By supporting various network configurations, Sun Ray Clients and Oracle Virtual Desktop Clients can be deployed virtually anywhere, subject only to a sufficient quality of network service between the clients and the Sun Ray server. The most common and recommended configuration is a shared network, where the Sun Ray server and clients are part of a Local Area Network (LAN) or Wide Area Network (WAN) and where network services such as DHCP and DNS are already provided by existing servers. The default installation and configuration procedures in this document target this configuration.
A client subnet in a typical shared network configuration meets the following criteria:
DHCP services are available for Sun Ray Client IP/network configuration (Sun Ray Clients can be individually configured for static addressing using the Configuration GUI on the Sun Ray Client)
DNS services are available for resolving the Sun Ray servers providing firmware (
sunray-config-servers) and the Sun Ray servers providing sessions (sunray-servers)The subnet must be able to route to the Sun Ray servers
Sun Ray Clients can be behind a Network Address Translation (NAT) router or firewall (Sun Ray servers must not be behind a NAT router or firewall)
A Sun Ray server requires both a fixed host name and a static IP address. A Sun Ray server cannot be a DHCP client.
Figure 3.1, “Shared Network Configuration” shows an example of using a shared network for a Sun Ray environment.
Given the topology, Sun Ray traffic on shared networks is potentially exposed to an eavesdropper. Modern switched network infrastructures are far less susceptible to snooping activity than earlier shared technologies, but to obtain additional security the administrator may choose to activate the client's encryption and authentication features. These capabilities are discussed in the Security chapter in the Administration Guide.
As part of the initial installation when using the utsetup command, Sun Ray Software is automatically configured to support a shared network with external DHCP/DNS services. If you choose to manually install and configure Sun Ray Software with the individual component installation commands, you need to run the utadm -L on command to configure a shared network. This command should be run on all servers in your failover group that will provide sessions to clients. Refer to the utadm man page for more details.
Sun Ray Clients are able to provide a VPN solution for remote
users. The IPsec capability in the Sun Ray Client firmware
enables the Sun Ray Client to act as a VPN endpoint device.
The most commonly used encryption, authentication, and key
exchange mechanisms are supported, along with Cisco extensions
that enable a Sun Ray Client to interoperate with Cisco
gateways that support the Cisco EzVPN
protocol. Sun Ray Clients currently support IPSec VPN
concentrators from Cisco and Netscreen (Juniper).
For more information, see the Sun Ray Client Firmware chapter in the Administration Guide.
Sun Ray Software supports arbitrary IP MultiPathing, or IPMP. IPMP provides failure detection and transparent network access failover for a system with multiple interfaces on the same IP link. IPMP also provides load spreading of packets for systems with multiple interfaces.
This feature can be very useful on a Sun Ray server by increasing its network availability and performance. IPMP is supported only on Sun Ray servers in a shared network configuration (LAN with fully-routed subnets) and running the Solaris operating system.
For more information about the IPMP feature in Solaris and how to configure it, see the System Administration Guide: IP Services manual.
When configuring IPMP, use the if_mpadm command to test NIC failure.
The Sun Ray Software protocol is designed to operate well in conditions where other protocols would fail. However, if you detect sustained packet loss greater than 10 percent in the network, it may indicate other network problems. See Performance Tuning in the Administration Guide for help.
Network latency between any Sun Ray client and its server is an important determinant of the quality of the user experience. The lower the latency, the better; latencies under 50 milliseconds for round trip delay are preferred. However, like familiar network protocols such as TCP, the Sun Ray Client does tolerate higher latencies, but with degraded performance. Latencies up to 150 milliseconds provide usable, if somewhat sluggish, performance.
Sun Ray Clients can tolerate small occurrences of out-of-order packet delivery, such as might be experienced on an Internet or wide-area intranet connection. Current Sun Ray firmware maintains a reordering queue that restores the correct order to packets when they are received out of order.