Best Practices for Configuring Provisioning Server on a Network

This article explains the best practices when configuring Citrix Provisioning Server on a network.

Follow these best practices when troubleshooting issues such as slow performance, image build failures, lost connections to the streaming server, or excessive retries from the target device.

Disabling Spanning Tree or Enabling PortFast

With Spanning Tree Protocol (STP) or Rapid Spanning Tree Protocol, the ports are placed into a Blocked state while the switch transmits Bridged Protocol Data Units (BPDUs) and listens to ensure the BPDUs are not in a loopback configuration.

The amount of time it takes to complete this convergence process depends on the size of the switched network, which might allow the Pre-boot Execution Environment (PXE) to time out.

To resolve this issue, disable STP on edge-ports connected to clients or enable PortFast or Fast Link depending on the managed switch brand. Refer to the following table:


Switch Manufacturer

Fast Link Option Name


PortFast or STP Fast Link


Spanning Tree FastLink


Fast Port


Fast Start

Large Send Offload

  • The TCP Large Send Offload option allows the AIX TCP layer to build a TCP message up to 64 KB long and send it in one call down the stack through IP and the Ethernet device driver. The adapter then re-segments the message into multiple TCP frames to transmit on the wire. The TCP packets sent on the wire are either 1500-byte frames for a Maximum Transmission Unit (MTU) of 1500 or up to 9000-byte frames for a MTU of 9000 (jumbo frames).
  • Re-segmenting and storing up packets to send in large frames causes latency and timeouts to the Provisioning Server. This should be disabled on all Provisioning Servers and clients.
  • To disable Large Send Offload, open the Network Interface Card (NIC) properties and select the Advanced tab.
    Some NICs do not offer this setting in the properties page. In this case, you must change a registry key change to disable Large Send Offload. To do so, add the following entry to the registry:
    ! This procedure requires you to edit the registry. Using Registry Editor incorrectly can cause serious problems that might require you to reinstall your operating system. Citrix cannot guarantee that problems resulting from the incorrect use of the Registry Editor can be solved. Use the Registry Editor at your own risk. Back up the registry before you edit it.
  • Target Device
    : For Provisioning Server 6.0 and beyond, BNNS driver is no longer used for Windows 7 and 2008, so this registry key is not applicable. However, BNNS is still used for windows XP and 2003.

    DWORD = EnableOffload
    Value “0”

  • Provisioning Server and Target DeviceHKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TCPIP\Parameters\
    Key: “DisableTaskOffload” (dword)
    Value: “1”

Auto Negotiation

Auto Negotiation can cause long starting times and PXE timeouts, especially when starting multiple target devices. Citrix recommends hard-coding all Provisioning Server ports (server and client) on the NIC and on the switch.

Stream Service Isolation

Provisioning Services segment the stream traffic whenever applicable for several reasons, such as performance, provisioning growth, and troubleshooting. Because the stream service delivers I/O over UDP, a connectionless protocol, it makes performance incredibly fast but not as reliable as a TCP connection. There are in fact several mechanisms built in to handle reliability on the Server and Target Device regardless. On a congested pipe or flooded backplane of a switch UDP traffic tends to be the first to get dropped or discarded, for this reason alone Citrix encourages segmentation. When segmented, the stream service does not have to contend for bandwidth providing a clean network from which to stream and grow your provisioned infrastructure. This can virtually eliminate retries and maximize Target/Server performance. This idea is similar to isolating iSCSI traffic in the storage world.

You can refer to the Knowledge Center article CTX120955 – How to Setup a Multi-Homed Virtual Machine Separating Large-Scale Data Traffic from ICA Traffic for XenDesktop for better understanding on ICA traffic isolation method.

This same methodology would be applied specifically for the stream service. Your Provisioning servers and Target devices would have at least two NIC’s with IP addresses on different networks. One network provides inter communication between devices specifically for the streaming I/O traffic. The other network provides access to network resources, the internet, and so on. When the provisioning server is built and the configuration wizard is run, you bind only the interface associated with the Provisioning Services stream service to the Network interface on that vLAN.


Deixe um comentário

Preencha os seus dados abaixo ou clique em um ícone para log in:

Logotipo do

Você está comentando utilizando sua conta Sair /  Alterar )

Foto do Google+

Você está comentando utilizando sua conta Google+. Sair /  Alterar )

Imagem do Twitter

Você está comentando utilizando sua conta Twitter. Sair /  Alterar )

Foto do Facebook

Você está comentando utilizando sua conta Facebook. Sair /  Alterar )


Conectando a %s