Randomly users disconnections from RDS

Question

Hello everyone,

We've build new RDS-Farm:

1) RDCB+RDLS+RDS WebAccess
2) Session-Host
3) Session-Host
4) Session-Host
5) Session-Host

we getting strange issue, users randomly disconnected from session for one second and then they reconnect again
I did deep research and didn't find much information only some related events.

there is no network related issue and firewall also

Does anyone has any idea what it's could be?

Answer 1

                              **************Problem description**************  

we getting strange issue, users randomly disconnected from session for one second and then they reconnect again(using RDP customize file which was create by session collection)

RDS-Farm(Server 2019 version)

1) RDCB+RDLS+RDS WebAccess
2) Session-Host
3) Session-Host
4) Session-Host
5) Session-Host
6) SSL VPN

                               **************Troubleshooting steps done**************  

-RDP-TCP properties
-Encryption/Authentication settings review(TLS/SSL version supported, certificate used/Certificate attributes and among others)
-Port Allocation used for RDS/NAT port exhaustion at the FW settings review
-Dynamic Port allocation setting review
-SSL VPN is being used can be affected if there is any NAT instance in between the routing path
-Maximum connections/Limit number of connections on Group Policy settings
-Firewalls rules Server/Clients
-MTU mismatch value
-Asymmetric routing
-DNS delay or DNS flapping look up causing Asymmetric routing issues or time outs
-Confirm any network session was stuck due to ProcessID (PID)
-Packet Capture
-Bottleneck network issues(For instance: Traceroute/Tracert and so on)
-VM size upgrade if issue can be for lack for resources
-RD gateway bypass local address setting review(Not used for this)
-Turn Off UDP On Client settings
-Swap listening port On server settings

                                   **************Resolution/Workaround procedure**************                               

It's seems like clients use UDP and TCP to connect to our RDS-Farm, I took one workstation in our production and turn off UDP on his workstation by adding next registry key.

For now, this is a summary for what was checked as well as what can be taken into consideration. If you feel I am missing any details please correct me : )

Have a good one!

Cheers,

Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

Answer 2

The easiest way to fix this server side is to disabled the default "Remote Desktop - User Mode (UDP-In)" inbound firewall rule i.e effectively blocking inbound port 3389 over UDP on the server that you are trying to RDP to. Keep in mind this is in a single server config. If you have an rds farm you will probably need to disable the rule on multiple servers. I guess if you have the windows firewall disabled (Not sure why people still do this) you could block udp port 3389 on a different firewall if you have one between your clients and the server. A little help from Microsoft for a permanent fix would be nice though.

Answer 3

Hello All, Does anyone try this policy to disable UDP on the server side ?

→ Local Computer Policy
→ Computer Configuration
→ Administrative Templates
→ Windows Components
→ Remote Desktop Services
→ Remote Desktop Session Host
→ Connections
→ Select RDP transport protocols
→ Enabled
→ Use only TCP

• Do not forget to reboot to load the settings ;)

Answer 4

                                **************Problem description**************  

we getting strange issue, users randomly disconnected from session for one second and then they reconnect again(using RDP customize file which was create by session collection)

Users who works on new RDS-Farm 2019 (about 10 users) they feel this issue once in hour they get reconnecting for one second, users who still works on old RDS servers 2016 doesn't feel the issue.

RDS-Farm(Server 2019 version) >>> *****Reason code 3489660929*******

1) RDCB+RDLS+RDS WebAccess
2) Session-Host
3) Session-Host
4) Session-Host
5) Session-Host
6) SSL VPN
7) The line speed is 200/200MBps symmetric
8) No sessions flapping
9) No proxy server
10) Connection broker is standalone
11) Any ports open from ssl-vpn network to RDS-farm
12) No session persistance configured >>>(we using roaming profile so there is no need for this configuration)
13) On the site-to-site configuration all computers has the same DNS-Suffix and DNS servers as the RDS-farm domain

                            **************Troubleshooting steps done**************  

-RDP-TCP properties
-Encryption/Authentication settings review(TLS/SSL version supported, certificate used/Certificate attributes and among others)
-Port Allocation used for RDS/NAT port exhaustion at the FW settings review
-Dynamic Port allocation setting review
-SSL VPN is being used can be affected if there is any NAT instance in between the routing path
-Maximum connections/Limit number of connections on Group Policy settings
-Firewalls rules Server/Clients
-MTU mismatch value
-Asymmetric routing
-DNS delay or DNS flapping look up causing Asymmetric routing issues or time outs
-Confirm any network session was stuck due to ProcessID (PID)
-Packet Capture
-Bottleneck network issues(For instance: Traceroute/Tracert and so on)
-VM size upgrade if issue can be for lack for resources
-RD gateway bypass local address setting review(Not used for this)
-Turn Off UDP On Client settings
-Swap listening port On server settings
-VPN session rekey lifetime
-Encryption/encryption policy
-Certificate inspection policy
-Terminal Server fDenyTSConnections >> Setting review
-CVE bulletin >> https://msrc.microsoft.com/update-guide/vulnerability/CVE-2019-1226
-Remote Desktop Session Host Configuration" doesn't exist anymore in newest windows server versions.
-Registry key settings review
-windows firewall is disabled on all session-hosts

                                **************Resolution/Workaround procedure**************    

Pending to perform:
the windows firewall is disabled on all session-hosts
but we will disable port 3389 UDP on external firewall

                                          **************Observed**************  

• TCP-OUT-OF order packets observed on the packet capture when session was ongoing or issue replication

If you feel I am missing any details please correct me or do not hesitate to let me know

Have a good one!

Cheers,

Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

Answer 5

In case someone still has this issue with problems with UDP over RDP, my issue was driver related specific to server 2022. Nutanix Virtio drivers previous to 1.1.7 had this issue as outlined in their KB. After updating the driver and enabling the allow rule again, I was able to keep a steady rdp connection via udp. If any one else is seeing this issue and is using a KVM hypervisor, it might be a good idea to check for the latest drivers.