Unsolved
This post is more than 5 years old
13 Posts
0
1810
August 19th, 2011 13:00
Physical Load Balancers and vWorkspace
Hi,
A question which i am yet to nail down an answer for. (cannot find anything specific on here or within the help guide)
Have 4 connection brokers, 2 at datacenterA and 2 at datacenterB
Have 4 physical load balancers, 2 at datacenterA and 2 at datacenterB. I would like to publish an IP on the load balancers to direct users to any of the connection brokers.
Connections made primarily by Thin clients (wyse) using dhcp configuration. Have tried the multiple IP for brokers in the DHCP file but this doesnt work as I would like, whilst at the same time I have the opportunity of bringing both datacenters together over L2 networks.
Alternatively, the same questions below apply if the L2 network span is denied and have the site LB pair managing the connection between the sites connection brokers. If the site brokers were to fail, the LB can then redirect to the other site LB's and connectivity would be restored. Potentially though at this point in time it looks like persistence may not be possible but am waiting for this to be confirmed by LB supplier.
Other client connections made by Win7 ThinPC using ThinApp, and AppPortal.
Assumption is that persistence would be required betwen client and broker through the LB
Questions are:
TCP/UDP Ports used by vworkspace/PNtools/AppPortal
Will this affect the built in load balancing functionality of vWorkspace itself?
Version 7.2MR1 will be deployed over the weekend.
Hope this has made sense to someone?
Cheers
Richard
Michel Roth
173 Posts
0
August 23rd, 2011 07:00
Hi Richard,
These are the ports used in vWorkspace (as per page 11 of the admin guide)
The TCP/IP port number requirements for vWorkspace services are listed below.
• Data Collector Service — It listens for Connection Broker service
connections on 5203.
This is a Windows service that runs inside each managed computer or
vWorkspace enabled Remote Desktop Session Host, and
communicates back and forth with the Connection Broker. When
PNTools is installed onto a desktop, a Windows Firewall port exception
rule is automatically added to allow incoming connections on this port.
• Connection Broker — It listens for Data Collector service connections
on 5201. It also listens for incoming client connection requests on a
configurable port, using 8080 as the default. Optionally, the
Connection Broker can be configured to require SSL encryption using
443 as the default.
vWorkspace Administration Guide
12
This service communicates with the Data Collector running inside each
managed computer or vWorkspace enabled Remote Desktop Session
Host.
• Password Management Service — This service accepts SSL
protected client password reset requests on a configurable port, using
443 as the default.
• Web Access — vWorkspace Web Access, being a web service, uses
HTTP and HTTPS application protocols. Although the default port
numbers are 80 and 443 respectively, any ports can be used.
• Secure Gateway — The Quest vWorkspace Secure Gateway
(Secure-IT) acts as an SSL proxy for Connection Broker, Web Access,
and RDP communications, and by default listens on 443.
• RDP — RDP listens on 3389 by default.
Microsoft RDP (Remote Desktop Protocol) is used for connections from
vWorkspace connector to Remote Desktop Session Host or a managed
computer.
• Universal Printer Service — This service listens on port 5204 on UP
Printer Servers only.
• Registry Service — This service listens for registry messages on port
5205 on Remote Desktop Session Host and broker computers.
• User Profile Management Storage — This service listens on port
5206.
richard10
13 Posts
0
September 19th, 2011 09:00
Thank you Michel, I had missed this.
The only thing now to clear up is the persistence through the load balancers, it does look like external connections coming through the load balancers do sometimes have the same IP address. Dont know if this is actually causing an issue as i've not been alerted to anything as yet.