Documente Academic
Documente Profesional
Documente Cultură
Agenda
XenApp troubleshooting
The right tool, right place at the right time
Troubleshooting scenarios
Top utilities
Case studies
Additional resources/Q&A
Agenda
XenApp troubleshooting
The right tool, right place at the right time
Troubleshooting scenarios
Top utilities
Case studies
Additional resources/Q&A
Agenda
XenApp troubleshooting
The right tool, right place at the right time
Troubleshooting scenarios
Top utilities
Case studies
Additional resources/Q&A
Agenda
XenApp troubleshooting
The right tool, right place at the right time
Troubleshooting scenarios
Top utilities
Case studies
Additional resources/Q&A
Agenda
XenApp troubleshooting
The right tool, right place at the right time
Troubleshooting scenarios
Top utilities
Case studies
Additional resources/Q&A
Agenda
XenApp troubleshooting
The right tool, right place at the right time
Troubleshooting scenarios
Top utilities
Case studies
Additional resources/Q&A
XenApp troubleshooting
Understanding the infrastructure
The anatomy of a XenApp farm
Information: Static and Dynamic
Components: Where to focus troubleshooting
Understanding what happens from logon to launch
Types of issues: Denial of service, bottlenecks
Troubleshooting: Medevac, performance monitoring, CDF
Types of Information
Static
Dynamic
Data Store
Dynamic Store
Constantly changing
Farm configuration
Changes made in the
Management Console
DATA STORE
information
Load management
Information required for
application launch
Logon to launch
Active Directory
XML Broker
Client
Web Interface
Data Store
MedEvac (CTX107935)
The XML Broker tests
Verifies that the XML Service is able to respond to an XML / client request
XML is able to contact the Zone Data Collector
Verifies that the ZDC can provide the address of the least loaded server for the requested app
The IMA Service is able to respond
The IMA Service can read the Local Host Cache
The IMA Service can read its Dynamic Store
Monitoring
XML Broker
XML Threads
Client
Web Interface
ASP Requests
CDF
CDF
Active Directory
RSOP
Citrix Counter
Description
Threshold
Server to monitor
Determine baseline
Determine threshold
considering scheduled
reboots and maintenance
DO
CDF Basics
To better understand what a CDF trace message is, lets look at the
following pseudo code example
CDF Internals
To better understand CDF, lets take a quick overview at how the
Operating System supports Event Tracing (ETW)
CONTROLLER
CONSUMER
CDFCONTROL
Events
Events
Enable/
Disable
Buffers
Events
Events
Events
Trace File
CDM.sys
RadeSvc.exe
WFShell.exe
ETW Components
Providers:
Enables/Disables a provider
Configures trace capture settings
Starts/Stops a trace
Consumer:
CDFControl v2.5
CDFControl is a hybrid controller and consumer
It can start/stop/enable and configure an ETW/CDF trace session
It can consume (read) trace events from a log file, or from a live realtime trace session
The original version operated only as a ETW Controller, and was
published under CTX111961
Troubleshooting Scenarios
Troubleshooting scenarios
Application Streaming
Database
Seamless/Multi-Monitor
Network
CPU Spikes
Deadlocks/Hangs
Debugging
Application Streaming
RAD file
End User
1.
2.
3.
4.
5.
6.
7.
Application Streaming
Isolate the Issue
When?
Profiling
Publishing
Streaming
How?
Streaming to Server
Streaming to Client
Versions?
WI 4.5, 5.0
License server 4.5,5.0
Client
Application Streaming
Streaming Client Troubleshooting:
Client installation is required on workstations
Verify the Citrix Streaming Service is started or restart
Reference CTX116483 required permissions
Enable debug console
HKEY_LOCAL_MACHINE\Software\Citrix\Rade
REG_DWORD: EnableDebugConsole
Value: 1 to switch on, 0 to switch off
Application Streaming
Leverage realtime CDF tracing!
Run CDFControl on the client (where client is installed)
Choose the Application Streaming category
Enable realtime tracing
Provide a TMF path (CTX106233)
Start tracing and reproduce the launch failure
Seamless/Multi-Monitor
SEAMLESS HOST COMPONENTS
Winlogon
Default
winlogon.
exe
sehook20.dll
sehook20.dll
ICA Client
icast.exe
TWISysT
rayAgent
icactls.dll
seamls20.dll
TWIWorker
TWIReader
wfshell.exe
Seamless/Multi-Monitor
SEAMLESS CLIENT COMPONENTS
wfica32.exe
vdtwin30.dll
LVB
vdtwn.dll
ctxsrcc.lib
GAI
Seamless/Multi-Monitor
Multi-Monitor
An optional component
Client provides a monitor layout via thinwire channel which is shared by all
process loading mmhook.dll via shared memory
Work area change is always posted to host. This could be due to change in work
area of the existing area or change in virtual screen size due to addition /deletion
of monitors.
API hooks are controlled by flags and can be customized per process. Refer to
CTX115637 for various configuration options
Seamless/Multi-Monitor
Shift F2 to change to Full Screen mode
Reconnect as fixed size window session
Set global flags, 0x26DEA7, to see if it fixes the issue.
This is combination of following flags (See CTX101644 for details of each bit)
0x1 (Disable session sharing), 0x2 (Disable modality check), 0x4 (Disable AA hook)
Analyze CDF trace for MF_DLL_CTXNOTIF and MF_SESSION_TWI
Analyze window information using SPY++/Window History/Message History
Try per-window exception flags
Analyze application logic (API flow) using TracePlus utility
Seamless/Multi-Monitor
Get the Window class name which is exhibiting the problem
Collect the CDF traces for concerned module ONLY
CTXNOTIF, MMHOOK, TWCDS, TWI, TWI_HOOK
CPU Spikes
Try to define a pattern (leverage perfmon)
Determine offending Thread ID causing the spike
(Process Explorer, QSlice)
Obtain userdump of offending process immediately after (Userdump.exe,
WinDbg.exe)
Check CDF trace for repeated (looping) messages (if Citrix component)
Use application spy to look at what the application is doing (TracePlus, Logger)
Deadlocks
Windows Vista and Server 2008 offer the new Wait Chain Traversal (WCT)
API!
This offers applications
a mechanism
checkMANAGER
internally for wait conditions, and
THE
WINDOWStoTASK
also allows for customCAN
toolsCAPTURE
to be created
which
can also
USER
DUMPS
IN check for application
hangs LIVE!
VISTA & 2008!!!
No cool WCT tools available? The debugger is your friend!
Attach to hung process/service and generate a dump for post-mortem analysis:
.dump /ma c:\PathToDump\DeadlockedApp.dmp
Manually inspect thread states, and get the debugger's opinion with:
!analyze -hang -v
Slow logons
Understand the logon process and Identify the slowdown!
Validate via network trace that the connection between server to client is good
If the connection makes it to the server, check which processes exist
Use TaskManager and sort by session ID
Gather userdumps for each process for the slow session to try to identify any
synchronization problems, such as LPC and ALPC wait chain conditions
Ensure Terminal Services is running (svchost.exe) and that the thread count
appears normal
Ensure critical Citrix processes are okay, such as IMA, CpSvc and XML
Debugging
User Mode versus Kernel Mode
The Windows operating system can be conceptually divided into 2
parts:
User Space (User Mode)
Kernel Space (Kernel Mode)
USER SPACE
USER
USER
USER MODE
APPLICATION
USER
APPLICATION USER
APPLICATION
APPLICATION USER
USER
APPLICATION
USER
APPLICATION USER
APPLICATION
APPLICATION
KERNEL SPACE
rusb2w2k.sys
keyboard.sys
win32k.sys
tcpip.sys
[]
Debugging
Windows Vista and Server 2008 does not rely on the boot.ini for debug
settings anymore
Say hello to the BCDEDIT utility!
(http://technet.microsoft.com/en-us/library/cc721886.aspx)
To do a live local debug, you need to first enable debugging on the server
Bdcedit /debug on (requires reboot)
Debugging
In the event of a system crash (BSOD), ensure that:
1. The Pagefile (pagefile.sys) is configured to run on the system drive (where
Windows is installed)
2. The Pagefile is larger that the amount of physical RAM on the server
3. Startup and recovery options are set for a kernel or complete memory dump
4. Enough space exists to write the dump file
Debugging
To debug application crashes, configure a default application
debugger to handle fatal application errors!
Dr.Watson is gone in Vista and Server 2008
Manually configure a default application debugger (CTX105888)
Use the TestDefaultDebugger tool to ensure that server is able to
capture userdumps (CTX111901)
Debugger Basics
NTSD pn ProcessName (attaches to running process)
~*kb Lists all running threads
x *!*Symbol*
bp
!analyze hang v
Switch to thread 4
PID
TID
First Parameter
Function Parameters
Module
Name
Second Parameter
First Parameter off stack
Function
Name
Offset
Case Studies
Time to resolve
With symbol server: less than 1 hour
Estimated time without symbol server: more than 1 business day
Location
Add http://ctxsym.citrix.com/symbols to your symbol path
Questions / Feedback
Article CTX118622 on Citrix Knowledge Base (http://support.citrix.com)
Send additional feedback to symsrv@citrix.com
Questions?