Cache Engine 510

Hi ,
We have purchased a cache engine 510 and are going to be deploying it in a transparent caching scenario. Where is the optimal place to put the cache engine, on the inside network behind firewall or on outside. If placed on the outside of the firewall what conduits/access lists need to be put in place for the solution to work.
I have been trying to find a good document on how the WCCP protocol works with regards to how the source/destination addresses change when a router redirects traffic to a cache engine to better understand what rules need to be changed on the firewall. Any pointers to a good reference URL will be greatly appreciated.

to understand the log message, please look into :
http://www.cisco.com/en/US/products/hw/contnetw/ps546/products_tech_note09186a00800a5fe1.shtml
If you have only one router, you don't have the choice of the location.
Put your Cache in the same subnet as the router and the firewall.
Finally, you can't view object that were cached.
Gilles.

Similar Messages

  • URL Filtering Cache Engine 510

    Is it possible to get a Cache 510 to pass URL requests to a SurfControl server. I see that N2H2,Websense and Smartfilter are supported and was wondering if it could work to a SurfControl server

    HI,
    Mark is absolutely right. You are having the three mentioned methoded and the made by hand one on the box. BUT you can add any other filtering device if it can be accessed via ICAP. Since ACNS 5.1 ICAPv1.0 is supported (see http://www.cisco.com/en/US/products/sw/conntsw/ps491/products_data_sheet09186a00801d8412.html)
    Cheers,
    joerg

  • Content engine 510 - transparent proxy stand-alone

    Hello to all,
    after studying architecture examples about Content Engine 510, I found that there is two modes:
    1) standard proxy
    2) transparent proxy
    I need the transparent architecture !
    But every example about transparent mode seems to include a router or a switch with a particular level of software, that can send http requests to the Content Engine to have cache.
    I don't have any of these components.
    I simply need to have a Content Engine that receive any kind of IP protocols on one ethernet, and route it to the other ethernet plug, except that if it is http protocol, it will cache the pages.
    Is is simply impossible to configure the Content Engine 510 that way ?
    Is the transparent proxy mode always requires a router or a switch to give it the http flow ?
    If it is possible, where can I find some configuration examples ?
    Thanks to help a newbie in content engine...
    Olivier

    Olivier,
    You'll need to have a router running wccp in order to redirect http requests to the cache. Withouth this, the cache has no visibilty of traffic on your LAN.
    Regards,
    Dave

  • Question about connection between cache engine and cat6k

    Dear sir,
    Here is the problem description, please give me some help, thank you so much:
    catalyst 6509 is enable for wccp v2.CE 7320 also enable the wccp v2.Wccp service 91 is configured on 6509.Service-munber 91 and port-list 1(with port number 8080) are also configured on CE 7320.Wccp communicates well about service number 91.
    but browsing web page with port number 8080 gets always failed.
    1.6509 wccp configuration:
    ip wccp web-cache redirect-list 30
    ip wccp 91
    interface Vlan10
    ip address 211.162.224.2 255.255.255.240
    ip wccp web-cache redirect out
    ip wccp 91 redirect out
    2.ce7320 wccp configuration:
    wccp router-list 1 211.161.1.49
    wccp port-list 1 8080
    wccp web-cache router-list-num 1
    wccp service-number 91 router-list-num 1 port-list-num 1 application cache
    wccp version 2
    3.show info. from 6509 and ce 7320:
    gwbn7320#sh wccp content-engines
    Content Engine List for Service: Web Cache
    IP address = 211.161.1.50
    Routers seeing this Content Engine(1)
    211.162.224.2
    Content Engine List for Service: WCCPv2 Service 91
    IP address = 211.161.1.50
    Routers seeing this Content Engine(1)
    211.162.224.2
    gwbn7320#sh statistics http savings
    Statistics - Savings
    Requests Bytes
    Total: 90685 460066803
    Hits: 936 162710
    Miss: 89749 459904093
    Savings: 1.0 % 0.0 %
    6509-left#sh ip wccp
    Global WCCP information:
    Router information:
    Router Identifier: 211.162.224.2
    Protocol Version: 2.0
    Service Identifier: web-cache
    Number of Cache Engines: 1
    Number of routers: 1
    Total Packets Redirected: 2525
    Redirect access-list: 30
    Total Packets Denied Redirect: 0
    Total Packets Unassigned: 146
    Group access-list: -none-
    Total Messages Denied to Group: 0
    Total Authentication failures: 0
    Service Identifier: 91
    Number of Cache Engines: 1
    Number of routers: 1
    Total Packets Redirected: 0
    Redirect access-list: -none-
    Total Packets Denied Redirect: 0
    Total Packets Unassigned: 0
    Group access-list: -none-
    Total Messages Denied to Group: 0
    Total Authentication failures: 0
    Regards,
    Sha

    Gilles,
    Thank you!
    Here is the result:
    6509-left#sh ip wccp 91 detail
    WCCP Cache-Engine information:
    IP Address: 211.161.1.50
    Protocol Version: 2.0
    State: Usable
    Redirection: GRE
    Initial Hash Info: 00000000000000000000000000000000
    00000000000000000000000000000000
    Assigned Hash Info: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
    FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
    Hash Allotment: 256 (100.00%)
    Packets Redirected: 180
    Connect Time: 00:07:06
    Regards,
    Sha

  • Problems with transaction-logs on cache engines

    Good Day All,
    I have a Cache Engine 550 here and the transaction log working.log file got quite large.
    I was not able to export it to my ftp server so I logged into the Cache engine via ftp and downloaded the file to a PC.
    I then deleted the working.log file on the Cache Engine and rebooted the cache engine.
    The working.log file was not re-created as I had hoped it might be.
    I have created a file called working.log in the correct directory. This file does not seem to get updated though so this must not be right either.
    Any suggestions?
    regards,
    amanda

    Hi Zach,
    Thank you so much for writing back. I am running an archaic version of the software... i can check tomorrow. As to the logging.... i had not enabled transaction-logging in itself so it was a silly config error ...
    :) amanda

  • ACE as cache engine for wccp redirection

    Does anybody know if the ACE 4710 appliance supports WCCP acting as a web-cache engine? I am exausting all possible options, and then some, for deploying a new application networking environment. I just returned from ACE training last week and found myself ramping up to deploy a new ACE.
    I have pretty much exhausted my options for topology. We discussed several different designs in class and I don't like any of them. I have some serious problems with using the ACE as a default-gateway for servers. That options is out due to how other "non application" traffic is handled. Traffic such as RDP from IT support staff, patching from SMS servers, virus dat updates, vulnerability scanning... it all routes to the ACE which has to have static routes... then clients hitting the application VIPs have to be natted so the ACE does not use the static routes and reply directly... it all becomes a very big problem over time.
    Second and third options are one-armed and direct server return... both not suitable for my requirements.
    Now... that leaves me with an option we currently have deployed. That is to use a distribution route-switch (Catalyst 4500 Sup-IV) in the middle. The Cat uses PBR to return http traffic from the web servers back to the ACE. All other traffic follows normal routing table.
    Ok... that works perfect... except PBR is not supported in the Sup-6 engine. Unbelievable... I know. This is a major fly in the ointment for this new deployment.
    Now... there is another protocol that is often used for redirection... WCCP. If the ACE were a wccp web-cache, the router could be configured to redirect ingress http to the ACE. But... the ACE would have to act as a web-cache engine and register with the Cat as a home-router.
    I am sure this option is not an option... but it would be nice. The ACE 4710 appliance has the general processor to do it but it would have to be implemented in software. I'm running A3(1.0) and I cannot find anything related to wccp. Nothing in the command-reference.
    If there are any Cisco developers interested in adding some killer funtionality... this would be it. Wccp can be done in layer-2 as well as layer-3. The Sup-6 supports layer-2 redirection. Since the ACE is generally layer-2 adjacent this would be rather easy to implement. Anyway... food for thought.

    I just would like to mention that you could have ACE in bridge mode inserted between your servers and the gateway (4500).
    All traffic will go through ACE but no need for nating and no statc routes (just one default route pointing to the 4500).
    The only problems would be if you exceed the BW of the 4710 with all your traffic.
    Regarding the WCCP support for the 4710 this is not currently in our roadmap.
    Ask your cisco account team to introduce the request.
    Thanks,
    Gilles.

  • Getting following error  while we starting up cache engine

    Hi,
    We always getting following error, when we try to restart our 4 cache engine ie 4th coherence node all the time. We are having cluster with WKA type with 6 member in it. First 3 member start normally without any issues. But the 4 th one always ends up in the following issue. Even we change starting order for coherence nodes, first 3 will go fine, from 4 th onwards, we are getting the following problem.
    2012-10-25 16:27:25.746/113.283 Oracle Coherence EE 3.4.2/411p1 <Error> (thread=DistributedCache, member=4): validatePolls: This service timed-out due to una
    nswered handshake request. Manual intervention is required to stop the members that have not responded to this Poll
    PollId=1, active
    InitTimeMillis=1351178785142
    Service=DistributedCache (4)
    RespondedMemberSet=[]
    LeftMemberSet=[]
    RemainingMemberSet=[1,2,3]
    what should we check for? Any help is greatly appreciated.
    Regards,
    chakradhar

    Hi,
    This was a problem in earlier releases of Coherence and you can try to configure the <thread-pool> for your Distributed Cache and see if the problem goes away. Here is a note from Oracle support that talks more about this problem: https://support.oracle.com/CSP/main/article?cmd=show&type=NOT&id=845363.1
    HTH
    Cheers,
    _NJ                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           

  • Cache Engine DOS volume /c0t0d0s1 is full

    Hi All,
    My DOS volume is full. I need to erase it, but am worried I will end up erasing the Cisco IOS on the drive as well....
    The whole caching engine thing is a bit confusing.
    Can anyone offer some insite as to how the disk partitions work and how to fix this problem.
    thanks very much,
    amanda

    I have also attached the show tech-support from the Cache Engine.
    I have a huge transaction file.
    Does anyone know what would happen if I deleted the transaction log and rebooted the machine. Would it recreate the new transaction log?
    thanks

  • Cache engine IP spoofing with CSS ?

    i would like to use css and cache engine in a spoofed ip source design to preserve identity of requestor.
    WCCP appears to be able to do this but not L4+ switching with CSS.
    Does anyone know of a way of doing this either as a transparent cache or proxy cache ?
    thanks in advance

    Alan, we discussed this by email in the case you opened.
    The command 'wccp spoof-client-ip enable' does work on the CE even
    if you are not using WCCP.
    On the CSS, just make a config similar to the one for one-armed transparent SCA config.
    Tested in the lab and it works.
    Gilles.

  • Cache engine overloads, how to.....

    i've cisco cache engine 505 attached with cisco 2611 router. Now whenever i reload my cache engine it performs its job for 5 minutes after that it overloads and cannnot perform its job and cache engine changes its state to bypass mode.
    What could be the factors that causes this problem?
    How can i avoid this problem.
    this could be memory issue? if yes then which memory.hardisk or RAM or else?
    pls reply me as soon as possible.

    The ICAP daemon on the Content Engine continues to send updates (from the HTTP response) to the ICAP server, and it overloads the cache engine

  • ACE with cache engine "spoof" mode

    If Cache Engine use spoof mode, how ACE be configured for support this mode. Have it any command add into ACE?

    I am looking into this myself. Can the ACE work in this fashion:
    Clients VLAN 10
    Internet VLAN 20
    Cache Servers VLAN 30
    Traffic that comes in from clients on vlan 10, any of it that is tcp port 80, send to the cache on vlan 30. Traffic coming back from the internet, vlan 20, if its tcp port 80, send to the cache on vlan 30.
    Its basic layer 4 redirection. But when the traffic goes to the cache, the cache is not going to use its own IP to make the internet request, its going to use the clients IP, this is why a map is needed on vlan 10 and vlan 20, to ensure traffic is pipelined thru the ace. Has anyone done this?

  • Does the Cisco Cache Engine Work with the Cisco Local Director ?

    I need to know if it is possible and how to use cisco local director to redirect traffic to the cache engine in reverse proxy configuration and transparent proxy configuration.

    In directed mode, the client browsers are configured to point to a proxy to a virtual IP address on the Local Director. I know the Local Director does not support a real server that does not have a virtual address defined so it can't transparently forward like the CSS.

  • Cache engine http transparent proxy and caching

    Hi..
    My customer some GPRS user in which they couldn't control proxy setting of the web browser.
    Is it possible to configure on a cache engine such that when these users access the Internet, they will be intercepted by the cache engine. THe cache engine then forwards the request to a proxy server and out to the Internet ?
    Rgds
    Eng Wee

    It is possible to configure the cache engine to provide access to the users. The following URL shows an example on how to configure the Cisco Cache Engine for transparent caching using the Web Cache Coordination Protocol (WCCP).
    http://www.cisco.com/warp/public/117/cache_engine/transparentconfig.html
    This scenario is pretty similar to your requirement. Hope this helps.

  • Cache Engine with a private address

    Can I configure my CE590 with a private address ( for ex. 172.16.1.1 )
    Should I translate this private address to a public address ?
    The sample configuration in the below URL comment :
    !---Important: If you configure the Cache Engine
    !---with a private address, it must get!---translated to a public address. "
    http://www.cisco.com/warp/customer/117/cache_engine/transparentconfig.htm
    please advise me
    Thanks
    Mohamed Abdallah

    Should I configure a static NAT on the router for the CE ip address
    OR use the PTR record in my DNS for the CE ip add. for the DNS reverse lookup ??
    Answer: In any event, you will need a PTR record configured in your DNS network for the CE ip address. This must be a public record so that the internet sites can do a reverse lookup. Best case senario for security is to configure static nat on the router with a public ip address that resolves to the internal private ip address of the CE
    What if I give the CE a public IP address ? Do I need PTR record in my DNS for the CE ip address?
    Answer: You can certainly do that and it does make things a bit easier. For security though, I recommend going with the private ip with nat upstream.
    Regards
    Pete..

  • Streaming WMT (netshow) through PIX with Cache Engine

    Hello:
    I am trying to stream WMT from a pre-loaded Cache engine through a PIX firewall. I would like to use UDP for the streaming, but when I start the streaming TCP is selected by default. Forcing UDP within Windows causes an error. The PIX doesn't allow the UDP traffic through since it didn't originate from the inside. Outside the firewall UDP only works if I force it. TCP is the default. First, is UDP the best way to do this or is TCP ok since it is comming from the Cache engine? Second, how can I change the Cache engine setup to default to UDP or is this not possible?
    Thank you,
    Hampton Saussy
    Midlands Technical College

    We had a similar issue. If the firewall is not configured to accept TCP ports, then the streaming video server will perform HTTP cloaking i.e Instead of using the TCP ports it will use HTTP port 80 to get through the firewall, then the server sends the streaming video data via UDP. If UDP cannot pass through the firewall, the client requests delivery via TCP. The fixup rtsp command lets PIX Firewall pass RTSP (Real Time Streaming Protocol) packets. This command does not fix RTSP UDP connections. So I guess using TCP is a better option.

Maybe you are looking for

  • Getting an error when connecting to itunes

    I just got an Ipad 2 for and it will not let me connect to Itunes. Everytime I try to connect it it keeps telling me that I cannot connect to the itunes store. I have tried restarting my computer and my Ipad but neither one will fix the problem. the

  • When I sign out of my bank account, Firefox says its blocked and I have to close the browser, why?

    I clicked sign out from my bank account, and a message came up that my account has been blocked, and I am requested to close my browser. Once I received an error message. ID Code:c967ecee-285b-4a1c-85fe-3f5cfdaaafdd This has happened several time now

  • Convert Binary Data into Pdf & send it as attachment in a mail in Workflow

    Hi, Scenario: The interactive form saved in WebDynpro Application is sent to R/3 in binary format. It has to be converted into pdf and sent it as an attachment in mail to the respective person in workflow. Kindly help on these issues : 1. How to rece

  • Why does my Premiere Elements 10 for mac freeze?

    Why does my Premiere Elements 10 for mac freeze (makes spinning circle loading) and doesn't stop when I am asked to select my country/region? I already had trouble downloading it originally because there was an error downloading, and then the followi

  • Item Group not Uploaded

    Dear Experts, When i trying to upload Item Master in Simple way through Import from Excel it's give me Error Invalid Code But its very simple Transaction. I taken only these field to upload the Data.  Item No.     Item Description     Item Type     I