WAAS 4.1.1.23 secured_client detected
why is the above error regarded as a major error? when it is an information message only.
It means there is a secured mapi client detected
also I cannot find the release notes for WAAS 4.1.1a.10 I take it there are some fixes not in 4.1.1.23
The release notes for 4.1.1a10 are included in the general 4.1.1 notes. See http://www.cisco.com/en/US/docs/app_ntwk_services/waas/waas/v411/release/notes/ws411rn.html
I took a look at that alarm and it is documented that it is a major level. If you have MAPI enabled, the product is telling you it cannot accelerate these clients. So do you have some of your clients encrypted and some not? If this is common and it continues to cause the alarm to show, I'm sure we can submit a request to make the alarm informational only.
Dan
Similar Messages
-
WAAS and WCCP - looping packet detected
Hi,
Has anyone ran into this senario before. Before anyone answers with "move your WAE off the user subnet", it already has been.
I have wccp 61 redirect in on the user subnet (gig0/0.83 of a dot1q trunk). The WAE is on gig0/1. Before I apply wccp62 to the serial link, I attempt to telnet from a user pc to the router (same subnet, clients default gateway), and the telnet fails. I get a "looping packet detected" on the router console. It shows the source of the packet as the router (wccp router id actually), and the destination ip of the WAE, but the packet came in gig0/1 (interface connected to wae). Obviously the WAE returned the packet to the router (with the original GRE headers, (router as source)). I thought WCCP would understand this as "don't redirect this traffic to me anymore", but the router, actually tries to route it back down gig0/1 and then sees it as a looping packet. I believe the WAE is returning the encapsulated packet to the router to indicate it doesn't want the flow, and the router is attempting to route the GRE packet, instead of realizing it should remove the GRE header and route the internal packet. Router is IOS 12.4(12) as recommended by my Cisco engineer. 2821 router.
For kicks, I continue the WCCP setup on the datatcenter side. As expected, it doesn't work. When I apply the WCCP to the datacenter router (only redirecting lab subnet), the entire lab subnet is unreachable via TCP (but icmp still works as expected).
The WCCP configuration isn't very complex, I can't believe its something I'm doing. I think its a code issue.
Any advise?no "out" anywhere. The LAB router has a WAE list to only allow redirect to the lab WAE. I don't even need the 62 in on the WAN side, just applying 61 in on the LAN side breaks telnet to the router.
LOOPING PACKET DETECTION:
from router console
Feb 27 14:56:32.924: %IP-3-LOOPPAK: Looping packet detected and dropped -
src=132.242.11.18, dst=153.61.83.70, hl=20, tl=76, prot=47, sport=0, dport=0
in=GigabitEthernet0/1, nexthop=153.61.83.70, out=GigabitEthernet0/1
options=none -Process= "IP Input", ipl= 0, pid= 77 -Traceback= 0x410F6978 0x415CC960 0x415CDC60 0x415BBB38 0x415BCF18 0x415BD27C 0x415BD2FC 0x415BD4E8
Router configuration:
ip wccp 61 redirect-list REDIRECT-WAAS-SUBNETS-61 group-list remote-waas-box
interface Loopback0
ip address 132.242.11.18 255.255.255.255
h323-gateway voip bind srcaddr 132.242.11.18
interface GigabitEthernet0/0.83
description << data vlan 83 >>
encapsulation dot1Q 83
ip address 153.61.83.3 255.255.255.192
ip helper-address 192.127.250.22
ip helper-address 149.25.1.182
no ip proxy-arp
ip wccp 61 redirect in
standby 83 ip 153.61.83.1
standby 83 priority 200
standby 83 preempt
standby 83 track Serial0/1/0:0.99 100
interface GigabitEthernet0/1
description << WHQ LAB CE connection >>
ip address 153.61.83.65 255.255.255.192
load-interval 30
duplex full
speed 100
ip access-list standard remote-waas-box
permit 153.61.83.70
ip access-list extended REDIRECT-WAAS-SUBNETS-61
permit ip 153.61.83.0 0.0.0.63 any
WAE configuration:
device mode application-accelerator
primary-interface GigabitEthernet 1/0
interface GigabitEthernet 1/0
ip address 153.61.83.70 255.255.255.192
no autosense
bandwidth 100
full-duplex
exit
wccp router-list 1 153.61.83.65
wccp tcp-promiscuous router-list-num 1
wccp version 2
wccp slow-start enable -
I am receiving this error in my syslog, every couple weeks or so. It causes a flap between our two inline WAEs. Have an idea what can be causing this? syslog is below, start from the bottom up.
2011-03-10 10:30:08 Kernel Error 10.0.100.26 2011 Mar 10 15: kernel: %WAAS-SYS-3-900000: e1000bp: eth4: e1000bp_watchdog: NIC Link is Up 1000 Mbps Full Duplex
2011-03-10 10:30:06 Kernel Error 10.0.100.26 2011 Mar 10 15: kernel: %WAAS-SYS-3-900000: e1000bp: eth5: e1000bp_watchdog: NIC Link is Up 1000 Mbps Full Duplex
2011-03-10 10:30:02 Kernel Warning 10.0.100.26 2011 Mar 10 15: kernel: %WAAS-SYS-4-900000: next_to_watch.status <0>
2011-03-10 10:30:02 Kernel Warning 10.0.100.26 2011 Mar 10 15: kernel: %WAAS-SYS-4-900000: jiffies <2b900a9e1>
2011-03-10 10:30:02 Kernel Warning 10.0.100.26 2011 Mar 10 15: kernel: %WAAS-SYS-4-900000: next_to_watch <91>
2011-03-10 10:30:02 Kernel Warning 10.0.100.26 2011 Mar 10 15: kernel: %WAAS-SYS-4-900000: time_stamp <2b9008c71>
2011-03-10 10:30:02 Kernel Warning 10.0.100.26 2011 Mar 10 15: kernel: %WAAS-SYS-4-900000: buffer_info[next_to_clean]
2011-03-10 10:30:02 Kernel Warning 10.0.100.26 2011 Mar 10 15: kernel: %WAAS-SYS-4-900000: next_to_clean <91>
2011-03-10 10:30:02 Kernel Warning 10.0.100.26 2011 Mar 10 15: kernel: %WAAS-SYS-4-900000: next_to_use <7e>
2011-03-10 10:30:02 Kernel Warning 10.0.100.26 2011 Mar 10 15: kernel: %WAAS-SYS-4-900000: TDT <7e>
2011-03-10 10:30:02 Kernel Warning 10.0.100.26 2011 Mar 10 15: kernel: %WAAS-SYS-4-900000: TDH <91>
2011-03-10 10:30:02 Kernel Warning 10.0.100.26 2011 Mar 10 15: kernel: %WAAS-SYS-4-900000: Tx Queue <0>
2011-03-10 10:30:02 Kernel Error 10.0.100.26 2011 Mar 10 15: kernel: %WAAS-SYS-3-900000: e1000bp: eth5: e1000bp_clean_tx_irq: Detected Tx Unit HangHere is the output from the show alarms hist, also there are no visual LED problem with the device.
Op Sev Alarm ID Module/Submodule Instance
1 C Mi servicedead nodemgr cms_ce
Mar 7 15:00:41.435 EST, Processing Error Alarm, #000008, 2000:330004
nodemgr: The cms_ce service died.
2 R Mi servicedead nodemgr cms_ce
Mar 7 15:00:31.233 EST, Processing Error Alarm, #000008, 2000:330004
nodemgr: The cms_ce service died.
3 C Mi servicedead nodemgr device_mgr
Feb 2 11:31:45.484 EST, Processing Error Alarm, #000007, 2000:330004
nodemgr: The device_mgr service died.
4 R Mi servicedead nodemgr device_mgr
Feb 2 11:31:35.282 EST, Processing Error Alarm, #000007, 2000:330004
nodemgr: The device_mgr service died.
5 C Mi servicedead nodemgr device_mgr
Jan 22 20:39:47.480 EST, Processing Error Alarm, #000006, 2000:330004
nodemgr: The device_mgr service died.
6 R Mi servicedead nodemgr device_mgr
Jan 22 20:39:37.276 EST, Processing Error Alarm, #000006, 2000:330004
nodemgr: The device_mgr service died. -
WAAS hardware is OE612, but Rescue Disk detects model as OE512
I've had this issue with 2 RMA'd OE612s already. They originally shipped with 4.0.19, which worked fine, but failed on upgrade to 4.2.1.
Recovery attempt #1 with 4.0.19 Rescue disk displayed :
/* Style Definitions */
table.MsoNormalTable
{mso-style-name:"Table Normal";
mso-tstyle-rowband-size:0;
mso-tstyle-colband-size:0;
mso-style-noshow:yes;
mso-style-priority:99;
mso-style-qformat:yes;
mso-style-parent:"";
mso-padding-alt:0in 5.4pt 0in 5.4pt;
mso-para-margin:0in;
mso-para-margin-bottom:.0001pt;
mso-pagination:widow-orphan;
font-size:11.0pt;
font-family:"Calibri","sans-serif";
mso-ascii-font-family:Calibri;
mso-ascii-theme-font:minor-latin;
mso-fareast-font-family:"Times New Roman";
mso-fareast-theme-font:minor-fareast;
mso-hansi-font-family:Calibri;
mso-hansi-theme-font:minor-latin;
mso-bidi-font-family:"Times New Roman";
mso-bidi-theme-font:minor-bidi;}
MODEL: UNKNOWN
FLASH: found, directory validated
COOKIE: invalid
IMAGE: NONE
FLASHDEV: /dev/hda
Installer Main Menu:
1. Configure Network
2. Manufacture flash
3. Install flash cookie
4. Install flash image from network
5. Install flash image from cdrom
6. Install flash image from disk
7. Wipe out disks and install .bin image
8. Exit (and reboot)
Choice [0]: 3
Unknown model, cannot create cookie.
Subsequent Recovery procedures using Rescue disks from 4.1.7 and 4.2.1 detected the Model as OE512. Option 2 creates a cookie as a MODEL OE512, which I wrote with option 3. Option 5 works, but trying to write the bin image on 4.1.7 displays this
/* Style Definitions */
table.MsoNormalTable
{mso-style-name:"Table Normal";
mso-tstyle-rowband-size:0;
mso-tstyle-colband-size:0;
mso-style-noshow:yes;
mso-style-priority:99;
mso-style-qformat:yes;
mso-style-parent:"";
mso-padding-alt:0in 5.4pt 0in 5.4pt;
mso-para-margin:0in;
mso-para-margin-bottom:.0001pt;
mso-pagination:widow-orphan;
font-size:11.0pt;
font-family:"Calibri","sans-serif";
mso-ascii-font-family:Calibri;
mso-ascii-theme-font:minor-latin;
mso-fareast-font-family:"Times New Roman";
mso-fareast-theme-font:minor-fareast;
mso-hansi-font-family:Calibri;
mso-hansi-theme-font:minor-latin;
mso-bidi-font-family:"Times New Roman";
mso-bidi-theme-font:minor-bidi;}
Choice [0]: 8
Enter full URL of .bin image to install.
ftp://[user:pass@]ip_addr/path/to/file
http://[user:pass@]ip_addr/path/to/file
file:/local/path/to/to/file
URL for .bin image [file:/cdrom/images/WAAS41.bin]:
Continue? This will wipe out all disks! [n]: y
Scrogging done
Saving random seed...
dd: opening `/state/random-seed': No such file or directory
No volume groups found
/ruby/bin/ruby_disk: First disk is missing, bad, marked bad, disabled via shutdown, or it has unknown data.
/ruby/bin/ruby_disk: Second disk is bad, missing, or shutdown; bailing out
/ruby/bin/ruby_disk: First disk is missing, bad, marked bad, disabled via shutdown, or it has unknown data.
/ruby/bin/ruby_disk: Second disk is bad, missing, or shutdown; bailing out
ssmgr: open(/state/safestate, O_WRONLY|O_CREAT) failed: No such file or directory
ssmgr: op_open or media_open
ssmgr: open(/state/safestate, O_WRONLY|O_CREAT) failed: No such file or directory
ssmgr: open(/state/safestate, O_WRONLY|O_CREAT) failed: No such file or directory
ssmgr: op_create or media_init
SSMGR RETURNING: 10 (No such file or directory)
Reading and installing image, it may take a few minutes, please wait...
Error, image NOT installed.
MODEL: OE512
FLASH: found, directory validated
COOKIE: valid
IMAGE: 4.1.7.11
FLASHDEV: /dev/sda
Installer Main Menu:
1. Configure Network (done)
I suspect that the Installer program on the Rescue CD can't detect the Hardware properly, and thus can't find the proper drivers for the platform.
Is there any manual method of forcing the Rescue CD Installer to use a particular hardware model?
Thanks,
TomHi Zach,
>What led you to change the Adaptec configuration?
I was directed to do so by TAC, although I wasn't sure why, since our other WAE-612-k9s didn't have this option enabled.
>What is the state of the device prior to upgrading? Does the WAAS software boot?
After disabling the hardware raid, the WAE could run any 4.0.x version, but could not upgrade to 4.1/4.2. I tried both the "rescue CDs" for 4.1/4.2, and the "copy ftp install" methods. "Rescue CDs" would work right up to the option for "wipe disks and install .bin" image, but would report "no disks" as shown above. The "copy ftp install" from version 4.0.27 would install the 4.2.1.38 image, but upon reboot, it would fail during the boot sequence
/* Style Definitions */
table.MsoNormalTable
{mso-style-name:"Table Normal";
mso-tstyle-rowband-size:0;
mso-tstyle-colband-size:0;
mso-style-noshow:yes;
mso-style-priority:99;
mso-style-qformat:yes;
mso-style-parent:"";
mso-padding-alt:0in 5.4pt 0in 5.4pt;
mso-para-margin-top:0in;
mso-para-margin-right:0in;
mso-para-margin-bottom:10.0pt;
mso-para-margin-left:0in;
line-height:115%;
mso-pagination:widow-orphan;
font-size:11.0pt;
font-family:"Calibri","sans-serif";
mso-ascii-font-family:Calibri;
mso-ascii-theme-font:minor-latin;
mso-hansi-font-family:Calibri;
mso-hansi-theme-font:minor-latin;
mso-bidi-font-family:"Times New Roman";
mso-bidi-theme-font:minor-bidi;}
/* Style Definitions */
table.MsoNormalTable
{mso-style-name:"Table Normal";
mso-tstyle-rowband-size:0;
mso-tstyle-colband-size:0;
mso-style-noshow:yes;
mso-style-priority:99;
mso-style-qformat:yes;
mso-style-parent:"";
mso-padding-alt:0in 5.4pt 0in 5.4pt;
mso-para-margin:0in;
mso-para-margin-bottom:.0001pt;
mso-pagination:widow-orphan;
font-size:11.0pt;
font-family:"Calibri","sans-serif";
mso-ascii-font-family:Calibri;
mso-ascii-theme-font:minor-latin;
mso-fareast-font-family:"Times New Roman";
mso-fareast-theme-font:minor-fareast;
mso-hansi-font-family:Calibri;
mso-hansi-theme-font:minor-latin;
mso-bidi-font-family:"Times New Roman";
mso-bidi-theme-font:minor-bidi;}
Frustrated, I looked at the boot logs and might have found an issue. On the "faulty" WAE-612, the boot script detects two SCSI adapters; only one shows up in BIOS POST.
The first adapter (Adaptec AIC79XX) has no drives, but is assigned the device name "scsi0"
Under the second adapter(Adaptec AIC94XX), the Hard disks are detected, and it's assigned a device name of "scsi1"
ACPI: PCI Interrupt 0000:03:03.0[A] -> GSI 17 (level, low) -> IRQ 17
scsi0 : Adaptec AIC79XX PCI-X SCSI HBA DRIVER, Rev 2.0.30
aic7901: Ultra320 Wide Channel A, SCSI Id=7, PCI-X 67-100Mhz, 512 SCBs
Adaptec aacraid driver 1.1-5[24495]custom-IBM
Loading AIC-94xx Linux SAS/SATA Family Driver, Rev: 1.0.8-12
Probing Adaptec AIC-94xx Controller(s)...
ACPI: PCI Interrupt 0000:03:04.0[A] -> GSI 19 (level, low) -> IRQ 19
scsi1 : Adaptec AIC-9405W SAS/SATA Host Adapter
scsi 1:0:128:0: Direct-Access IBM-ESXS ST3146755SS BA33 PQ: 0 ANSI: 5
adp94xx:0:128:0: Tagged Queuing enabled. Depth 32
scsi 1:1:128:0: Direct-Access IBM-ESXS ST3146755SS BA33 PQ: 0 ANSI: 5
adp94xx:1:128:0: Tagged Queuing enabled. Depth 32
AIC-94xx controller(s) attached = 1.
To contrast, our functioning WAE-612s do not have this second detected Adaptec host adapter, and are properly assigned a "scsi0" for their device name.
Adaptec aacraid driver 1.1-5[24495]custom-IBM
Loading AIC-94xx Linux SAS/SATA Family Driver, Rev: 1.0.8-12
Probing Adaptec AIC-94xx Controller(s)...
ACPI: PCI Interrupt 0000:03:04.0[A] -> GSI 19 (level, low) -> IRQ 19
scsi0 : Adaptec AIC-9405W SAS/SATA Host Adapter
scsi 0:0:128:0: Direct-Access IBM-ESXS MBA3300RC SA06 PQ: 0 ANSI: 5
adp94xx:0:128:0: Tagged Queuing enabled. Depth 32
scsi 0:1:128:0: Direct-Access IBM-ESXS MBA3300RC SA06 PQ: 0 ANSI: 5
adp94xx:1:128:0: Tagged Queuing enabled. Depth 32
AIC-94xx controller(s) attached = 1.
On our faulty WAE-612, in the section that tries to mount the detected drives, it appears that the script is looking for the physical drives under the "scsi0" device name, using the AIC94XX driver.. .
2010 Jul 8 08:58:41 (none) kernel: %WAAS-SYS-3-900000: Attached scsi disk sda a
t scsi1, channel 0, id 128, lun 0
2010 Jul 8 08:58:41 (none) kernel: %WAAS-SYS-3-900000: Attached scsi disk sdb a
t scsi1, channel 1, id 128, lun 0
2010 Jul 8 08:58:41 (none) kernel: %WAAS-SYS-3-900000: Attached scsi removable
disk sdc at scsi2, channel 0, id 0, lun 0
BOOT-100: disk apply
scan_612_disk_map: Can't open . Errno=2
change_disknum_612 failed!
/ruby/bin/ruby_disk: First disk is missing, bad, marked bad, disabled via shutdo
wn, or it has unknown data.
/ruby/bin/ruby_disk: Second disk is bad, missing, or shutdown; bailing out
I'm guessing this fails because there are no physical drives on "scsi0", they are assigned on "scsi1". If the disk mapping script would've tried , I think the drives would've been mounted properly.
I was hoping there was a modified script out there somewhere, but after our 3rd RMA'd WAE exhibited the same characteristics (these were all in Chennai India), I directed the onsite tech to remove the Adaptec 29320ALP UltrasSCSI adapter.
With the adapter removed, the 4.2.1.38 code installed and booted properly.
When I forwarded my results to TAC, our Rep mentioned that the WAE-612-k9 ships with both ACNS and WAE capabilities. He said that ACNS uses that additonal SCSI card.
I'm fairly sure our configuration is not unique; our environment consists of 32 WAEs, and this is the first time that I've encountered this issue.
I'm just happy it's resolved now.
Thanks for your insight, Zach
Tom -
WAAS - WAE-512-K9 - SATA2 250 GB Hard disk not detecting
We had installed new WAE-512-K9 having 2*SATA2 250GB Hard disk as edge box in one of the branch. But during configuration, we have notified that both the hard disks are not getting detected. Both the disks 00 & 01 are inserted in the respective slots as mentioned in the cisco document. Hard disk LEDs are glowing intially when the device boots up, but later there is no LED indication. Please help me in resolving this issue.
Hi Tammy,
The only thing you need is - disk delete-data-partitions once the unit reboots after the memory upgrade. This command re-aligns the CIFS and DRE partition to match with 8GB memory. This command should retain the software and config on the device, only repartition the caching partitions. Not sure what may have went wrong but it seems like at this moment you may want to re-install image using copy ftp install command on WAE. Other than that, your disks look helthy.
Regards. -
WAAS Express devices went offline in Central manager
Hi all,
after a long time i have a new issue in our WAAS environment.
We're running several WAAS Express devices.
And a few weeks ago i integrated them into our WAAS Central Manager.
The registration of WAAS Express device was done on basis of "waasx_deployment_guide_120910.pdf"
Now when i came back from christmas holiday i detected that all of them became offline again in CM.
Activating as well as replacing did not work, cause the router detected that the device is still registered.
i got the following output after this:
Jan 10 15:30:37: %WAAS-3-WAAS_CM_REGISTER_FAILED: IOS-WAAS registration with Central Manager failed for the following reason: Registration r
ecord for this device already exists or other devices share certificate or mac address or ip address with this device. Failed to process reg
istration request initiated from 10.11.176.1
Jan 10 15:30:37: %WAAS-3-WAAS_CM_REGISTER_FAILED: IOS-WAAS registration with Central Manager failed for the following reason: Registration r
ecord for this device already exists or other devices share certificate or mac address or ip address with this device. Failed to process reg
istration request initiated from 10.11.176.1
Now to my questions:
How can i set the WAASxpress router to Status active again on CM?
What could be the reason why the WAAS express device became offline?
thanks for your feedback in advance
DieterHi Dieter,
i am just curious to know what made the WAAS express go offline. Even if you open a TAC case, TAC is going to ask this question.
1. Was there any IOS upgrade performed on routers?
2. Was the routers reloaded for any reason?
3. If you are using AAA / TACACS, any changes like upgrade / renewal of certificates on them?
This information will help you narrow down the problem quickly. If you can share above information, we might be able to move something for you.
Regards. -
WAAS 4.1 not identifying disk00
Dear friends,
I got two units of WAE-512 with ACNS 5.5.9 software built-in. I downloaded the WAAS 4.1.1c build b16 Rescue CD and, after installed it, my disk00 is displayed with the following status:
"disk00: Not present or not responding".
Previously, with ACNS, both disks (00 and 01) were quite good.
What could be happening? I tested with both appliances and got the same result.
My platform is WAE-512 with 2 GB of RAM and 2 disks of 250 GB each.
I appreciate your help as soon as possible.
Best regards,
Mauricio Harleydid you follow this
Step 1 Enter the disk disk-name diskxx replace command in EXEC mode at the WAAS CLI on the WAE.
Step 2 Verify that the disk drive diskxx is in the Defunct state by entering the show disks details command in EXEC mode. The RAID logical drive is in the Critical state at this point.
Step 3 Move the handle on the drive to the open position (perpendicular to the drive).
Step 4 Pull the hot-swap drive assembly from the bay.
Step 5 Wait for one minute and then insert the new drive into the same slot by aligning the replacement drive assembly with guide rails in the bay and sliding the drive assembly into the bay until it stops. Make sure that the drive is properly seated in the bay.
Step 6 Close the drive handle.
Step 7 Check the hard disk drive status LED to verify that the hard disk drive is operating correctly. If the amber hard disk drive status LED for a drive is lit continuously, that drive is faulty and must be replaced. If the green hard disk drive activity LED is flashing, the drive is being accessed.
Step 8 Wait 1 minute and then verify that the replaced disk drive is in the Rebuilding state by using the show disks details command in EXEC mode.
Note The ServeRAID controller automatically starts the rebuild operation when it detects the removal and reinsertion of a drive that is part of the logical RAID drive.
Step 9 Wait until the rebuild operation is complete. You can check if the rebuild operation is complete by using the show disks details command in EXEC mode. The physical drive state will be Online and the RAID logical drive state will be Okay after the rebuild operation is completed.
A 300-GB SAS drive may take up to 5 hours to finish rebuilding.
If you have multiple disk failures and your RAID-5 logical status is Offline, you must recreate the RAID-5 array by following these steps:
Step 1 Enter the disk logical shutdown command in global configuration mode to disable the RAID-5 array.
Step 2 Enter the write command in EXEC mode to save the running configuration to NVRAM.
Step 3 Enter the reload command in EXEC mode to reload the system.
Step 4 Enter the show disks details command in EXEC mode to check the system configuration after the system is rebooted. At this point, the disks are not mounted and the logical RAID drive should be in the Shutdown state.
Step 5 Enter the disk recreate-raid command in EXEC mode to recreate the RAID-5 array.
Step 6 After successful execution of the previous command, enter the no disk logical shutdown command in global configuration mode to disable the logical disk shutdown configuration.
Step 7 Enter the write command in EXEC mode to save the configuration to NVRAM.
Step 8 Enter the reload command in EXEC mode to reload the system.
Step 9 Enter the show disks details command in EXEC mode to check the system configuration after the system is rebooted. At this point, the disks should be mounted and the logical RAID drive should not be in the Shutdown state.
Step 10 Wait until the rebuild operation is complete. You can check if the rebuild operation is complete by using the show disks details command in EXEC mode. The physical drive state will be Online and the RAID logical drive state will be Okay after the rebuild operation is completed. -
I am just in the process of deploying WAAS across our network. I have found that when the WAN router that is running WCCP has been configured for HSRP and is the active router i see the following
If I try and telnet to the HSRP standby address it does not connect and I get the following error message :
Jan 30 18:04:36.930 AU-Summ: %IP-3-LOOPPAK: Looping packet detected and dropped
src=172.16.33.254, dst=172.16.9.251, hl=20, tl=72, prot=47, sport=0, dport=0
in=GigabitEthernet0/0.9, nexthop=172.16.9.251, out=GigabitEthernet0/0.9
options=none
-Process= "IP Input", ipl= 0, pid= 82
-Traceback= 0x611B33C0 0x616A0FD4 0x616A11E0 0x616A1C14 0x616A1FE4 0x6168D09C 0x
6168E880 0x6168C384 0x6168C648 0x6168C704 0x6168C8A8
f I telnet to the actual router address then ok.
is this a Bug?just seen other question about HSRP and tried the
"egress-method negotiated-return intercept-method wccp' command but made no difference
see router interface configuration below
Note if no HSRP then no problem
interface Loopback0
ip address 172.16.33.254 255.255.255.255
interface GigabitEthernet0/0
description trunk to Cat 6509
bandwidth 100000
no ip address
duplex auto
speed auto
media-type rj45
negotiation auto
ntp broadcast
interface GigabitEthernet0/0.1
encapsulation dot1Q 1 native
ip address 172.16.1.100 255.255.255.0
no snmp trap link-status
interface GigabitEthernet0/0.2
encapsulation dot1Q 2
ip address 172.16.2.250 255.255.255.0
ip wccp 61 redirect in
ip flow egress
no snmp trap link-status
interface GigabitEthernet0/0.3
encapsulation dot1Q 3
ip address 172.16.3.250 255.255.255.0
ip wccp 61 redirect in
no snmp trap link-status
interface GigabitEthernet0/0.5
encapsulation dot1Q 5
ip address 172.16.5.252 255.255.255.0
ip wccp 61 redirect in
ip pim sparse-mode
no snmp trap link-status
standby 5 ip 172.16.5.254
standby 5 preempt
service-policy input prec
interface GigabitEthernet0/0.6
encapsulation dot1Q 6
ip address 172.16.6.252 255.255.255.0
ip helper-address 172.16.5.228
ip accounting output-packets
ip wccp 61 redirect in
ip pim sparse-mode
no snmp trap link-status
standby 6 ip 172.16.6.254
standby 6 preempt
service-policy input prec
interface GigabitEthernet0/0.7
encapsulation dot1Q 7
ip address 172.16.7.252 255.255.255.0
ip helper-address 172.16.5.228
ip wccp 61 redirect in
ip pim sparse-mode
no snmp trap link-status
standby 7 ip 172.16.7.254
standby 7 priority 105
standby 7 preempt
service-policy input prec
interface GigabitEthernet0/0.9
description testlan for WAAS
encapsulation dot1Q 9
ip address 172.16.9.254 255.255.255.0
ip wccp redirect exclude in
no snmp trap link-status -
Hi ,
I've problem with some waas device of my infrastructure .
the version i 4.4.1.
when I check the statistic I see that Optimization is null.
waasballdre1#show statistics conn
Current Active Optimized Flows: 0
Current Active Optimized TCP Plus Flows: 0
Current Active Optimized TCP Only Flows: 0
Current Active Optimized TCP Preposition Flows: 0
Current Active Auto-Discovery Flows: 4
Current Reserved Flows: 10
Current Active Pass-Through Flows: 26
Historical Flows: 85
O-ST: Origin State, T-ST: Terminal State
E: Established, S: Syn, A: Ack, F: Fin, R: Reset
s: sent, r: received, O: Options, P: Passthrough
Local IP:Port Remote IP:Port Peer ID O-ST T-ST ConnType
10.2.144.11:80 10.20.21.42:4256 N/A Sr Sso EXTERNAL CLIENT
10.2.144.12:80 10.20.21.42:4261 N/A Sr Sso EXTERNAL CLIENT
10.2.144.11:80 10.20.21.42:2343 N/A Sr Sso EXTERNAL CLIENT
10.2.144.12:80 10.20.21.42:2347 N/A Sr Sso EXTERNAL CLIENT
Local IP:Port Remote IP:Port Peer ID ConnType
150.217.21.17:1137 10.1.144.73:4637 N/A PT In Progress
10.9.144.44:50352 10.9.21.42:2000 N/A PT In Progress
150.217.21.17:1137 10.1.144.78:1548 N/A PT In Progress
150.217.21.17:1137 10.1.144.88:3140 N/A PT In Progress
192.86.102.121:80 10.1.144.86:3620 N/A PT No Peer
150.217.21.17:1137 10.1.144.83:4067 N/A PT In Progress
10.9.21.42:2000 10.9.144.32:15133 N/A PT In Progress
10.1.144.86:3620 192.86.102.121:80 N/A PT No Peer
I have controlled the application policy and now is identical to other device that it good work .
what can I do?
thanks.
RobertoHi Ahmad,
in the step 1 is ok and I've post the output:
al-balldre#sh ip wccp 61 detail
WCCP Client information:
WCCP Client ID: 10.5.144.33
Protocol Version: 2.0
State: Usable
Initial Hash Info: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
Assigned Hash Info: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
Hash Allotment: 256 (100.00%)
Packets s/w Redirected: 392369
Connect Time: 03:30:42
Bypassed Packets
Process: 0
Fast: 0
CEF: 0
al-balldre#sh ip wccp 62 detail
WCCP Client information:
WCCP Client ID: 10.5.144.33
Protocol Version: 2.0
State: Usable
Initial Hash Info: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
Assigned Hash Info: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
Hash Allotment: 256 (100.00%)
Packets s/w Redirected: 459781
Connect Time: 03:30:47
Bypassed Packets
Process: 0
Fast: 0
CEF: 0
al-balldre#
and in the interface is all configuired with any site (I've check).
THE TEST
waasballdre1#sh statistics connection | in 10.1.144.243
10.1.144.243:2472 10.1.21.41:445 N/A PT No Peer
yes I'm using wccp gre
waasballdre1#sh wccp gre
Transparent GRE packets received: 1324923
Transparent non-GRE packets received: 0
Transparent non-GRE non-WCCP packets received: 0
Total packets accepted: 896070
Invalid packets received: 19
Packets received with invalid service: 0
Packets received on a disabled service: 0
Packets received too small: 0
Packets dropped due to zero TTL: 0
Packets dropped due to bad buckets: 0
Packets dropped due to no redirect address: 0
Packets dropped due to loopback redirect: 0
Pass-through pkts on non-owned bucket: 0
Connections bypassed due to load: 0
Packets sent back to router: 0
GRE packets sent to router (not bypass): 0
Packets sent to another WAE: 0
GRE fragments redirected: 0
GRE encapsulated fragments received: 2840
Packets failed encapsulated reassembly: 0
Packets failed GRE encapsulation: 0
Packets dropped due to invalid fwd method: 0
Packets dropped due to insufficient memory: 0
Packets bypassed, no pending connection: 0
Connections bypassed during wccp shutdown: 0
Connections bypassed due to bypass-list lookup:0
Conditionally Accepted connections: 0
Conditionally Bypassed connections: 0
L2 Bypass packets destined for loopback: 0
Packets w/WCCP GRE received too small: 0
Packets dropped due to received on loopback: 2
Packets dropped due to IP access-list deny: 0
Packets fragmented for bypass: 0
Packets fragmented for egress: 0
Packet pullups needed: 0
Packets dropped due to no route found: 0
waasballdre1#
waasballdre1#show egress-methods
Intercept method : WCCP
WCCP negotiated return method : WCCP GRE
Egress Method Egress Method
Destination Configured Used
any IP Forwarding IP Forwarding
Intercept method : Generic L2
Egress Method Egress Method
Destination Configured Used
any not configurable IP Forwarding
waasballdre1#
----------part of configuration of my waas
sh run:
wccp router-list 1 10.5.144.1
wccp tcp-promiscuous service-pair 61 62 failure-detection 30
wccp tcp-promiscuous service-pair 61 62 router-list-num 1
wccp version 2
nota : I've copy one file in the PC of the Balldre from my server in the center site . when the copy is finished , I've paste again and the time for the copy is the same.
The waas does not cache.
thanks.
R -
Cisco Catalyst 4503 + WAAS with WCCP
Hello community!
Do I need to intercept traffic with WCCP on a Cisco Catalyst 4503! Does anyone have a sample configuration for this scenario?
I tried several settings, but without success.
I have this alarm in Cisco WAAS:
WCCP router 10.10.10.10 unusable for service id: 62 reason: Assignment method mismatch with router
Thank's
David ThimottiWCCP router 10.10.10.10 unusable for service id: 62 reason: Assignment method mismatch with router
That indicates your WAAS device is sending an assignment method (probably HASH) that is not supported by this 4500.
In the 4500 scenario WAAS must be L2 adjacent, and configured for L2-redirect and MASK assignment, and L2-return (if your version of WAAS supports it).
http://www.cisco.com/en/US/partner/docs/switches/lan/catalyst4500/12.2/15.02SG/configuration/guide/wccp.html#wp1000978
I'm not sure what version of WAAS you are running.
If running WAAS 5.x your config will look like this (since the defaults are l2-redirct, mask, and l2 return).
wccp router-list 1 10.10.10.10
wccp tcp-promiscuous service-pair 61 62
router-list-num 1
enable
exit
http://www.cisco.com/en/US/docs/app_ntwk_services/waas/waas/v531/command/reference/glob_cfg.html#wp2067854
If running WAAS 4.x your config will look like this:
wccp version 2
wccp router-list 1 10.10.10.10
wccp tcp-promiscuous service-pair 61 62 failure-detection 30
wccp tcp-promiscuous service-pair 61 62 router-list-num 1
wccp tcp-promiscuous service-pari 61 62 l2-redirect mask-assign l2-return
http://www.cisco.com/en/US/docs/app_ntwk_services/waas/waas/v441/command/reference/glob_cfg.html#wp2067854 -
WAAS and WCCP router selection
Hi
Is there some information about that how much of wccp traffic can be handled by different model of routers?
I'm not looking for throughput report like Process\CEF switching per routers but I would like to see some info about wccp treshold on each models, what's the maximum amount of redirected traffic what the router can handle?
thanksno "out" anywhere. The LAB router has a WAE list to only allow redirect to the lab WAE. I don't even need the 62 in on the WAN side, just applying 61 in on the LAN side breaks telnet to the router.
LOOPING PACKET DETECTION:
from router console
Feb 27 14:56:32.924: %IP-3-LOOPPAK: Looping packet detected and dropped -
src=132.242.11.18, dst=153.61.83.70, hl=20, tl=76, prot=47, sport=0, dport=0
in=GigabitEthernet0/1, nexthop=153.61.83.70, out=GigabitEthernet0/1
options=none -Process= "IP Input", ipl= 0, pid= 77 -Traceback= 0x410F6978 0x415CC960 0x415CDC60 0x415BBB38 0x415BCF18 0x415BD27C 0x415BD2FC 0x415BD4E8
Router configuration:
ip wccp 61 redirect-list REDIRECT-WAAS-SUBNETS-61 group-list remote-waas-box
interface Loopback0
ip address 132.242.11.18 255.255.255.255
h323-gateway voip bind srcaddr 132.242.11.18
interface GigabitEthernet0/0.83
description << data vlan 83 >>
encapsulation dot1Q 83
ip address 153.61.83.3 255.255.255.192
ip helper-address 192.127.250.22
ip helper-address 149.25.1.182
no ip proxy-arp
ip wccp 61 redirect in
standby 83 ip 153.61.83.1
standby 83 priority 200
standby 83 preempt
standby 83 track Serial0/1/0:0.99 100
interface GigabitEthernet0/1
description << WHQ LAB CE connection >>
ip address 153.61.83.65 255.255.255.192
load-interval 30
duplex full
speed 100
ip access-list standard remote-waas-box
permit 153.61.83.70
ip access-list extended REDIRECT-WAAS-SUBNETS-61
permit ip 153.61.83.0 0.0.0.63 any
WAE configuration:
device mode application-accelerator
primary-interface GigabitEthernet 1/0
interface GigabitEthernet 1/0
ip address 153.61.83.70 255.255.255.192
no autosense
bandwidth 100
full-duplex
exit
wccp router-list 1 153.61.83.65
wccp tcp-promiscuous router-list-num 1
wccp version 2
wccp slow-start enable -
WAAS wccp tcp-promiscuous service-pair configuration question
I have a WAE 512 that I upgraded to 4.5.1, the WCCP configuration was automatically changed in the configuration to the following:
wccp router-list 1 192.168.20.1
wccp tcp-promiscuous service-pair 61 62 failure-detection 30
wccp tcp-promiscuous service-pair 61 62 router-list-num 1
wccp version 2
I have a WAVE-674 that I am going to replace this 512 with and I installed 5.0.1 on the 674. I went through the automatic setup process and the wccp configuration came up like this:
wccp router-list 7 192.168.20.1
wccp tcp-promiscuous service-pair 1 2
router-list-num 7
exit
And it informed me that I needed to put the wccp redirects for 61 in on LAN and 62 in on WAN, standard on the router and wccp 2, which I already have done.
My question is, should my 5.0.1 configuration look the same as my 4.5.1 configuration, or does it matter? I only found one document on the internet that had this "wccp tcp-promiscuous service-pair 1 2" in a Cisco PDF document where they were removing it to put some GRE specific configurations.hi Beau,
something went wrong with the new WAVE 674 wccp configuration, if the wccp router is the same (192.168.20.1) make sure it looks the same as in 4.5.1 version.
Also for devices with WAAS version 5.0, you must explicitly configure the egress method.
http://www.cisco.com/en/US/docs/app_ntwk_services/waas/waas/v501/configuration/guide/traffic.html#wp1275623
if you need assistance choosing the right egress method I suggest to open a TAC case.
hope that helps! -
WAAS interface - Input queue: output drops
I'm seeing total output drops increment every now and then. We are using 3750E stack switch and are configured for WCCP L2 forward and return. Anyone know why I'm seeing out drops on the WAAS connected interface? The WAAS interfaces are setup as standby. The model is 7371...
interface GigabitEthernet1/0/4
description ****WAAS1 GIG 1/0****
switchport access vlan 738
mls qos trust dscp
spanning-tree portfast
end
GigabitEthernet1/0/4 is up, line protocol is up (connected)
Hardware is Gigabit Ethernet, address is 0022.be97.9804 (bia 0022.be97.9804)
Description: ****WAAS1 GIG 1/0****
MTU 1500 bytes, BW 1000000 Kbit, DLY 10 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Full-duplex, 1000Mb/s, media type is 10/100/1000BaseTX
input flow-control is off, output flow-control is unsupported
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:03, output 00:00:00, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 281
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 5967000 bits/sec, 1691 packets/sec
5 minute output rate 5785000 bits/sec, 1606 packets/sec
9301822868 packets input, 3537902554734 bytes, 0 no buffer
Received 179580 broadcasts (172889 multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog, 172889 multicast, 0 pause input
0 input packets with dribble condition detected
7661948806 packets output, 2639805900461 bytes, 0 underruns
0 output errors, 0 collisions, 5 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier, 0 PAUSE output
0 output buffer failures, 0 output buffers swapped outIt looks like this could be related:
CSCtf27580 Ethernet interface input queue wedge from broadcast/uniGRE traffic
Is there any GRE traffic going through this AP?
The workarounds are:
Reboot APs to bring APs back up for time being.
OR
go back to 6.0.188.0 code on WLC.
OR
Route GRE traffic away from AP's.
It appears that it definitely exists in your code:
12.4(21a)JHA 12.4(21a)JA01 006.000(196.000) -
Hi,
I have a waas solution implemented, where the both (Datacenter and Edge) are in inline mode. The WAE in Datacenter side is viewing all connections from the others sites of the WAN where there is not a WAE in there, so that connections are in PT becouse "Not Peer".
These days we started to see a minor alarm: "1 max_conn_overload sysmon accl=TFO". We don't see this alarm from the Edge WAE, only from Datacenter WAE.
Could be that DC WAE takes in account the PT connections? if the answer is yes, Can this overload make that the WAE stop the optimization when new connections arrive until the number of connections go down?
Thanks in advanced!!!
Celeste
These days we started to see a minor alarm: "1 max_conn_overload sysmon accl=TFO". We don't see this alarm from the Edge WAE, only from Datacenter WAE.
Could be that DC WAE take in account the PT connections? if the answer is yes, Can this overload makes that the WAE stops the optimization when new connections arrive until the number of connections goes down?Thanks for the update, can you check one more thing on your WAE-Tronador box? can you do the following command?
find-pattern match "Routing Loop" syslog.txt
We are looking for the following enteries similar to "opt_syn_rcv: Routing Loop
detected - Packet has our own devid. Packet dropped."
Also, do "sh stat auto" and look for the entry:
Auto discovery Miscellaneous
SYNs found with our device id: XX
If you see that counter incrementing, you may be hitting DDTS: CSCsx68058 "Routing loops at the core can cause TFO overload on the WAE " If this is the case, then you need to inspect you interception at the core to ensure that you are not re-intercepting traffic egressing the WAE on the router.
Let me know if this is the case or we can keep searching.
Thanks,
Dan -
Windows no longer detecting my Audigy 4?(Non-P
Hey all. I've had my Audigy 4 (non-Pro) installed and working super for about 50 days, but it started giving me a weird problem. Windows was no longer detecting the card! It was weird. DX Diag, programs like EVEREST... they all report no sound card whatsoever.
Here are my PC specs:
XP Home Edition
Albatron K8X800 Pro
S754 3200+ ClawHammer
x 2 OCZ ELPE 52 MB(2-3-2-5)
Visiontek XTASY X850XT PE
x 80 GB SATA 2 Seagate, x 80 GB Maxtor
Some other things to note:
XP has been repaired. Went from Service Pack , updates, and all the way to Service Pack 2. The card requires XP w/SP2, yes, so I have that covered.
Onboard audio is disabled through the bios. I have AC'97 integrated audio on this.
My motherboard has fi've PCI slots - although I can only access 4 because my video card is in the way, and I have tried three of those and I get the same problem.
I have tried it in other PCs in my house, double-checked each time - so it is not ESD as I originally believed. It works just fine on those PCs. It is being not located only on MY PC.
So guys and gals, I do not know what to do... I am stumped. It's the weekend so I can't call Creative support until Monday. I don't want to request an RMA through my warranty because clearly it's just a problem with my PC. What should I do?!Message Edited by Celsius on -26-2005 07:36 PMDevice not recognized in iTunes
Maybe you are looking for
-
How to save Fillable PDF form created in XI - So Acrobat Reader can fill out and send back
Hi, Im extremely hopeful someone can help me with this question, Ive had extreme luck with this question site, you have all been amazing. I have created a fillable form in Adobe Acrobat XI and I have saved my work and Im ready to send the form to my
-
like to hear from anyone that has uploaded FCP 7 to mini mac and well that worked
-
How to Control the Dynamic Pegging Behaviour in CDP
Dear All, We are using Characteristic Dependent Planning (CDP) to plan configurable materials. The requirement is to control the behaviour of Dynamic Pegging of a dependent requirement to receipt. We are using MTS strategy. The BOM is P2 - > P1. Now
-
Mapping parametrized table's name
We have some similar parallel flows that have in input tables with identical structure but different names (like: anag704, anag768, anag763). Can we use one mapping and one flow in Warehouse Builder using parameters?
-
Out Of Memory Errors - Please Help
I'm running Rational XDE Tester -> which is a java-based QA program that tests other java programs. I'm having numerous performance problems -> possibly a result of the XDE program manipulating a 11 MB XML file continuously. We've tried to include th