Jump to content
Welcome to our new Citrix community!

Failover breaks connection of Linux-OS with Workspace App and Netscaler ADC 12.1


Recommended Posts

On clients with Linux OS and Citrix Workspace App >= 19.12, that connected through Citrix Netscaler, a failover switch of our Citrix Netscalers let the Linux-clients break the connection to all Citrix connections. I don't know if this is an client or a Netscaler configuration issue. What I've checked out is, that "Session Reliability on HA Failover" is correctly set (see attachment 2). 

 

What I've also tested:

a) Client with Workspace App 19.12 -> failover on Netscaler -> the attached error comes up, and the user must logon again to get its disconnected Citrix session back
b) Client connected via HTML5 client (Firefox), the reconnection-notification comes up and the session remains connected.
c) Client (MacBook) with Workspace App 19.12, the reconnection-notification comes up and the session remains connected.
d) Released the network-cable of the Linux-client for 5 sec. - the  reconnection-notification comes up and the session remains connected, after connecting the cable back.

 

So for me it must be a Netscaler configuration issue. Is there any other setting to get the session stable after failover ?

wsa_err.png

SR_ON.png

Link to comment
Share on other sites

This is by design. Windows clients break as well. However, they probably do a better job reconnecting to the gateway.

 

There is a TCP connection between the client device and the gateway. This connection uses sequence-numbers and acknowledgement numbers. Any packet sent from client to server, or vice versa, increments these numbers. In HA, we would need to send an other packet to the passive node, to make these connections persistent in case of a fail over. This is not needed with HDX /ICA) as the workspace app simply reconnects. We can just do this to TCP connections (it's called stateless failover) with plain TCP connections, FTP and SSL-Bridge.

https://docs.citrix.com/en-us/citrix-adc/current-release/load-balancing/load-balancing-protect-configuration/connection-failover.html

 

Greetings from sunny Austria

 

Johannes Norz

CTA, CCI, CCE-N

 

Enjoy my Citrix ADC test environment

My blog

Link to comment
Share on other sites

Thank you Johannes - I've found the article https://docs.citrix.com/en-us/citrix-adc/current-release/load-balancing/load-balancing-protect-configuration/connection-failover.html but this setting seems to be unavailable in 12.1 Build 60.17. 

 

Do we have to upgrade to 13.x and enable the setting to get the Workspace-App gets reconnected ?

 

Kind regards and a happy new year from Germany to Austria

adc_protection.png

Link to comment
Share on other sites

No, sorry Jens. State-full fail over worked "ever since". But it never worked with ICA, nor does it with VPN (Gateway). It's a load-balancing only feature. There is no chance to make it working with gateway.

 

In load-balancing you can do it (for TCP, SSL-bridge and FTP servers only) by opening the virtual server, and in Advanced Settings, click Protection, and select Connection Failover as Stateful. This is extreme overhead and may overfill both, theinterfaces and the CPU (that's why it's turned off by default)

 

I would dig into the Workspace App for Linux, it's a client side issue. The Workspace App has to reconnect seamlessly. The feature is called session reliability.

 

Most of my costumers don't care about it, as active/passive fail-over occurs only in very rare conditions and normally gets triggered by admins during planned maintenance windows.

  • Like 1
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...