network performance and user satisfaction depend mostly on the
available bandwidth and the latency characteristics of the network.


The PCoIP and RDP remote display protocols offer different features
and performance between the client device and the View desktop.
Consider the following:


Bandwidth and latency requirements


Multimonitor support


USB redirection requirements


Security implications


Many GPO policy settings are available for optimizing and tuning
PCoIP operations in a WAN environment when necessary.