Waas in assymetric routing scenario

Similar Messages

• WAAS via asymetric routing in a triangle mash

  Hi all,
  due a misconfiguration i had an asymetric routing scenario in my network environment between three different locations.
  The effect was:
  traffic from A to C ran directly.
  traffic from C to A ran via B.
  So far so good.
  for sure i know that this scenario is not recommended. However from my experiences i would expect that everything runs cause
  WAE in Lokation B would not touch anything as long as WAE in A and WAE in C are closet to client and Server.
  Now to my question:
  Would WAAS work in an asymetric scenario like this?
  In each of these locations i have a WAE connected implemented via WCCP redirection on my outgoing interfaces.

  Hi Dieter,
  The basic condition for WAAS to optimize the traffic is that the WAAS appliance needs to see SYN, SYN-ACK thru the same WAE unit for any TCP session. If it does not, WAAS will not optimize the traffic.
  Now looking at your case scenario,
  Traffic from A to C runs directly but C to A runs via B.
  If you have WAAS at all three sites, it will optimize traffic between A to C, B to A and C to B and vice versa.
  Now, for the traffic between A and C, when the traffic passes thru B while returning from C, (second scenario), it will automatically find out that server or client A is not in its local side so it will let it put in pass thru as Pass-through intermidiate (On WAAS B) and sent it to other site (A/C).
  But if A or C WAAS does not recieve Syn,SYN/ACK for the tcp session, it will be asymmetric and will not be optimized. Further, it might adversely affect the performance.
  On the other side, if you have WAAS at all three sites, Asymmetry exists only for site B and not for A or C. This is not a "TRUE" network asymmetry. Network Asymmetry happens when the device misses any of the initial tcp handshake packets.
  Hope this helps.
  Regards.
  PS: Please mark this as Answered, if it answers your question.

• WAAS connection to router.

  When connecting WAAS directly to router interface, is a straight through cable used?

  Dan,
  If you are using 100 mb, then you should use a crossover. if you are using 1000 mb (gig), then it shouldn't matter.
  Hope that helps,
  Dan

• Routing scenario.

  We have configured EIGRP on Location C and redistributing into BGP in Location C peer routers. Also, we are running IBGP between R1 & R2.
  Running EBGP between R1 (Location C) and R3 (Location A) & R4 (Location C) and R2 (Location B).
  Between Location A, Location D and Location B we have MPLS cloud, where we are running BGP.
  Now, we are facing problem that users in Location C needs to access server farm located in Location A & Location D, where primary path should be
  Between Location C- Location A (R1 - R 3) and secondary path is Location C - Location B (R2 - R4).
  But while doing the configuration, we are facing issue while advertising the routes in MPLS cloud, as we running BGP and redistributing the static routes.
  Now, question is on which MPLS router we shall add the static route pointing to L3 switch for Location C subnet.
  Or if there is any other solution we can apply for this scenario to work.
  Thanks in Advance to all people for advising.

  In your scenario, I would install a 4-port HWIC Ethernet card into both WAN routers then have your WAAS box plugged into them. One interface configured as the primary and the second one configured for standby. You would need to have an Ethernet cable plugged between the 2 WAN routers for transit traffic. Configure L2/forward and GRE for the return traffic and use WCCP negotiate return for the egress method. This is how all of our remote sites are setup. A second method is if you don't want to plug directly into the WAN routers, you can replace your l3 (model ?) switches with a stack of 3750Es and make them look like one logical switch.

• WAAS and WCCP router selection

  Hi
  Is there some information about that how much of wccp traffic can be handled by different model of routers?
  I'm not looking for throughput report like Process\CEF switching per routers but I would like to see some info about wccp treshold on each models, what's the maximum amount of redirected traffic what the router can handle?
  thanks

  no "out" anywhere. The LAB router has a WAE list to only allow redirect to the lab WAE. I don't even need the 62 in on the WAN side, just applying 61 in on the LAN side breaks telnet to the router.
  LOOPING PACKET DETECTION:
  from router console
  Feb 27 14:56:32.924: %IP-3-LOOPPAK: Looping packet detected and dropped -
  src=132.242.11.18, dst=153.61.83.70, hl=20, tl=76, prot=47, sport=0, dport=0
  in=GigabitEthernet0/1, nexthop=153.61.83.70, out=GigabitEthernet0/1
  options=none -Process= "IP Input", ipl= 0, pid= 77 -Traceback= 0x410F6978 0x415CC960 0x415CDC60 0x415BBB38 0x415BCF18 0x415BD27C 0x415BD2FC 0x415BD4E8
  Router configuration:
  ip wccp 61 redirect-list REDIRECT-WAAS-SUBNETS-61 group-list remote-waas-box
  interface Loopback0
  ip address 132.242.11.18 255.255.255.255
  h323-gateway voip bind srcaddr 132.242.11.18
  interface GigabitEthernet0/0.83
  description << data vlan 83 >>
  encapsulation dot1Q 83
  ip address 153.61.83.3 255.255.255.192
  ip helper-address 192.127.250.22
  ip helper-address 149.25.1.182
  no ip proxy-arp
  ip wccp 61 redirect in
  standby 83 ip 153.61.83.1
  standby 83 priority 200
  standby 83 preempt
  standby 83 track Serial0/1/0:0.99 100
  interface GigabitEthernet0/1
  description << WHQ LAB CE connection >>
  ip address 153.61.83.65 255.255.255.192
  load-interval 30
  duplex full
  speed 100
  ip access-list standard remote-waas-box
  permit 153.61.83.70
  ip access-list extended REDIRECT-WAAS-SUBNETS-61
  permit ip 153.61.83.0 0.0.0.63 any
  WAE configuration:
  device mode application-accelerator
  primary-interface GigabitEthernet 1/0
  interface GigabitEthernet 1/0
  ip address 153.61.83.70 255.255.255.192
  no autosense
  bandwidth 100
  full-duplex
  exit
  wccp router-list 1 153.61.83.65
  wccp tcp-promiscuous router-list-num 1
  wccp version 2
  wccp slow-start enable

• Urgent ! Router-WAAS WCCP problem

  I have dot1q enabled 7507 connecting frame relay branch to data centre.
  Core WAAS sits on a VLAN subinterface.
  As soon as I enable "ip wcccp redirect 61 in" on VLAN trunked interface, I am loosing connection to the branch.
  the config is here..
  interface GigabitEthernet4/0/0
  description Core Data Centre Trunk VLAN 3,120 to SWDC03 3/16
  no ip address
  no ip redirects
  no ip unreachables
  no ip proxy-arp
  load-interval 30
  negotiation auto
  no cdp enable
  interface GigabitEthernet4/0/0.3
  description Core Data Centre VLAN
  encap dot1q 3
  ip address xxxx
  ip wccp 61 redirect in
  no ip redirects
  no ip unreachables
  no ip proxy-arp
  ip nbar protocol-discovery
  ip route-cache flow
  no cdp enable
  standby 3 ip 10.64.205.17
  standby 3 priority 150
  standby 3 preempt
  interface GigabitEthernet4/0/0.120
  description Core WAAS VLAN120
  encap dot1q 120
  ip address yyyyyyy
  ip wccp redirect exclude in
  no ip redirects
  no ip unreachables
  interface Serial0/0/3.64 point-to-point
  ip wccp 62 redirect in
  The IOS version is rsp-jsv-mz.123-17b and WAAS version 4.0.13.I have tested this before without VLAN trunking on another router using a seperate interface and it was working.Any idea ?
  thanks

  thanks guys. I will explain the problem a bit more.When WAAS sits on a seperate i/f on WAN router, it works fine. i.e "wccp redirect 61 in " on interface connecting WAN router to Data Centre and "wccp redirect 62 in" on WAN frame relay. Then I configured the i/f connecting WAN router to Data Centre as dot1q trunk and a dedicated VLAN is created for WAAS. The default gateway for WAAS is HSRP address in 6509s. The WCCP router address configured in WAAS is the loopback0 address of the WAN router. The "wccp redirect 62 in" on WAN frame relay stays same. However, " wccp redirect 61 in " carried to a new subinterface on the same access as WAAS VLAN.
  All WCCP commands show that there is a connection between WAAS and WAN router, packet count goes up. However, all TCP sessions to the brach (initiated from the Data Centre) fail. I have also tested with and without "wccp redirect exclude in" on WAAS VLAN subinterface without success. Since I had to install the branch the WAAS on the weekend, I moved WAAS back to dedicated interface on WAN router. It works fine but I can not implement redundancy.
  The suggestion was to make WAN router subinterface HSRP active rather than 6509 MSFCs.So WAAS talks to WAN routers loopback address and default gateway also points to the same router rather than MSFC. I have not had a chance to test this but I will test in the coming weeks. I was also suggested to use layer2 redirection on 6509 but did not have any chance to look at it closely.
  thanks
  Serhat

• Best practice with WCCP flows for WAAS

  Hi,
  I have a WAAS SRE 910 module in a 2911 router that intercepts packets from this router with WCCP.
  All packets are received by external interface (gi 2/0, connected to a switch with port configured in WCCP vlan), and are sent back to the router via internal interface (gi 1/0 directly connected to the router) :
  WAAS# sh interface gi 1/0
  Internet Address                    : 10.0.1.1
  Netmask                             : 255.255.255.0
  Admin State                         : Up
  Operation State                     : Running
  Maximum Transfer Unit Size          : 1500
  Input Errors                        : 0
  Input Packets Dropped               : 0
  Packets Received                    : 20631
  Output Errors                       : 0
  Output Packets Dropped              : 0
  Load Interval                       : 30
  Input Throughput                    : 239 bits/sec, 0 packets/sec
  Output Throughput                   : 3270892 bits/sec, 592 packets/sec
  Packets Sent                        : 110062
  Auto-negotiation                    : On
  Full Duplex                         : Yes
  Speed                               : 1000 Mbps
  WAAS# sh interface gi 2/0
  Internet Address                    : 10.0.2.1
  Netmask                             : 255.255.255.0
  Admin State                         : Up
  Operation State                     : Running
  Maximum Transfer Unit Size          : 1500
  Input Errors                        : 0
  Input Packets Dropped               : 0
  Packets Received                    : 86558
  Output Errors                       : 0
  Output Packets Dropped              : 0
  Load Interval                       : 30
  Input Throughput                    : 2519130 bits/sec, 579 packets/sec
  Output Throughput                   : 3431 bits/sec, 2 packets/sec
  Packets Sent                        : 1580
  Auto-negotiation                    : On
  Full Duplex                         : Yes
  Speed                               : 100 Mbps
  The default route configured in WAAS module is 0.0.0.0/0 to 10.0.1.254 (router interface).
  Would it be better that packets leave WAAS module by the external interface (in place of the internal interface) ?
  Is there a best practice recommended by Cisco on this ?
  Thanks.
  Stéphane

  Hi Stephane,
  We usually advise the following in such scenario with an internal module:
  "ip wccp 61 redirect in" the LAN interface.
  "ip wccp 61 redirect in" on the WAN one.
  "ip wccp redirect exclude in" on the internal interface between the WAAS and the router.
  That way, we are sure that no loops are created because of the WCCP redirection.
  Regards,
  Nicolas

• ACE in routed mode

  My first question, can anyone recommend some very heavy reading discussing the ACE modules and associated traffic flows and order of operations?  Not just how-to scenarios.
  And the primary question that brings me here:
  I've got an ACE module in a 6500 chassis that's configured for routed mode.  For the purpose of this question we'll say that on the ACE I have a single VLAN for vIPs and a single VLAN for rservers.  vIP VLAN is 12 and rserver VLAN is 101.  I have a pair of App servers being load balanced, and a pair of Web servers being load balanced.
  When user devices send traffic to the Web servers vIP, traffic hits the SVI for VLAN 12 and the service-policy is applied manipulating that traffic and sending it to the VLAN 101 SVI and on down to an rserver.  The same if user devices are sending traffic to the App servers vIP.
  When a Web server tries to send over to the App servers vIP, I get no response.  In fact, from the Web server I can't even ping my gateway (SVI for VLAN 101).  How do I get the Web server to send traffic loadbalanced across the App servers?
  Here's an example ACE config:
  access-list ALL line 8 extended permit ip any any
  probe tcp 5555
    port 5555
    interval 5
    passdetect interval 30
  probe http HTTP
    interval 5
    passdetect interval 30
    expect status 200 200
  rserver host APP01
    description App Server 1
    ip address 10.10.101.15
    probe 5555
    inservice
  rserver host APP02
    description App Server 2
    ip address 10.10.101.16
    probe 5555
    inservice
  rserver host WEB01
    description Web Server 1
    ip address 10.10.101.17
    probe HTTP
    inservice
  rserver host WEB02
    description Web Server 2
    ip address 10.10.101.18
    probe HTTP
    inservice
  serverfarm host APP-SERVERS
    predictor leastconns
    rserver APP01
      inservice
    rserver APP02
      inservice
  serverfarm host WEB-SERVERS
    predictor leastconns
    rserver WEB01
      inservice
    rserver WEB02
      inservice
  sticky ip-netmask 255.255.255.255 address both WEB-STICKY
    replicate sticky
    serverfarm WEB-SERVERS
  sticky ip-netmask 255.255.255.255 address both APP-STICKY
    replicate sticky
    serverfarm APP-SERVERS
  class-map match-any APP-VIP
    description App Servers VIP
    2 match virtual-address 10.10.12.21 tcp eq 5555
  class-map match-any WEB-VIP
    description Web Servers VIP
    2 match virtual-address 10.10.12.20 tcp eq https
    3 match virtual-address 10.10.12.20 tcp eq www
  policy-map type loadbalance first-match L7-APP-SERVERS
    class class-default
      sticky-serverfarm APP-STICKY
  policy-map type loadbalance first-match L7-WEB-SERVERS
    class class-default
      sticky-serverfarm WEB-STICKY
  policy-map multi-match L4-CONTEXT-A-VLAN
    class WEB-VIP
      loadbalance vip inservice
      loadbalance policy L7-WEB-SERVERS
      loadbalance vip icmp-reply
    class APP-VIP
      loadbalance vip inservice
      loadbalance policy L7-APP-SERVERS
      loadbalance vip icmp-reply
  interface vlan 12
    description ACE-CONTEXT-A-vIPs
    ip address 10.10.12.5 255.255.252.0
    alias 10.10.12.4 255.255.252.0
    peer ip address 10.10.12.6 255.255.252.0
    access-group input ALL
    service-policy input MGMT-ACCESS
    service-policy input L4-CONTEXT-A-VLAN
    no shutdown
  interface vlan 101
    description ACE-CONTEXT-A-SERVERS
    ip address 10.10.101.2 255.255.255.0
    alias 10.10.101.1 255.255.255.0
    peer ip address 10.10.101.3 255.255.255.0
    access-group input ALL
    no shutdown

  Hi Adam,
  You can check Gilles'  DC t-shooting guides that should give you a very good overwiew about packet processing on the ACE; also you can check
  the Cisco wiki site where you find the scenarios plus a detailed explanation for traffic management.
  Now going back to your issue, you problem can be splitted in two parts.
  1. Web server not able to ping VLAN 101 ACE's SVI.
  ACE is a closed device, meaning that access to each Interface/VLAN needs to be explicitly configured; you need to apply the management policy
  to the 101 SVI to allow ICMP or any other management protocol. You can apply the same (service-policy input MGMT-ACCESS) or create a new
  one just for ICMP, that's up to you.
  2. Web servers not able to communicate with APP servers thorugh VIP.(vise-versa)
  Problem here is that servers are trying to communicate through SVI 101 but no VIPs are applied to it so the ACE will simply discard the packets
  for 10.10.12.20/10.10.12.21 on that interface, servers have the ARP and everything to reach those VIPs but the ACE has not been instructed to do
  load balancing for clients reaching it out through VLAN 101.
  In order to do load balancing between APP & Web Servers you need to configure  L4-CONTEXT-A-VLAN on SVI 101 as well.
  Also since your servers are sitting all in the same VLAN you're going to need client NAT to prevent assymetric routing on server-to-server communications.
  I've attached a sample with NAT based on your config.
  HTH
  Pablo

• WAAS Problem

  Hi all,
  I have a problem with WAAS install. Basically, there is 1 CORE 674 wave, which has a vPC into 2 Nexus 7010s. I use L2 forwarding & mask.
  There are around 100 remote sites, all over the world.
  If I shut down the vPC on the 2nd Nexus 7k, the problem is still there. This to me looks like a problem with vPC, and redirect back from the Server side (at the DC). I have the identical 61/62 Service Group configurations on both Nexus' though...
  I am not pointing to any VIP -- just the physical IP of the Nexus 7k.
  Basically, one ping makes it, the second does not, the third does, etc. I've posted before and after....any ideas of what is happening?
  I thought this is due to assymetrical routing, but accd to WAAS output logs not much asymmetry...

  Robert,
  It is possible that disk00 is bad/ has failed.  Try the following:
  1) WAE(config)#no disk disk-name disk00 shutdown force
  If you get output similar to below go to option 2.
  pdi-574-rtp(config)#no disk disk-name disk00 shutdown force
  It takes time spinning up disk0. Please wait.
  Disk not insert or not spin up yet. Please check cable or check syslog for RAID rebuild start events!
  2)  You can try to re-install the software with the recovery CD.
  http://www.cisco.com/en/US/partner/docs/app_ntwk_services/waas/waas/v431/configuration/guide/maint.html#wp1173532
  If the option "Wipe out disks and install .bin image" fails because it can't find disk00 you most likely need an RMA for a disk and you will need to open a TAC case to get this processed.
  Regards,
  Mike Korenbaum
  Cisco Data Center PDI Help Desk
  http://www.cisco.com/go/pdihelpdesk

• Is WAAS 5 that much better than previous versions?

  I have never used Cisco WAAS for wan op (I've used BlueCoat and Silverpeak) and have heard less than complimentary comments on its ease of deployment and overall functionality. I am currently looking to replace my aging Bluecoat environment and am curious about people's opinion of 5.X.
  From what I have heard it is night and day different and an overall much better better product.
  What are the communities opinions? How does it stack up agianst Riverbed and the other players?

  Hi Kenny,
  you are asking for community opinion. Working for Cisco I can give you my perspective, I hope that counts as well ;-)
  You are right about the day and night difference.
  One of the reasons is the completely reworked Central Manager GUI, which is using HTML 5 now. So it can be used on iPads or similar as well. But more important is the Look and Feel and usability of version 5, which is perceived very positive from what I take away in my conversations with customers.
  Perhaps the biggest addition to the portfolio is a new redirection technology, AppNav (Application Navigation).
  With AppNav you can now do loadbalancing and traffic distribution to a WAAS (WAE/WAVE) cluster more easily and in fine granularity. This means, you can distribute certain networks (Branches) or applications to a certain set of WAAS appliances at ease.
  What think needs to be mentioned are Cisco's partnerships with leading IT companies in order to jointly work on Application Optimizers and haveing them certified. Best example, if we are talking about the new version (so true for 4.5 as well) is The Citrix ready certification for ICA optimization.
  Others inlcude e.g SAP NetWaver, and Microsoft Protocols ( CIFS/SMB /native v2, (e)MAPI, Video Streaming Server, virtual Windows Appliance on WAAS), ...
  Other Highlights:
  WAAS Express Version 2. You can run WAAS on your Router as an IOS Feature.
  SSL scalabilty at 75.000 concurrent sessions on WAVE 8541.
  Cloud solution with vWAAS (virtual WAAS).
  Hope that give a first impression,
  chris

• Parallel operations in Routing

  Dear All,
  is it possible that we can have two parallel operations in the routing.
  scenario is: ona production line every thing is same except one operation i.e, melting where there are two furnaces 1 and 2. 50 % of the material melts through furnace 1 and remaining 50 % through furnace 2. so how can we cater this in routing.

  Waiting

• Branch WAAS(547) missing from CM...can't add back

  Hi,
  One of our branch WAAS devices had the wrong hostname and I edited our DNS/TACACS and updated the hostname in the WAAS itself.
  I went to the Central Manager and deleted the old entry and went to the branch WAAS, enabled cms, disabled/enable the tcp promiscuous 61/62, and WCCP is up. I can see redirection happening on the WAAS and the router but the Central Manager does not have an entry for the WAAS device. I can also ping the central manager from the branch WAAS and visa versa. Everything seems to be working optimization wise but I can't figure out why I can't see the hostname of the box in the CM gui. It's been two days and it's not showing up.
  Here is the cms info on the branch WAAS (IP's omitted).
  waxxx-1a#sho cms info
  Device registration information :
  Device Id                            = 321765                             
  Device registered as                 = WAAS Application Engine            
  Current WAAS Central Manager         = <cm ip>                       
  Registered with WAAS Central Manager = <cm ip>
  CMS services information :
  Service cms_ce is running
  Do I need to delete the partitions on the branch WAAS or something? I'm at a loss.
  Thanks.

  Thanks for the reply.
  I have a central manager address configured on the branch WAAS but when I try to deregister it, I get this output that it failed.
  I can't follow the document because you need to select the device in the central manager to mark it replacable. The device doesn't exist in the central manager so I can't follow that document.
  waxxx-1a#cms deregister
  Deregistering WAE device from Central Manager will result in loss of data on encrypted file systems, imported certificate/private keys for SSL service and cifs/wafs preposition credentials. If secure store is initialized and open, clear secure store and wait for one datafeed poll rate to retain cifs/wafs preposition credentails.
  If encrypted MAPI is enabled, windows-domain encryption-service identities will be disabled. The passwords must be re-entered again the next time the WAE joins a central manager.
  Do you really want to continue (yes|no) [no]?yes
  Disabling management service.
  management services stopped
  Sending de-registration request to CM
  Unable to get Central Manager ip address setting. Please make sure 'central-manager address' is set
  Device de-regsitration failed.

• WAAS HHD query

  Hi Cisco, 
  i wanted to know if hard drives are same for below WAAS models and are inter-changeable between them.
  WAE-612-K9  --> WAVE-694-K9
  WAE-7371-K9 --> WAVE-8541-K9
  Note : I need a Cisco TAC engineer specialized in WAAS helping me answering the query. 

  WCCP not supported on tunnel interfaces for 6500 & 7600 interfaces. Other than that okay.
  see below.
  Cisco WAAS supports asymmetric routing through the use of sharing network interception and redirection configuration across WAN boundary routers within a location. If all routers that connect a location to the WAN are participating in the same WCCPv2 service groups or have the same list of WAEs configured as next-hop routers (in the same order), the same WAE will receive redirected traffic regardless of the WAN link that traffic was destined to or coming in from.
  For instance, if a customer has two WAN connections - one going to provider #1 and another going to provider #2, WCCPv2 can be configured such that the routers participate in the same WCCPv2 service groups, and the WAEs can be configured to register with both of the routers. This also requires that the WCCPv2 redirection configuration be applied identically across each of the routers within the same location, i.e. use of 61/in on the LAN side on both routers and 62/out on the LAN side on both routers (or any valid combination of 61/62 in/out as long as they are identical amongst all routers within the location).
  As traffic enters a WAN boundary router, it will determine which WAE to redirect the traffic to based on a hash of either the source IP (service group 61 in the network path) or destination IP (service group 62 in the network path). The allocated hash buckets are synchronized within the service group, and the hash value obtained at either router will be the same as it would be had the traffic been forwarded through the opposite router. In this way, traffic is always redirected to the same WAE every time, regardless of which WAN link is used, or which router the traffic was forwarded to or through. As such, Cisco WAAS provides support for environments where asymmetric routing may be encountered.

• Data Center Redundancy

  Hi, dear experts!
  I) My  Input data is (read please, or see attach):
  - I have one active data center (main office), one backup data center (backup office), and several branch offices and many corporate internet users
  - Each of the offices has redundant internet connection: Main office via ISP1 and ISP2, backup office via ISP3 and ISP4.
  - Standby data center duplicates corporates services (such as Exchange, Sharepoint, FileStorage).
  - Main office and backup office are long-distanced from each other (about 800 km), and interconnected via 1Gb fiberoptic.
  II) My tasks are:
  1. Provide redundant network  connection for local ofiice users to corporate services.
  2. Provide redundant network connection for branch offices and internet users to corporate services.
  III) My ideas are:
  1. Accordingly to the 1-st task. Here I suppose to use load balancers in redundant configuration.
  2. Accordingly to the 2-nd task. To my mind there are two scenarios.
  2.1 First scenario. To built a DMVPN topology using main and backup offices as a hubs, and branch offices as a spokes.
  2.2 Second scenario. To by provider independet IPv4-adress block and ASN, to advertise main and backup office networks in internet.
  IV) My questions are:
  -What scenario according to the 2-nd task is better: using a DMVPN-topology or using an ASN-redundancy?
  -Is it possible to avoid assymetric routing problems in case of using a an ASN-redundancy?
  Thank you!

  I think Global loadblancer device will solve your both issue or there is an other solution for 2nd question,
  to use BGP confedration, that means use two private ASN internaly one in each DC, and put them both DC in one confedration, use one public ASN with all your  ISP's.
  Regards,

• WCCP Branch Design Question

  /* Style Definitions */
  table.MsoNormalTable
  {mso-style-name:"Table Normal";
  mso-tstyle-rowband-size:0;
  mso-tstyle-colband-size:0;
  mso-style-noshow:yes;
  mso-style-priority:99;
  mso-style-qformat:yes;
  mso-style-parent:"";
  mso-padding-alt:0in 5.4pt 0in 5.4pt;
  mso-para-margin-top:0in;
  mso-para-margin-right:0in;
  mso-para-margin-bottom:10.0pt;
  mso-para-margin-left:0in;
  line-height:115%;
  mso-pagination:widow-orphan;
  font-size:11.0pt;
  font-family:"Calibri","sans-serif";
  mso-ascii-font-family:Calibri;
  mso-ascii-theme-font:minor-latin;
  mso-fareast-font-family:"Times New Roman";
  mso-fareast-theme-font:minor-fareast;
  mso-hansi-font-family:Calibri;
  mso-hansi-theme-font:minor-latin;}
  Hello -
  We have to redesign our WCCP setup at the branch office, because WAAS VB doesn't support standby. Our current design is having 2 WAN routers, one is for the primary WAN (MPLS) and the 2nd is for a GRE backup. Both WAEs GIG 1/0 interfaces are plugged directly into a 4ESW-HWIC module on an ISR router on the primary one, GIG 2/0 interfaces are plugged directly in another 4ESW-HIC module on the backup GRE router. The 4ESW-HWIC doesn't support port-channel so this is my reasoning for the redesign. See attached WAAS_Branch_Current_Design PIC.
  The WCCP 61/62 options are currently configured on the LAN facing interface on the routers, 61 out and 62 redirect in for load balancing based on destination IP address. The new design is moving the WAE to the CORE layer and configuring port-channel since we’re going to be using VB at the branches. The WCCP will still be done at the WAN router edge. I was told it’s best to use the WCCP option inbound only, rather than an outbound redirection.
  Based on the attached WAAS Branch Redesign PIC, would there be any WCCP routing loops with respect to where I have placed the 61 and 62 options? Some branches will have remote sale centers hanging off of either the WAN primary router or the GRE backup router, but not have WAAS. It’s most likely traffic could be seen twice on a 61 redirect in. One of the designs I’ve seen in a PDF doc from Networkers (BRKAPP-2021) showing the 61 and 62 are on the WAN facing interfaces to avoid WCCP routing loops with a dual router scenario at a branch site. The number of uses will vary from 50 to 400+. I want to keep the design the same for every branch.

  /* Style Definitions */
  table.MsoNormalTable
  {mso-style-name:"Table Normal";
  mso-tstyle-rowband-size:0;
  mso-tstyle-colband-size:0;
  mso-style-noshow:yes;
  mso-style-priority:99;
  mso-style-qformat:yes;
  mso-style-parent:"";
  mso-padding-alt:0in 5.4pt 0in 5.4pt;
  mso-para-margin-top:0in;
  mso-para-margin-right:0in;
  mso-para-margin-bottom:10.0pt;
  mso-para-margin-left:0in;
  line-height:115%;
  mso-pagination:widow-orphan;
  font-size:11.0pt;
  font-family:"Calibri","sans-serif";
  mso-ascii-font-family:Calibri;
  mso-ascii-theme-font:minor-latin;
  mso-fareast-font-family:"Times New Roman";
  mso-fareast-theme-font:minor-fareast;
  mso-hansi-font-family:Calibri;
  mso-hansi-theme-font:minor-latin;}
  Thank you for your response. The reason for the redesign is to support virtual blades. I don't want to send the VB traffic all the way up to the WAN routers. The VLAN 738 on the new design will live on the core switch and WCCP will be performed on the WAN routers. So yes, I will be using WCCP negotiate returnmethod. The only concern I have is you will be bouncing the traffic in an out of the LAN facing interface on your WAN router. Basically you will be sending all of your original traffic andoptimized traffic out the same LAN interface, possibly doubling your volume on this link if you don't get good compression.
  /* Style Definitions */
  table.MsoNormalTable
  {mso-style-name:"Table Normal";
  mso-tstyle-rowband-size:0;
  mso-tstyle-colband-size:0;
  mso-style-noshow:yes;
  mso-style-priority:99;
  mso-style-qformat:yes;
  mso-style-parent:"";
  mso-padding-alt:0in 5.4pt 0in 5.4pt;
  mso-para-margin-top:0in;
  mso-para-margin-right:0in;
  mso-para-margin-bottom:10.0pt;
  mso-para-margin-left:0in;
  line-height:115%;
  mso-pagination:widow-orphan;
  font-size:11.0pt;
  font-family:"Calibri","sans-serif";
  mso-ascii-font-family:Calibri;
  mso-ascii-theme-font:minor-latin;
  mso-fareast-font-family:"Times New Roman";
  mso-fareast-theme-font:minor-fareast;
  mso-hansi-font-family:Calibri;
  mso-hansi-theme-font:minor-latin;}
  Do you see a potential delay in this setup?