Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

CSA on a Citrix server

I would like to hear from any that is successfully running CSA 4.5.1 on their citrix server.

Every citrix server I have installed this on ends up with a huge performance problem. And the load on these servers is actually fairly light - only about 20 users.

  • Other Security Subjects
5 REPLIES
New Member

Re: CSA on a Citrix server

Richard, any luck with this? I have CSA 5.1 on Citrix, and we have had some real perf problems. The CPU appears to get super busy, so much so that even keyboard and mouse events are ignored (but without blue screen). Heavily loaded Citrix servers at about 40-50 users using all sorts of applications (but no engineering apps or crazy stuff).

After TAC suggested removing csauser.dll from reg key AppInit_DLLs we are now removing all groups except one to carry UI policy and test mode, etc. We will measure our relative success with this after a week's time. Total number of rules now == 40-50.

Avg CPU util on these servers pre-CSA was 25-50% with spikes going much higher. To me this reflects the classic CPU spinlock problem. But what is at fault here? CSA, Citrix, or something else? These are HPQ DL360 and DL380 servers. It ocurred to me that it could be mgmt software.

About 2 yrs ago there was a *major* problem between CSA and Dell mgmt software. Both products installed separate versions of MSVC70.DLL or something similar, but into separate directories. Once CSA rewrote the reg key to point to _its_ version of the file, the servers would blue screen. Boy was that awesome, let me tell you. To be fair, I don't this think this exhibits the same symptoms.

New Member

Re: CSA on a Citrix server

Interesting. We're using 5.0.0.194 with VMS and we have similar issues. We run Citrix Presentation Server 4 and W2003 SP1. We get our application that only runs on one cpu (CPU0), and eventually the machine just locks up. We have to do a hard reboot to get it usable again. This happens with 4 or 40 users. But CSA is the catalyst. If CSA isn't on the server (completely uninstalled), the server runs fine, indefinitely. If CSA exists (loaded, but doesn't even have to be running), it's pretty much guaranteed that we'll have to reboot at least once a day under normal load.

This first started happening to us with CSA 4.5. 4.0 we had no problems with. 5.0.0.x, we have to reboot the servers multiple times per day. Anymore, we can't even use CSA.

Also, we are using Dell Poweredge 1750's and 1850's WITH the Dell OpenManage stuff on all the servers. You say there was a conflict? Do you have any additional documentation for that? We're getting desperate here.

New Member

Re: CSA on a Citrix server

Mike, it's been two years since I had that problem. It was with CSA 4.0 (if memory serves), so I have no documentation on it. I think it was MSVC70.DLL but I just can't remember.

If CSA is stopped but you still have problems with it, then probably one of two things is going on. 1) shims are causing problems (entries in HKLM\SYSTEM\CurrentControlSet\Services\CSAxyzabc) or 2) some file installed with CSA that conflicts with an existing file. This was the case two years back that I referred to previously. If it is the first case then you can probably set each shim reg entry to Enable==0x0000 (FALSE) so to see if that makes a difference. Check with Cisco, though, to see which of these shim entries are valid with this value set to false. I know that CSAnet is.

New Member

Re: CSA on a Citrix server

I was told there was a citrix related bug that was fixed in 4.5.1.655, so I tried the latest release of 4.5.1.657. A few servers worked better with this, but then it introduced more bugs with NICs. It seems that no matter what version of 4.5 we try to run on a Citrix server, there is always some kind of performance or communication related problem.

New Member

Re: CSA on a Citrix server

I don't believe it's the netshim, and I wouldn't disable the other CSA components just yet.

You folks may want to check your list of Untrusted applications on your machines. If you double-click on the flag, it is under System Security > Untrusted applications. This list can grow enormous (>1000) on servers with a lot of file writes. I believe performance can suffer as the list grows.

If the list is huge, you can reset it from the MC. Then change your untrusted applications tagging rules to prevent the lists from growing uncontrollably in the future.

116
Views
0
Helpful
5
Replies
This widget could not be displayed.