WAAS Generic Optimization
All,
I did numerous searches so I apolozie in advance if this has already been addressed.
In the past few days, I observed that SMB connections between our sites have become increasingly slow and, at times, unresponsive. This seems to loosely correlate to a number of logs in the WAAS indicating that connections to the domain controllers will be handled by generic optimization only, since the domain controllers require digitial signing.
I apologize for the previous post, I did not intend to submit it yet.
As I was saying, I have seen a number of logs in the WAAS device indicating that connections to the domain controllers will be handled by generic optimization only, since the domain controllers require digital signing.
I was hoping to reach out to the community to see if anyone else has observed this particular symptom as a result of generic optimization or had any useful links or documentation regarding what happens when generic optimization is forced.
I apologize again for the duplicate messages and thanks in advance.
Similar Messages
-
Any issue using WAAS to optimize 6500 SPA traffic?
I have a pilot that does data replication (FCIP) across a service-provider 1 gig link (100 miles). All customer data gets encrypted using 6500 SPA adaptors. Does anyone see any issue, or has anyone had experienced with optimizing (TFO) with WAAS traffic in-betweem SPAs? For ease of pilot deployment, we are using in-line WAEs and there is other traffic they'd like to optimize other than the FCIP, so placing the WAE's before the 6500 SPA adaptors is not a real option.
THANKS!I have a pilot that does data replication (FCIP) across a service-provider 1 gig link (100 miles). All customer data gets encrypted using 6500 SPA adaptors. Does anyone see any issue, or has anyone had experienced with optimizing (TFO) with WAAS traffic in-betweem SPAs? For ease of pilot deployment, we are using in-line WAEs and there is other traffic they'd like to optimize other than the FCIP, so placing the WAE's before the 6500 SPA adaptors is not a real option.
THANKS! -
Dear Team,
In WAAS Setup we are not seeing any Optimized EMAPI connection and below error is showing in Alarm section for all Edge WAE devices.
Wansecure encountered a peering service configuration error: ssl peering service configuration mismatch with peer device id 88:f0:31:b3:6e:c8. The following protocol acceleration can fail: SSL-AO, ICA (if using Wansecure) and Encrypted MAPI.
We have verified the SSL peering configuration between Edge and core device and not found found any mismatch between them. Please suggest how we can resolve this issue.
Regards,
RanjithHi,
Try the following on all the WAAS devices participating in the flow. (Core + edge)'
WAAS #sh acc wansecure
Accelerator Licensed Config State Operational State
wansecure Yes Enabled Running
WAN Secure:
Accelerator Config Item Mode Value
SSL AO User enabled
Secure store User enabled
Peer SSL version User default
Peer cipher list User configured
Peer cert User default <<<<Should be same for all devices
Peer cert verify User enabled
Follow the doc below.
http://www.cisco.com/c/en/us/td/docs/app_ntwk_services/waas/waas/v501/configuration/guide/cnfg/policy.html#wp1156757
Hope that resolves the issue.
Regards,
Abhishek
CCIES 35269 -
Has anybody been able to see any optization on Microsoft RDP (Port 3389)?.
Is RDP traffic compressed/encrypted?.
Any support appreciated.
Cheers,
DineshFinally got the RDP optimization working.
The terminal server was overriding the compression settings done on Default.RDP file. Once the seetings on Server was done for disabling encryption and compression, everything just worked great. Many thanks to you guys.
Any idea even after 80% optimization, why on the following output Bytes written for optimized traffic is more than Bytes written for original traffic?
Connection Id: 14800
Peer Id: 00:21:5e:73:0e:cf
Connection Type: EXTERNAL SERVER
Start Time: Wed Jun 9 11:21:36 2010
Source IP Address: 192.168.120.199
Source Port Number: 3600
Destination IP Address: 192.168.1.174
Destination Port Number: 3389
Application Name: Remote-Desktop
Classifier Name: MS-Terminal-Services
Map Name: basic
Directed Mode: FALSE
Preposition Flow: FALSE
Policy Details:
Configured: TCP_OPTIMIZE + DRE + LZ
Derived: TCP_OPTIMIZE + DRE + LZ
Peer: TCP_OPTIMIZE + DRE + LZ
Negotiated: TCP_OPTIMIZE + DRE + LZ
Applied: TCP_OPTIMIZE + DRE + LZ
Accelerator Details: None
Original Optimized
Bytes Read: 5818686 58462
Bytes Written: 50869 1075183
Total Reduction Ratio: 80.686%
Any thoughts?
Thanks,
Dinesh -
WAAS Monitoring Optimization Stats
Does anyone else have issues with getting consistent statistical data from the Monitoring=>Optimization Stats Detail
section? Specifically the Savings section.
In many cases when I look at the stats from the last hour, it displays the Savings data correctly - showing the Total Bytes saved,% reduction, etc...
If I change the time period from last hour to last day, nothing but zero's shows up under the Savings section.
I've seen this across multiple WAE's on my central manager. Running ver4.0.17.Michael,
Under the 'Application Traffic Statistics Detail Report' section, does the note indicate that statistics are available for that time range?
Thanks,
Zach -
Hi, the documentation says that ssl optimization is available in code version 4.1.3 yet this is not available for download. Anyone know when this will be available?
Thanks
DonaghRelease notes for 4.1.1d are currently being pushed to production, so look for them later today or early tomorrow AM.
I have not heard anything on 4.1.3, however that doesn't mean much...
Good luck!
Dan -
Hi,
Can someone please tell me how MAPI is handled by the WAAS compared to say other forms of acceleration (ie compared to CIFS, HTTP etc).
Is there a document or design guide that goes into the detail/process of how it works?
Thanks
CameronCameron,
WAAS includes both generic optimization and application specific acceleration for MAPI traffic. You can find additional detail here:
http://www.cisco.com/en/US/prod/collateral/contnetw/ps5680/ps6870/prod_white_paper0900aecd8051d5b2.html
as well as in the attached document.
Regards,
Zach -
Hi guys.
We are going to install a wave-7541-k9 and a wave 294 (CM) in the central site and wave 674 in the remote locations.
I know that´s possible to assign a specific physical interface for management purposes only, but I have some questions.
We thought in this way because we are not able to route the customer´s IP within our management environment and we also don´t want to get our management IP being routed within the customer´s environment.
We own the routers in the locations. The WAAS must optimize/accelerate traffic for 2 routers in each location.
Basically the idea is to use the primary interface for production traffic and also as source for the CM connection.
Then, use the other physical interface available to configure a /30 and connect it directly to one of our CPEs which is gone be the management.
The primary interface is going to be connected to the customer´s switch and we will use WCCP for redirection.
The management interface is going to be connected directly to one of our routers.
The plan is to monitor the equipment via that directly connected link (polling made from our monitoring tools and also as source of the traps).
I want to make sure the IP chosen by CM is the production interface´s IP and not the management one.
Also the CM interfaces must be set in the same way (one for production and one for management).
If there any best practices for that situation, recomendations or anything you guys consider valid, I would appreciate
ThanksHi guys.
We are going to install a wave-7541-k9 and a wave 294 (CM) in the central site and wave 674 in the remote locations.
I know that´s possible to assign a specific physical interface for management purposes only, but I have some questions.
We thought in this way because we are not able to route the customer´s IP within our management environment and we also don´t want to get our management IP being routed within the customer´s environment.
We own the routers in the locations. The WAAS must optimize/accelerate traffic for 2 routers in each location.
Basically the idea is to use the primary interface for production traffic and also as source for the CM connection.
Then, use the other physical interface available to configure a /30 and connect it directly to one of our CPEs which is gone be the management.
The primary interface is going to be connected to the customer´s switch and we will use WCCP for redirection.
The management interface is going to be connected directly to one of our routers.
The plan is to monitor the equipment via that directly connected link (polling made from our monitoring tools and also as source of the traps).
I want to make sure the IP chosen by CM is the production interface´s IP and not the management one.
Also the CM interfaces must be set in the same way (one for production and one for management).
If there any best practices for that situation, recomendations or anything you guys consider valid, I would appreciate
Thanks -
Can you use WAEs for conns going over IPSEC?
Question: Can you place WAEs and optimize traffic and then place over IPSEC? Has anyone done this and have you experienced sufficient optimization? I'm picturing some in-line module WAEs between enddevices and IPSEC routers and wanted to know if I could expect typical optimization performance.
Thanks! Mike.Mike,
Are planning to deploying the WAE's in the traffic prior before/after IPSec encryption occurs? If so, you should be fine.
Zach -
Implementing WAAS using 3925 and 2911 Cisco routers
Dear all,
I am new to Cisco WAAS and therefore I would like to request some help regarding the following scenario:
I have a star network (1 hub and 5 spoke) topology where each satellite site is connected via a 2 MB (symmetric) to the Head-Quarters (Central node). In order to be able to concentrate all servers (services) at the head-quarters and improve the users experience in remote sites when accessing network services that are located at the head-quarters we want to implement Cisco WAAS instead of increasing the existing bandwidth.
At the head-quarters we are using a 3925 Cisco router and at the remote locations we are using 2911 Cisco routers. Last but not least there will be approximately 75 concurrent users from remote sites accessing resources at the head-quarters.
Currently I am planning to use the following:
·At the head-quarters I am planning to use a Cisco Wide Area Application Services (WAAS) Module: SM-SRE-900-K9 with an Enterprise license (for large deployment) in the Cisco router 3925
·At the remote sites I am planning to use a Cisco Wide Area Application Services (WAAS) Module: SM-SRE-700-K9 with an Enterprise license (for medium deployment) in the Cisco router 2911
Is there anything else that I am missing or need to take into consideration for deploying the WAAS.
Regards,
ScreechHi Screech,
Answers:
Is the dedicated WAE hw for central management purpose a required component?not required as WAEs can optimize even without Cntral managementbut you will not be able to collect statistics, reports and will have to manage WAEs from CLI. This a kind of highly recommended management piece you will need.
What is the difference between using a full blown WAE instead of a Sm SRE module: Using a fully blown WAE at DC is recommended as you are then avoiding couple of bottlenecks.
1. Bandwidth allcoation
2. SM / NM models have low capacity, disks where as fully blown models like 674s have 10k/15k SATA / SAS drives.
3. HW redundancy: you have backup PS / HD in dedicated WAEs in msot of the models.
4. HW dependency: Your SM moduels depened upon your router / switch. If for some reason, switch or router goes down, SM moule goes down at same time.
5. Additional NICs / HW availability.
There are various other reasons you might want to consider. You can ask your cisco sales engineer or one of the PDI help engineer on the forum can also punch in here.
but basicaly, I would go for fully blown WAE on DC side and central management piece as well.
Regards. -
Error message trying to enable WAAS Express
I have one location that is giving me fits trying to enable WAAS express. The three before it went fine but I think this may be related to the fact that this one location is currently configured to support COS. The message I receive when issueing the waas enable command is
% waas enable failed: Unable to create WAAS class-map as class-map BGP already exists in another type.
This are their current definitions ...
class-map match-any BGP
match protocol bgp
class-map match-any COS3
match access-group name COS3-Traffic
match protocol icmp
class-map match-any COS2
match access-group name COS2-Traffic
match protocol bgp
class-map match-any COS1
match access-group name COS1-Traffic
policy-map MARK-BGP
class BGP
set ip dscp cs6
policy-map COS
class COS1
priority 320
set ip dscp ef
class COS2
bandwidth remaining percent 60
set ip dscp af31
service-policy MARK-BGP
class COS3
bandwidth remaining percent 30
set ip dscp af21
class class-default
bandwidth remaining percent 10
set ip dscp defaultHi,
When you first enable WAAS express on a device, it will define a set of policies for traffic optimization. Among those, there is one called BGP, which is conflicting with the current one and as a result, enabling WAAS fails and the error you saw is displayed
To solve this issue, you will have to change the configuration of your device to ensure that there are no classes or policies with the same names as the ones that WAAS will configure.
For your reference, below you can see a list of the configuration that will be added by WAAS Express by default:
class-map type waas match-any BFTP match tcp destination port 152 class-map type waas match-any MS-Message-Queuing match tcp destination port 1801 match tcp destination port 2101 match tcp destination port 2103 match tcp destination port 2105 class-map type waas match-any WINS match tcp destination port 42 match tcp destination port 137 match tcp destination port 1512 class-map type waas match-any NNTP match tcp destination port 119 class-map type waas match-any PPTP match tcp destination port 1723 class-map type waas match-any Internet-Mail-secure match tcp destination port 995 match tcp destination port 993 match tcp destination port 465 class-map type waas match-any RTSP match tcp destination port 554 match tcp destination port 8554 class-map type waas match-any VocalTec match tcp destination port 1490 match tcp destination port 6670 match tcp destination port 25793 match tcp destination port 22555 class-map type waas match-any PostgreSQL match tcp destination port 5432 class-map type waas match-any Danware-NetOp match tcp destination port 6502 class-map type waas match-any TACACS match tcp destination port 49 class-map type waas match-any XWindows match tcp destination port 6000 6063 class-map type waas match-any Cisco-CallManager match tcp destination port 2748 match tcp destination port 2443 class-map type waas match-any MS-EndPointMapper match tcp destination port 135 class-map type waas match-any PDMWorks match tcp destination port 30000 match tcp destination port 40000 class-map type waas match-any MS-Chat match tcp destination port 6665 match tcp destination port 6667 class-map type waas match-any SASL match tcp destination port 3659 class-map type waas match-any SOAP match tcp destination port 7627 class-map type waas match-any Laplink-ShareDirect match tcp destination port 2705 class-map type waas match-any EMC-SRDFA-IP match tcp destination port 1748 class-map type waas match-any FTPS match tcp destination port 990 class-map type waas match-any Veritas-NetBackup match tcp destination port 13720 match tcp destination port 13721 match tcp destination port 13782 match tcp destination port 13785 class-map type waas match-any Basic-TCP-services match tcp destination port 1 19 class-map type waas match-any Connected-DataProtector match tcp destination port 16384 class-map type waas match-any MS-Terminal-Services match tcp destination port 3389 class-map type waas match-any TFTP match tcp destination port 69 class-map type waas match-any HTTP match tcp destination port 80 match tcp destination port 8080 match tcp destination port 8000 match tcp destination port 8001 match tcp destination port 3128 class-map type waas match-any QMTP match tcp destination port 209 class-map type waas match-any IBM-NetView match tcp destination port 729 731 class-map type waas match-any LDAP match tcp destination port 389 match tcp destination port 8404 class-map type waas match-any BitTorrent match tcp destination port 6881 6889 match tcp destination port 6969 class-map type waas match-any FCIP match tcp destination port 3225 class-map type waas match-any Novell-ZenWorks match tcp destination port 1761 1763 match tcp destination port 517 match tcp destination port 2544 match tcp destination port 8039 match tcp destination port 2037 class-map type waas match-any UniSQL match tcp destination port 1978 match tcp destination port 1979 class-map type waas match-any RAdmin match tcp destination port 4899 class-map type waas match-any SoulSeek match tcp destination port 2234 match tcp destination port 5534 class-map type waas match-any WBEM match tcp destination port 5987 match tcp destination port 5988 class-map type waas match-any CIFS match tcp destination port 139 match tcp destination port 445 class-map type waas match-any Lotus-Sametime-Connect match tcp destination port 1533 class-map type waas match-any IBM-TSM match tcp destination port 1500 1502 class-map type waas match-any Remote-Replication-Agent match tcp destination port 5678 class-map type waas match-any Telnet match tcp destination port 23 match tcp destination port 107 match tcp destination port 513 class-map type waas match-any LDAP-secure match tcp destination port 636 class-map type waas match-any Remote-Anything match tcp destination port 3999 4000 class-map type waas match-any Double-Take match tcp destination port 1105 match tcp destination port 1100 class-map type waas match-any Borland-Interbase match tcp destination port 3050 class-map type waas match-any Sun-RPC match tcp destination port 111 class-map type waas match-any NetApp-SnapMirror match tcp destination port 10565 10569 class-map type waas match-any Amanda match tcp destination port 10080 class-map type waas match-any iSNS match tcp destination port 3205 class-map type waas match-any FTP-Control match tcp destination port 21 class-map type waas match-any HP-OpenMail match tcp destination port 5755 match tcp destination port 5757 match tcp destination port 5766 match tcp destination port 5767 match tcp destination port 5768 match tcp destination port 5729 class-map type waas match-any PCAnywhere match tcp destination port 73 match tcp destination port 5631 5632 match tcp destination port 65301 class-map type waas match-any EMC-Celerra-Replicator match tcp destination port 8888 class-map type waas match-any Gnutella match tcp destination port 6346 6349 match tcp destination port 6355 match tcp destination port 5634 class-map type waas match-any HP-OpenView match tcp destination port 7426 7431 match tcp destination port 7501 match tcp destination port 7510 class-map type waas match-any MSN-Messenger match tcp destination port 1863 match tcp destination port 6891 6900 class-map type waas match-any Yahoo-Messenger match tcp destination port 5000 5001 match tcp destination port 5050 match tcp destination port 5100 class-map type waas match-any Apple-AFP match tcp destination port 548 class-map type waas match-any Apple-iChat match tcp destination port 5297 match tcp destination port 5298 class-map type waas match-any PCMail-Server match tcp destination port 158 class-map type waas match-any Siebel match tcp destination port 8448 match tcp destination port 2320 match tcp destination port 2321 class-map type waas match-any Kerberos match tcp destination port 88 match tcp destination port 2053 match tcp destination port 754 match tcp destination port 888 match tcp destination port 543 match tcp destination port 464 match tcp destination port 544 match tcp destination port 749 class-map type waas match-any MS-NetMeeting match tcp destination port 522 match tcp destination port 1503 match tcp destination port 1731 class-map type waas match-any Oracle match tcp destination port 66 match tcp destination port 1525 match tcp destination port 1521 class-map type waas match-any Unix-Printing match tcp destination port 515 match tcp destination port 170 class-map type waas match-any Documentum match tcp destination port 1489 class-map type waas match-any Pervasive-SQL match tcp destination port 1583 class-map type waas match-any Jabber match tcp destination port 5222 match tcp destination port 5269 class-map type waas match-any iFCP match tcp destination port 3420 class-map type waas match-any NNTP-secure match tcp destination port 563 class-map type waas match-any SQL-Service match tcp destination port 156 class-map type waas match-any Internet-Mail match tcp destination port 25 match tcp destination port 110 match tcp destination port 143 match tcp destination port 220 class-map type waas match-any Lotus-Notes match tcp destination port 1352 class-map type waas match-any SSL-Shell match tcp destination port 614 class-map type waas match-any CU-SeeMe match tcp destination port 7640 match tcp destination port 7642 match tcp destination port 7648 match tcp destination port 7649 class-map type waas match-any Simple-FTP match tcp destination port 115 class-map type waas match-any AOL match tcp destination port 5190 5193 class-map type waas match-any SAP match tcp destination port 3200 3219 match tcp destination port 3390 3399 match tcp destination port 3284 3305 match tcp destination port 3226 3267 match tcp destination port 3662 3699 match tcp destination port 3221 3224 match tcp destination port 3270 3282 match tcp destination port 3307 3388 match tcp destination port 3600 3659 class-map type waas match-any waas-default match tcp any class-map type waas match-any Laplink-PCSync match tcp destination port 8444 class-map type waas match-any TFTPS match tcp destination port 3713 class-map type waas match-any WinMX match tcp destination port 6699 class-map type waas match-any CVS match tcp destination port 2401 class-map type waas match-any ezMeeting match tcp destination port 10101 10103 match tcp destination port 26260 26261 class-map type waas match-any NetIQ match tcp destination port 2220 match tcp destination port 2735 match tcp destination port 10113 10116 class-map type waas match-any Grouper match tcp destination port 8038 class-map type waas match-any Netopia-Timbuktu match tcp destination port 407 match tcp destination port 1417 1420 class-map type waas match-any Novell-Groupwise match tcp destination port 1677 match tcp destination port 1099 match tcp destination port 9850 match tcp destination port 7205 match tcp destination port 3800 match tcp destination port 7100 match tcp destination port 7180 match tcp destination port 7101 match tcp destination port 7181 match tcp destination port 2800 class-map type waas match-any SSH match tcp destination port 22 class-map type waas match-any IPP match tcp destination port 631 class-map type waas match-any IBM-Tivoli match tcp destination port 94 match tcp destination port 627 match tcp destination port 1965 match tcp destination port 1580 match tcp destination port 1581 class-map type waas match-any NTP match tcp destination port 123 class-map type waas match-any VoIP-Control match tcp destination port 1300 match tcp destination port 2428 match tcp destination port 2000 2002 match tcp destination port 1718 1720 match tcp destination port 5060 match tcp destination port 11000 11999 class-map type waas match-any HTTPS match tcp destination port 443 class-map type waas match-any SUN-Xprint match tcp destination port 8100 class-map type waas match-any Clearcase match tcp destination port 371 class-map type waas match-any Service-Location match tcp destination port 427 class-map type waas match-any MS-NetShow match tcp destination port 1755 class-map type waas match-any Napster match tcp destination port 8875 match tcp destination port 7777 match tcp destination port 6700 match tcp destination port 6666 match tcp destination port 6677 match tcp destination port 6688 class-map type waas match-any Kazaa match tcp destination port 1214 class-map type waas match-any Laplink-Host match tcp destination port 1547 class-map type waas match-any Telnets match tcp destination port 992 class-map type waas match-any AFS match tcp destination port 7000 7009 class-map type waas match-any Scalable-SQL match tcp destination port 3352 class-map type waas match-any WASTE match tcp destination port 1337 class-map type waas match-any BGP match tcp destination port 179 class-map type waas match-any BMC-Patrol match tcp destination port 6161 match tcp destination port 6162 match tcp destination port 8160 match tcp destination port 8161 match tcp destination port 6767 match tcp destination port 6768 match tcp destination port 10128 class-map type waas match-any Rsync match tcp destination port 873 class-map type waas match-any Qnext match tcp destination port 44 match tcp destination port 5555 class-map type waas match-any Intel-Proshare match tcp destination port 5713 5717 class-map type waas match-any Liquid-Audio match tcp destination port 18888 class-map type waas match-any WAAS-FlowMonitor match tcp destination port 7878 class-map type waas match-any eDonkey match tcp destination port 4661 4662 class-map type waas match-any IRC match tcp destination port 531 match tcp destination port 6660 6669 class-map type waas match-any DNS match tcp destination port 53 class-map type waas match-any Filenet match tcp destination port 32768 32774 class-map type waas match-any ControlIT match tcp destination port 799 class-map type waas match-any Citrix-ICA match tcp destination port 1494 match tcp destination port 2598 class-map type waas match-any NFS match tcp destination port 2049 class-map type waas match-any Netopia-netOctopus match tcp destination port 1917 match tcp destination port 1921 class-map type waas match-any VNC match tcp destination port 5801 5809 match tcp destination port 6900 6909 class-map type waas match-any Vmware-VMConsole match tcp destination port 902 class-map type waas match-any Sybase-SQL match tcp destination port 1498 match tcp destination port 2638 match tcp destination port 2439 match tcp destination port 3968 class-map type waas match-any Unix-Remote-Execution match tcp destination port 514 match tcp destination port 512 class-map type waas match-any ProjectWise-FileTransfer match tcp destination port 5800 class-map type waas match-any Other-Secure match tcp destination port 261 match tcp destination port 448 match tcp destination port 684 match tcp destination port 695 match tcp destination port 994 match tcp destination port 2252 match tcp destination port 2478 match tcp destination port 2479 match tcp destination port 2482 match tcp destination port 2484 match tcp destination port 2679 match tcp destination port 2762 match tcp destination port 2998 match tcp destination port 3077 match tcp destination port 3078 match tcp destination port 3183 match tcp destination port 3191 match tcp destination port 3220 match tcp destination port 3410 match tcp destination port 3424 match tcp destination port 3471 match tcp destination port 3496 match tcp destination port 3509 match tcp destination port 3529 match tcp destination port 3539 match tcp destination port 3660 match tcp destination port 3661 match tcp destination port 3747 match tcp destination port 3864 match tcp destination port 3885 match tcp destination port 3896 match tcp destination port 3897 match tcp destination port 3995 match tcp destination port 4031 match tcp destination port 5007 match tcp destination port 5989 match tcp destination port 5990 match tcp destination port 7674 match tcp destination port 9802 match tcp destination port 12109 class-map type waas match-any FTP-Data match tcp source port 20 class-map type waas match-any IBM-DB2 match tcp destination port 523 class-map type waas match-any LDAP-Global-Catalog match tcp destination port 3268 class-map type waas match-any Legato-RepliStor match tcp destination port 7144 match tcp destination port 7145 class-map type waas match-any MDaemon match tcp destination port 3000 match tcp destination port 3001 class-map type waas match-any Novell-NetWare match tcp destination port 524 class-map type waas match-any Altiris-CarbonCopy match tcp destination port 1680 class-map type waas match-any iSCSI match tcp destination port 3260 class-map type waas match-any AppSocket match tcp destination port 9100 class-map type waas match-any HP-Radia match tcp destination port 3460 match tcp destination port 3461 match tcp destination port 3464 match tcp destination port 3466 class-map type waas match-any VDOLive match tcp destination port 7000 class-map type waas match-any X400 match tcp destination port 102 class-map type waas match-any Apple-NetAssistant match tcp destination port 3283 class-map type waas match-any Symantec-AntiVirus match tcp destination port 2847 match tcp destination port 2848 match tcp destination port 2967 match tcp destination port 2968 match tcp destination port 38037 match tcp destination port 38292 class-map type waas match-any Legato-NetWorker match tcp destination port 7937 match tcp destination port 7938 match tcp destination port 7939 class-map type waas match-any SIP-secure match tcp destination port 5061 class-map type waas match-any InterSystems-Cache match tcp destination port 1972 class-map type waas match-any BackupExpress match tcp destination port 6123 class-map type waas match-any CommVault match tcp destination port 8400 8403 class-map type waas match-any Veritas-BackupExec match tcp destination port 6101 match tcp destination port 6102 match tcp destination port 6106 match tcp destination port 3527 match tcp destination port 1125 class-map type waas match-any L2TP match tcp destination port 1701 class-map type waas match-any LANDesk match tcp destination port 9535 match tcp destination port 9593 9595 class-map type waas match-any MySQL match tcp destination port 3306 class-map type waas match-any FTPS-Control match tcp source port 989 class-map type waas match-any LDAP-Global-Catalog-Secure match tcp destination port 3269 class-map type waas match-any MS-Content-Replication-Service match tcp destination port 560 match tcp destination port 507 class-map type waas match-any OpenVPN match tcp destination port 1194 class-map type waas match-any HotLine match tcp destination port 5500 5503 class-map type waas match-any MS-SQL match tcp destination port 1433 class-map type waas match-any Laplink-PCSync-secure match tcp destination port 8443 !!policy-map type waas waas_global class AFS optimize tfo dre lz application File-System class AOL passthrough application Instant-Messaging class Altiris-CarbonCopy passthrough application Remote-Desktop class Amanda optimize tfo application Backup class AppSocket optimize tfo dre lz application Printing class Apple-AFP optimize tfo dre lz application File-System class Apple-NetAssistant passthrough application Remote-Desktop class Apple-iChat passthrough application Instant-Messaging class BFTP optimize tfo dre lz application File-Transfer class BGP optimize tfo dre lz application Other class BMC-Patrol passthrough application Systems-Management class BackupExpress optimize tfo application Backup class Basic-TCP-services passthrough application Other class BitTorrent passthrough application P2P class Borland-Interbase optimize tfo dre lz application SQL class CIFS optimize tfo dre lz application WAFS class CU-SeeMe passthrough application Conferencing class CVS optimize tfo dre lz application Version-Management class Cisco-CallManager passthrough application Call-Management class Citrix-ICA optimize tfo dre lz application Remote-Desktop class Clearcase optimize tfo dre lz application Version-Management class CommVault optimize tfo application Backup class Connected-DataProtector optimize tfo application Backup class ControlIT optimize tfo application Remote-Desktop class DNS passthrough application Name-Services class Danware-NetOp optimize tfo application Remote-Desktop class Documentum optimize tfo dre lz application Content-Management class Double-Take optimize tfo dre lz application Replication class EMC-Celerra-Replicator optimize tfo dre lz application Replication class EMC-SRDFA-IP optimize tfo dre lz application Storage class FCIP optimize tfo dre lz application Storage class FTP-Control passthrough application File-Transfer class FTP-Data optimize tfo dre lz application File-Transfer class FTPS optimize tfo application File-Transfer class FTPS-Control passthrough application File-Transfer class Filenet optimize tfo dre lz application Content-Management class Gnutella passthrough application P2P class Grouper passthrough application P2P class HP-OpenMail optimize tfo dre lz application Email-and-Messaging class HP-OpenView passthrough application Systems-Management class HP-Radia optimize tfo dre lz application Systems-Management class HTTP optimize tfo dre lz application Web class HTTPS optimize tfo application SSL class HotLine passthrough application P2P class IBM-DB2 optimize tfo dre lz application SQL class IBM-NetView passthrough application Systems-Management class IBM-TSM optimize tfo dre lz application Backup class IBM-Tivoli optimize tfo dre lz application Systems-Management class IPP optimize tfo dre lz application Printing class Intel-Proshare passthrough application Conferencing class InterSystems-Cache optimize tfo dre lz application SQL class Internet-Mail optimize tfo dre lz application Email-and-Messaging class Internet-Mail-secure optimize tfo application Email-and-Messaging class Jabber passthrough application Instant-Messaging class Kazaa passthrough application P2P class Kerberos passthrough application Authentication class L2TP optimize tfo application VPN class LANDesk optimize tfo dre lz application Systems-Management class LDAP optimize tfo dre lz application Directory-Services class LDAP-Global-Catalog optimize tfo dre lz application Directory-Services class LDAP-Global-Catalog-Secure passthrough application Directory-Services class LDAP-secure passthrough application Directory-Services class Laplink-Host optimize tfo application Remote-Desktop class Laplink-PCSync optimize tfo application Remote-Desktop class Laplink-PCSync-secure optimize tfo application Remote-Desktop class Laplink-ShareDirect passthrough application P2P class Legato-NetWorker optimize tfo application Backup class Legato-RepliStor optimize tfo application Backup class Liquid-Audio optimize tfo dre lz application Streaming class Lotus-Notes optimize tfo dre lz application Email-and-Messaging class Lotus-Sametime-Connect passthrough application Instant-Messaging class MDaemon optimize tfo dre lz application Email-and-Messaging class MS-Chat passthrough application Instant-Messaging class MS-Content-Replication-Service optimize tfo application Replication class MS-EndPointMapper optimize tfo application Other class MS-Message-Queuing optimize tfo dre lz application Other class MS-NetMeeting passthrough application Conferencing class MS-NetShow optimize tfo dre lz application Streaming class MS-SQL optimize tfo dre lz application SQL class MS-Terminal-Services optimize tfo application Remote-Desktop class MSN-Messenger passthrough application Instant-Messaging class MySQL optimize tfo dre lz application SQL class NFS optimize tfo dre lz application File-System class NNTP optimize tfo dre lz application Email-and-Messaging class NNTP-secure optimize tfo application Email-and-Messaging class NTP passthrough application Other class Napster passthrough application P2P class NetApp-SnapMirror optimize tfo dre lz application Replication class NetIQ passthrough application Systems-Management class Netopia-Timbuktu optimize tfo application Remote-Desktop class Netopia-netOctopus passthrough application Systems-Management class Novell-Groupwise optimize tfo dre lz application Email-and-Messaging class Novell-NetWare optimize tfo dre lz application File-System class Novell-ZenWorks optimize tfo dre lz application Systems-Management class OpenVPN optimize tfo application VPN class Oracle optimize tfo dre lz application SQL class Other-Secure passthrough application Other class PCAnywhere optimize tfo application Remote-Desktop class PCMail-Server optimize tfo dre lz application Email-and-Messaging class PDMWorks optimize tfo dre lz application CAD class PPTP optimize tfo application VPN class Pervasive-SQL optimize tfo dre lz application SQL class PostgreSQL optimize tfo dre lz application SQL class ProjectWise-FileTransfer optimize tfo dre lz application Content-Management class QMTP optimize tfo dre lz application Email-and-Messaging class Qnext passthrough application P2P class RAdmin optimize tfo application Remote-Desktop class RTSP optimize tfo dre lz application Streaming class Remote-Anything optimize tfo application Remote-Desktop class Remote-Replication-Agent optimize tfo application Replication class Rsync optimize tfo dre lz application Replication class SASL passthrough application Authentication class SIP-secure passthrough application Call-Management class SOAP optimize tfo dre lz application Other class SQL-Service optimize tfo dre lz application SQL class SSH optimize tfo application SSH class SSL-Shell passthrough application Console class SUN-Xprint optimize tfo dre lz application Printing class Scalable-SQL optimize tfo dre lz application SQL class Service-Location passthrough application Name-Services class Siebel optimize tfo dre lz application Enterprise-Applications class Simple-FTP optimize tfo dre lz application File-Transfer class SoulSeek passthrough application P2P class Sun-RPC passthrough application File-System class Sybase-SQL optimize tfo dre lz application SQL class Symantec-AntiVirus optimize tfo dre lz application Other class TACACS passthrough application Authentication class TFTP optimize tfo dre lz application File-Transfer class TFTPS optimize tfo application File-Transfer class Telnet passthrough application Console class Telnets passthrough application Console class UniSQL optimize tfo dre lz application SQL class Unix-Printing optimize tfo dre lz application Printing class Unix-Remote-Execution passthrough application Console class VDOLive optimize tfo dre lz application Streaming class Veritas-BackupExec optimize tfo application Backup class Veritas-NetBackup optimize tfo application Backup class Vmware-VMConsole optimize tfo application Remote-Desktop class VoIP-Control passthrough application Call-Management class VocalTec passthrough application Conferencing class WAAS-FlowMonitor optimize tfo lz application Systems-Management class WASTE passthrough application P2P class WBEM passthrough application Systems-Management class WINS passthrough application Name-Services class WinMX passthrough application P2P class X400 optimize tfo dre lz application Email-and-Messaging class XWindows optimize tfo application Remote-Desktop class Yahoo-Messenger passthrough application Instant-Messaging class eDonkey passthrough application P2P class ezMeeting passthrough application Conferencing class iFCP optimize tfo dre lz application Storage class iSCSI optimize tfo dre lz application Storage class iSNS passthrough application Name-Services class IRC passthrough application Instant-Messaging class SAP optimize tfo dre lz application Enterprise-Applications class VNC optimize tfo application Remote-Desktop class waas-default optimize tfo dre lz application waas-default
I hope this helps
Daniel -
WAAS via asymetric routing in a triangle mash
Hi all,
due a misconfiguration i had an asymetric routing scenario in my network environment between three different locations.
The effect was:
traffic from A to C ran directly.
traffic from C to A ran via B.
So far so good.
for sure i know that this scenario is not recommended. However from my experiences i would expect that everything runs cause
WAE in Lokation B would not touch anything as long as WAE in A and WAE in C are closet to client and Server.
Now to my question:
Would WAAS work in an asymetric scenario like this?
In each of these locations i have a WAE connected implemented via WCCP redirection on my outgoing interfaces.Hi Dieter,
The basic condition for WAAS to optimize the traffic is that the WAAS appliance needs to see SYN, SYN-ACK thru the same WAE unit for any TCP session. If it does not, WAAS will not optimize the traffic.
Now looking at your case scenario,
Traffic from A to C runs directly but C to A runs via B.
If you have WAAS at all three sites, it will optimize traffic between A to C, B to A and C to B and vice versa.
Now, for the traffic between A and C, when the traffic passes thru B while returning from C, (second scenario), it will automatically find out that server or client A is not in its local side so it will let it put in pass thru as Pass-through intermidiate (On WAAS B) and sent it to other site (A/C).
But if A or C WAAS does not recieve Syn,SYN/ACK for the tcp session, it will be asymmetric and will not be optimized. Further, it might adversely affect the performance.
On the other side, if you have WAAS at all three sites, Asymmetry exists only for site B and not for A or C. This is not a "TRUE" network asymmetry. Network Asymmetry happens when the device misses any of the initial tcp handshake packets.
Hope this helps.
Regards.
PS: Please mark this as Answered, if it answers your question. -
How to analyse WAAS transaction log ?
hi all
in my user environment
some WAE accelerated perfomance is not well
effective capacity including Pass-Through is 1.2x - 1.5x
I found that PT traffic is big
I enabled transaction log
and have any procedure to analyse log and tune the WAE
make it better
thanksHello,
Your question is a very common issue that we see. The transaction logs probably won't help you improve the performance of your WAAS network.
The best place to start is by running a "show stat conn pass-through"
This will give you a list of all the connections that are in Pass-through and some indication of why they are in pass-through or PT. Here is a short sample
192.98.108.239:2731 192.98.203.55:88 N/A PT App Cfg
192.98.48.6:3268 155.64.230.190:185870:1a:64:c7:57:f0 PT Asymmetric
192.98.108.221:1241 192.98.48.41:1258 N/A PT In Progress
192.64.188.55:8000 172.16.64.130:2006 N/A PT In Progress
192.64.230.107:80 172.16.64.241:3111 N/A PT No Peer
192.127.38.51:1521 192.98.150.30:3583 N/A PT In Progress
You can see a few of the reasons for the PT connections and each one of them have different reasons.
PT App CFG, means that that there is a classifier for that TCP port and it is configured for Pass-through.
The remaining PT can be caused by WCCP misconfiguration at the site you are looking at or the remote location.
To find the issue, you need to do traceroute from the client to server and server to client. Follow that path and make sure it is hitting a L3 interface on a router with WCCP enabled. Also check your WCCP ACL to make sure your traffic is permitted.
For WAAS to optimize a connection, WCCP has to happen four times. The SYN at the local and remote router and the same for the SYN/ACK.
I hope this is helpful.
Tom Jardin -
A problem with RDP when WAEs was connected to the network
The customer has a problem with RDP sessions on one Microsoft cluster server. The problem started when the WAEs (management and acceleration WAEs) are connected to a network (where a cluster is connected). Did anybody have the similar problem? The sessions are connected, but after some different times these sessions are frozen. This problem is only with this Microsoft cluster, the RDP on other servers are good. The WAAS is 4.0.17b14.
Hi,
I have the same problem as I write. RDP seems to get slower when I connect the WAEs and the login timesout before the user can type the username and password.
I have ensured that "EPM Classification" is disbled.
Check and see if Term-services are well configured on the TS server side. Maybe some config is conflicting with WAAS TS optimization.
What happens when you set TS to passthrough?
Also try this for your case;
" HOW-TO: Configuring RDP and Terminal Services for Full WAAS Optimization
Microsoft RDP and Terminal Services are, by default, compressed and encrypted. As such, the default Cisco WAAS policy for these applications is to apply TCP optimizations only. RDP and Terminal Services can be configured to allow Cisco WAAS to provide full optimization (DRE, LZ, TFO) which is a 2X-10X improvement over native WAN and 2X-3X improvement over the compression provided by Microsoft.
Configuring Microsoft RDP and Terminal Services to support Cisco WAAS full optimization requires a change to the client and a change to the server.
On the client, disable compression by editing the .RDP file for the connection using Notepad or a similar text editor. Identify a line in the file that shows "compression:i:1". Modify this line to say "compression:i:0". This disables compression for the RDP/TS connection.
On the server, open the Terminal Services Configuration found under Start > Programs > Administrative Tools. From here, expand Terminal Services Configuration to Connections. Double-click the "RDP-Tcp" entry found in the workspace. Change the encryption level to "Low", which specifies that only login will be encrypted. Then, click "Ok" and close Terminal Services Configuration.
Then, modify the Cisco WAAS policy on the configured device group (or explicitly on each of the WAEs) called "MS-Terminal-Services". Set this policy to "Optimize Full". "
Anyone out there with a clue why RDP gets disconnected? -
Unidirectional WAAS deployment - On Purpose?
Is it possible to configure WAAS to optimize traffic in a unidirectional way? That is to say, if I have site A and site B and I only want to optimize traffic sourced in site A with a destination in site B, is that possible? Assume I have WAVE appliances in both locations, and I'm using WCCP for traffic redirection.
Thanks!Hi there,
Optimization has to be on a tcp flow. Meaning the WAAS needs to see requests+replies. If your questions is how to get optimization only when A is the connection initiator, then you can do such thing with WCCP redirect lists, creating 2 separate ACL's for service 61 and 62. Using the known tcp ports for the application you're using you can select to redirect only traffic sourced from A going to B to a specific port (80 / 445 and so on). Same on the other side, matching traffic coming from B with specific port going to A.
hope this helps,
Fabrizio
Maybe you are looking for
-
Posting Date and Billing Date.
Hi Experts, I am working on an IS-U project at the moment. Could anyone please let me know what is the difference between Posting Date and Billing Date? Thanks in Advance. Regards, Chandu.
-
Personalization change font size
Hi, i create new item using Personalization with Item Style Static Styled Text. I need to change font size. How to perform this. Thank you.
-
Until yesterday, when saving an image as a JPEG I would click "Save As", select my folder and the Image Quality dialog box would pop up and I would then select 12/Maximum as the image quailty and hit "OK". Thereafter, every time I saved an image, Ph
-
How do i solve fonts/display/encoding issue?
This problem only appears on Firefox and no other browsers. When i go into some website the letters will not appear correctly. You may see an example on the link below which contains a screenshot http://img291.imageshack.us/img291/3134/20152698.jpg
-
Only showing appropriate files to user that is logged in
On a monthly basis we have our accounting company upload (ftp) financial statements to our server. Now each file has a the user name in the file name. So we need to be able to show only these statements to the appropriate user. I know that there has