Waas in assymetric routing scenario
I have a waas appliance connected to the L3 switch. there is hsrp running between the wan switches where one of the L3 switch is active and the other is passive. so the waas is in active stanby interface level failover. the cross connection between the wan routers and switches are all l3 and are running ospf routing protocol. I have 2 wan connection on the site. The traffic might leave the network from one end and come through the other end and vice versa. WCCP will be configured on both the switches. Now how is wae going to respond with assymetric routing in this situation that the outgoing traffic that come through L3 switch 1 and is going out through wan router 1 , it might come back through wan router 2 and again redirected to wae through the L3 switch 2. Is it going to work. Well the redirection is Ip wccp ip forwarding and so is the egress method of ip forwarding.
In your scenario, I would install a 4-port HWIC Ethernet card into both WAN routers then have your WAAS box plugged into them. One interface configured as the primary and the second one configured for standby. You would need to have an Ethernet cable plugged between the 2 WAN routers for transit traffic. Configure L2/forward and GRE for the return traffic and use WCCP negotiate return for the egress method. This is how all of our remote sites are setup. A second method is if you don't want to plug directly into the WAN routers, you can replace your l3 (model ?) switches with a stack of 3750Es and make them look like one logical switch.
Similar Messages
-
WAAS via asymetric routing in a triangle mash
Hi all,
due a misconfiguration i had an asymetric routing scenario in my network environment between three different locations.
The effect was:
traffic from A to C ran directly.
traffic from C to A ran via B.
So far so good.
for sure i know that this scenario is not recommended. However from my experiences i would expect that everything runs cause
WAE in Lokation B would not touch anything as long as WAE in A and WAE in C are closet to client and Server.
Now to my question:
Would WAAS work in an asymetric scenario like this?
In each of these locations i have a WAE connected implemented via WCCP redirection on my outgoing interfaces.Hi Dieter,
The basic condition for WAAS to optimize the traffic is that the WAAS appliance needs to see SYN, SYN-ACK thru the same WAE unit for any TCP session. If it does not, WAAS will not optimize the traffic.
Now looking at your case scenario,
Traffic from A to C runs directly but C to A runs via B.
If you have WAAS at all three sites, it will optimize traffic between A to C, B to A and C to B and vice versa.
Now, for the traffic between A and C, when the traffic passes thru B while returning from C, (second scenario), it will automatically find out that server or client A is not in its local side so it will let it put in pass thru as Pass-through intermidiate (On WAAS B) and sent it to other site (A/C).
But if A or C WAAS does not recieve Syn,SYN/ACK for the tcp session, it will be asymmetric and will not be optimized. Further, it might adversely affect the performance.
On the other side, if you have WAAS at all three sites, Asymmetry exists only for site B and not for A or C. This is not a "TRUE" network asymmetry. Network Asymmetry happens when the device misses any of the initial tcp handshake packets.
Hope this helps.
Regards.
PS: Please mark this as Answered, if it answers your question. -
WAAS connection to router.
When connecting WAAS directly to router interface, is a straight through cable used?
Dan,
If you are using 100 mb, then you should use a crossover. if you are using 1000 mb (gig), then it shouldn't matter.
Hope that helps,
Dan -
We have configured EIGRP on Location C and redistributing into BGP in Location C peer routers. Also, we are running IBGP between R1 & R2.
Running EBGP between R1 (Location C) and R3 (Location A) & R4 (Location C) and R2 (Location B).
Between Location A, Location D and Location B we have MPLS cloud, where we are running BGP.
Now, we are facing problem that users in Location C needs to access server farm located in Location A & Location D, where primary path should be
Between Location C- Location A (R1 - R 3) and secondary path is Location C - Location B (R2 - R4).
But while doing the configuration, we are facing issue while advertising the routes in MPLS cloud, as we running BGP and redistributing the static routes.
Now, question is on which MPLS router we shall add the static route pointing to L3 switch for Location C subnet.
Or if there is any other solution we can apply for this scenario to work.
Thanks in Advance to all people for advising.In your scenario, I would install a 4-port HWIC Ethernet card into both WAN routers then have your WAAS box plugged into them. One interface configured as the primary and the second one configured for standby. You would need to have an Ethernet cable plugged between the 2 WAN routers for transit traffic. Configure L2/forward and GRE for the return traffic and use WCCP negotiate return for the egress method. This is how all of our remote sites are setup. A second method is if you don't want to plug directly into the WAN routers, you can replace your l3 (model ?) switches with a stack of 3750Es and make them look like one logical switch.
-
WAAS and WCCP router selection
Hi
Is there some information about that how much of wccp traffic can be handled by different model of routers?
I'm not looking for throughput report like Process\CEF switching per routers but I would like to see some info about wccp treshold on each models, what's the maximum amount of redirected traffic what the router can handle?
thanksno "out" anywhere. The LAB router has a WAE list to only allow redirect to the lab WAE. I don't even need the 62 in on the WAN side, just applying 61 in on the LAN side breaks telnet to the router.
LOOPING PACKET DETECTION:
from router console
Feb 27 14:56:32.924: %IP-3-LOOPPAK: Looping packet detected and dropped -
src=132.242.11.18, dst=153.61.83.70, hl=20, tl=76, prot=47, sport=0, dport=0
in=GigabitEthernet0/1, nexthop=153.61.83.70, out=GigabitEthernet0/1
options=none -Process= "IP Input", ipl= 0, pid= 77 -Traceback= 0x410F6978 0x415CC960 0x415CDC60 0x415BBB38 0x415BCF18 0x415BD27C 0x415BD2FC 0x415BD4E8
Router configuration:
ip wccp 61 redirect-list REDIRECT-WAAS-SUBNETS-61 group-list remote-waas-box
interface Loopback0
ip address 132.242.11.18 255.255.255.255
h323-gateway voip bind srcaddr 132.242.11.18
interface GigabitEthernet0/0.83
description << data vlan 83 >>
encapsulation dot1Q 83
ip address 153.61.83.3 255.255.255.192
ip helper-address 192.127.250.22
ip helper-address 149.25.1.182
no ip proxy-arp
ip wccp 61 redirect in
standby 83 ip 153.61.83.1
standby 83 priority 200
standby 83 preempt
standby 83 track Serial0/1/0:0.99 100
interface GigabitEthernet0/1
description << WHQ LAB CE connection >>
ip address 153.61.83.65 255.255.255.192
load-interval 30
duplex full
speed 100
ip access-list standard remote-waas-box
permit 153.61.83.70
ip access-list extended REDIRECT-WAAS-SUBNETS-61
permit ip 153.61.83.0 0.0.0.63 any
WAE configuration:
device mode application-accelerator
primary-interface GigabitEthernet 1/0
interface GigabitEthernet 1/0
ip address 153.61.83.70 255.255.255.192
no autosense
bandwidth 100
full-duplex
exit
wccp router-list 1 153.61.83.65
wccp tcp-promiscuous router-list-num 1
wccp version 2
wccp slow-start enable -
Urgent ! Router-WAAS WCCP problem
I have dot1q enabled 7507 connecting frame relay branch to data centre.
Core WAAS sits on a VLAN subinterface.
As soon as I enable "ip wcccp redirect 61 in" on VLAN trunked interface, I am loosing connection to the branch.
the config is here..
interface GigabitEthernet4/0/0
description Core Data Centre Trunk VLAN 3,120 to SWDC03 3/16
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
load-interval 30
negotiation auto
no cdp enable
interface GigabitEthernet4/0/0.3
description Core Data Centre VLAN
encap dot1q 3
ip address xxxx
ip wccp 61 redirect in
no ip redirects
no ip unreachables
no ip proxy-arp
ip nbar protocol-discovery
ip route-cache flow
no cdp enable
standby 3 ip 10.64.205.17
standby 3 priority 150
standby 3 preempt
interface GigabitEthernet4/0/0.120
description Core WAAS VLAN120
encap dot1q 120
ip address yyyyyyy
ip wccp redirect exclude in
no ip redirects
no ip unreachables
interface Serial0/0/3.64 point-to-point
ip wccp 62 redirect in
The IOS version is rsp-jsv-mz.123-17b and WAAS version 4.0.13.I have tested this before without VLAN trunking on another router using a seperate interface and it was working.Any idea ?
thanksthanks guys. I will explain the problem a bit more.When WAAS sits on a seperate i/f on WAN router, it works fine. i.e "wccp redirect 61 in " on interface connecting WAN router to Data Centre and "wccp redirect 62 in" on WAN frame relay. Then I configured the i/f connecting WAN router to Data Centre as dot1q trunk and a dedicated VLAN is created for WAAS. The default gateway for WAAS is HSRP address in 6509s. The WCCP router address configured in WAAS is the loopback0 address of the WAN router. The "wccp redirect 62 in" on WAN frame relay stays same. However, " wccp redirect 61 in " carried to a new subinterface on the same access as WAAS VLAN.
All WCCP commands show that there is a connection between WAAS and WAN router, packet count goes up. However, all TCP sessions to the brach (initiated from the Data Centre) fail. I have also tested with and without "wccp redirect exclude in" on WAAS VLAN subinterface without success. Since I had to install the branch the WAAS on the weekend, I moved WAAS back to dedicated interface on WAN router. It works fine but I can not implement redundancy.
The suggestion was to make WAN router subinterface HSRP active rather than 6509 MSFCs.So WAAS talks to WAN routers loopback address and default gateway also points to the same router rather than MSFC. I have not had a chance to test this but I will test in the coming weeks. I was also suggested to use layer2 redirection on 6509 but did not have any chance to look at it closely.
thanks
Serhat -
Best practice with WCCP flows for WAAS
Hi,
I have a WAAS SRE 910 module in a 2911 router that intercepts packets from this router with WCCP.
All packets are received by external interface (gi 2/0, connected to a switch with port configured in WCCP vlan), and are sent back to the router via internal interface (gi 1/0 directly connected to the router) :
WAAS# sh interface gi 1/0
Internet Address : 10.0.1.1
Netmask : 255.255.255.0
Admin State : Up
Operation State : Running
Maximum Transfer Unit Size : 1500
Input Errors : 0
Input Packets Dropped : 0
Packets Received : 20631
Output Errors : 0
Output Packets Dropped : 0
Load Interval : 30
Input Throughput : 239 bits/sec, 0 packets/sec
Output Throughput : 3270892 bits/sec, 592 packets/sec
Packets Sent : 110062
Auto-negotiation : On
Full Duplex : Yes
Speed : 1000 Mbps
WAAS# sh interface gi 2/0
Internet Address : 10.0.2.1
Netmask : 255.255.255.0
Admin State : Up
Operation State : Running
Maximum Transfer Unit Size : 1500
Input Errors : 0
Input Packets Dropped : 0
Packets Received : 86558
Output Errors : 0
Output Packets Dropped : 0
Load Interval : 30
Input Throughput : 2519130 bits/sec, 579 packets/sec
Output Throughput : 3431 bits/sec, 2 packets/sec
Packets Sent : 1580
Auto-negotiation : On
Full Duplex : Yes
Speed : 100 Mbps
The default route configured in WAAS module is 0.0.0.0/0 to 10.0.1.254 (router interface).
Would it be better that packets leave WAAS module by the external interface (in place of the internal interface) ?
Is there a best practice recommended by Cisco on this ?
Thanks.
StéphaneHi Stephane,
We usually advise the following in such scenario with an internal module:
"ip wccp 61 redirect in" the LAN interface.
"ip wccp 61 redirect in" on the WAN one.
"ip wccp redirect exclude in" on the internal interface between the WAAS and the router.
That way, we are sure that no loops are created because of the WCCP redirection.
Regards,
Nicolas -
My first question, can anyone recommend some very heavy reading discussing the ACE modules and associated traffic flows and order of operations? Not just how-to scenarios.
And the primary question that brings me here:
I've got an ACE module in a 6500 chassis that's configured for routed mode. For the purpose of this question we'll say that on the ACE I have a single VLAN for vIPs and a single VLAN for rservers. vIP VLAN is 12 and rserver VLAN is 101. I have a pair of App servers being load balanced, and a pair of Web servers being load balanced.
When user devices send traffic to the Web servers vIP, traffic hits the SVI for VLAN 12 and the service-policy is applied manipulating that traffic and sending it to the VLAN 101 SVI and on down to an rserver. The same if user devices are sending traffic to the App servers vIP.
When a Web server tries to send over to the App servers vIP, I get no response. In fact, from the Web server I can't even ping my gateway (SVI for VLAN 101). How do I get the Web server to send traffic loadbalanced across the App servers?
Here's an example ACE config:
access-list ALL line 8 extended permit ip any any
probe tcp 5555
port 5555
interval 5
passdetect interval 30
probe http HTTP
interval 5
passdetect interval 30
expect status 200 200
rserver host APP01
description App Server 1
ip address 10.10.101.15
probe 5555
inservice
rserver host APP02
description App Server 2
ip address 10.10.101.16
probe 5555
inservice
rserver host WEB01
description Web Server 1
ip address 10.10.101.17
probe HTTP
inservice
rserver host WEB02
description Web Server 2
ip address 10.10.101.18
probe HTTP
inservice
serverfarm host APP-SERVERS
predictor leastconns
rserver APP01
inservice
rserver APP02
inservice
serverfarm host WEB-SERVERS
predictor leastconns
rserver WEB01
inservice
rserver WEB02
inservice
sticky ip-netmask 255.255.255.255 address both WEB-STICKY
replicate sticky
serverfarm WEB-SERVERS
sticky ip-netmask 255.255.255.255 address both APP-STICKY
replicate sticky
serverfarm APP-SERVERS
class-map match-any APP-VIP
description App Servers VIP
2 match virtual-address 10.10.12.21 tcp eq 5555
class-map match-any WEB-VIP
description Web Servers VIP
2 match virtual-address 10.10.12.20 tcp eq https
3 match virtual-address 10.10.12.20 tcp eq www
policy-map type loadbalance first-match L7-APP-SERVERS
class class-default
sticky-serverfarm APP-STICKY
policy-map type loadbalance first-match L7-WEB-SERVERS
class class-default
sticky-serverfarm WEB-STICKY
policy-map multi-match L4-CONTEXT-A-VLAN
class WEB-VIP
loadbalance vip inservice
loadbalance policy L7-WEB-SERVERS
loadbalance vip icmp-reply
class APP-VIP
loadbalance vip inservice
loadbalance policy L7-APP-SERVERS
loadbalance vip icmp-reply
interface vlan 12
description ACE-CONTEXT-A-vIPs
ip address 10.10.12.5 255.255.252.0
alias 10.10.12.4 255.255.252.0
peer ip address 10.10.12.6 255.255.252.0
access-group input ALL
service-policy input MGMT-ACCESS
service-policy input L4-CONTEXT-A-VLAN
no shutdown
interface vlan 101
description ACE-CONTEXT-A-SERVERS
ip address 10.10.101.2 255.255.255.0
alias 10.10.101.1 255.255.255.0
peer ip address 10.10.101.3 255.255.255.0
access-group input ALL
no shutdownHi Adam,
You can check Gilles' DC t-shooting guides that should give you a very good overwiew about packet processing on the ACE; also you can check
the Cisco wiki site where you find the scenarios plus a detailed explanation for traffic management.
Now going back to your issue, you problem can be splitted in two parts.
1. Web server not able to ping VLAN 101 ACE's SVI.
ACE is a closed device, meaning that access to each Interface/VLAN needs to be explicitly configured; you need to apply the management policy
to the 101 SVI to allow ICMP or any other management protocol. You can apply the same (service-policy input MGMT-ACCESS) or create a new
one just for ICMP, that's up to you.
2. Web servers not able to communicate with APP servers thorugh VIP.(vise-versa)
Problem here is that servers are trying to communicate through SVI 101 but no VIPs are applied to it so the ACE will simply discard the packets
for 10.10.12.20/10.10.12.21 on that interface, servers have the ARP and everything to reach those VIPs but the ACE has not been instructed to do
load balancing for clients reaching it out through VLAN 101.
In order to do load balancing between APP & Web Servers you need to configure L4-CONTEXT-A-VLAN on SVI 101 as well.
Also since your servers are sitting all in the same VLAN you're going to need client NAT to prevent assymetric routing on server-to-server communications.
I've attached a sample with NAT based on your config.
HTH
Pablo -
Hi all,
I have a problem with WAAS install. Basically, there is 1 CORE 674 wave, which has a vPC into 2 Nexus 7010s. I use L2 forwarding & mask.
There are around 100 remote sites, all over the world.
If I shut down the vPC on the 2nd Nexus 7k, the problem is still there. This to me looks like a problem with vPC, and redirect back from the Server side (at the DC). I have the identical 61/62 Service Group configurations on both Nexus' though...
I am not pointing to any VIP -- just the physical IP of the Nexus 7k.
Basically, one ping makes it, the second does not, the third does, etc. I've posted before and after....any ideas of what is happening?
I thought this is due to assymetrical routing, but accd to WAAS output logs not much asymmetry...Robert,
It is possible that disk00 is bad/ has failed. Try the following:
1) WAE(config)#no disk disk-name disk00 shutdown force
If you get output similar to below go to option 2.
pdi-574-rtp(config)#no disk disk-name disk00 shutdown force
It takes time spinning up disk0. Please wait.
Disk not insert or not spin up yet. Please check cable or check syslog for RAID rebuild start events!
2) You can try to re-install the software with the recovery CD.
http://www.cisco.com/en/US/partner/docs/app_ntwk_services/waas/waas/v431/configuration/guide/maint.html#wp1173532
If the option "Wipe out disks and install .bin image" fails because it can't find disk00 you most likely need an RMA for a disk and you will need to open a TAC case to get this processed.
Regards,
Mike Korenbaum
Cisco Data Center PDI Help Desk
http://www.cisco.com/go/pdihelpdesk -
Is WAAS 5 that much better than previous versions?
I have never used Cisco WAAS for wan op (I've used BlueCoat and Silverpeak) and have heard less than complimentary comments on its ease of deployment and overall functionality. I am currently looking to replace my aging Bluecoat environment and am curious about people's opinion of 5.X.
From what I have heard it is night and day different and an overall much better better product.
What are the communities opinions? How does it stack up agianst Riverbed and the other players?Hi Kenny,
you are asking for community opinion. Working for Cisco I can give you my perspective, I hope that counts as well ;-)
You are right about the day and night difference.
One of the reasons is the completely reworked Central Manager GUI, which is using HTML 5 now. So it can be used on iPads or similar as well. But more important is the Look and Feel and usability of version 5, which is perceived very positive from what I take away in my conversations with customers.
Perhaps the biggest addition to the portfolio is a new redirection technology, AppNav (Application Navigation).
With AppNav you can now do loadbalancing and traffic distribution to a WAAS (WAE/WAVE) cluster more easily and in fine granularity. This means, you can distribute certain networks (Branches) or applications to a certain set of WAAS appliances at ease.
What think needs to be mentioned are Cisco's partnerships with leading IT companies in order to jointly work on Application Optimizers and haveing them certified. Best example, if we are talking about the new version (so true for 4.5 as well) is The Citrix ready certification for ICA optimization.
Others inlcude e.g SAP NetWaver, and Microsoft Protocols ( CIFS/SMB /native v2, (e)MAPI, Video Streaming Server, virtual Windows Appliance on WAAS), ...
Other Highlights:
WAAS Express Version 2. You can run WAAS on your Router as an IOS Feature.
SSL scalabilty at 75.000 concurrent sessions on WAVE 8541.
Cloud solution with vWAAS (virtual WAAS).
Hope that give a first impression,
chris -
Parallel operations in Routing
Dear All,
is it possible that we can have two parallel operations in the routing.
scenario is: ona production line every thing is same except one operation i.e, melting where there are two furnaces 1 and 2. 50 % of the material melts through furnace 1 and remaining 50 % through furnace 2. so how can we cater this in routing.Waiting
-
Branch WAAS(547) missing from CM...can't add back
Hi,
One of our branch WAAS devices had the wrong hostname and I edited our DNS/TACACS and updated the hostname in the WAAS itself.
I went to the Central Manager and deleted the old entry and went to the branch WAAS, enabled cms, disabled/enable the tcp promiscuous 61/62, and WCCP is up. I can see redirection happening on the WAAS and the router but the Central Manager does not have an entry for the WAAS device. I can also ping the central manager from the branch WAAS and visa versa. Everything seems to be working optimization wise but I can't figure out why I can't see the hostname of the box in the CM gui. It's been two days and it's not showing up.
Here is the cms info on the branch WAAS (IP's omitted).
waxxx-1a#sho cms info
Device registration information :
Device Id = 321765
Device registered as = WAAS Application Engine
Current WAAS Central Manager = <cm ip>
Registered with WAAS Central Manager = <cm ip>
CMS services information :
Service cms_ce is running
Do I need to delete the partitions on the branch WAAS or something? I'm at a loss.
Thanks.Thanks for the reply.
I have a central manager address configured on the branch WAAS but when I try to deregister it, I get this output that it failed.
I can't follow the document because you need to select the device in the central manager to mark it replacable. The device doesn't exist in the central manager so I can't follow that document.
waxxx-1a#cms deregister
Deregistering WAE device from Central Manager will result in loss of data on encrypted file systems, imported certificate/private keys for SSL service and cifs/wafs preposition credentials. If secure store is initialized and open, clear secure store and wait for one datafeed poll rate to retain cifs/wafs preposition credentails.
If encrypted MAPI is enabled, windows-domain encryption-service identities will be disabled. The passwords must be re-entered again the next time the WAE joins a central manager.
Do you really want to continue (yes|no) [no]?yes
Disabling management service.
management services stopped
Sending de-registration request to CM
Unable to get Central Manager ip address setting. Please make sure 'central-manager address' is set
Device de-regsitration failed. -
Hi Cisco,
i wanted to know if hard drives are same for below WAAS models and are inter-changeable between them.
WAE-612-K9 --> WAVE-694-K9
WAE-7371-K9 --> WAVE-8541-K9
Note : I need a Cisco TAC engineer specialized in WAAS helping me answering the query.WCCP not supported on tunnel interfaces for 6500 & 7600 interfaces. Other than that okay.
see below.
Cisco WAAS supports asymmetric routing through the use of sharing network interception and redirection configuration across WAN boundary routers within a location. If all routers that connect a location to the WAN are participating in the same WCCPv2 service groups or have the same list of WAEs configured as next-hop routers (in the same order), the same WAE will receive redirected traffic regardless of the WAN link that traffic was destined to or coming in from.
For instance, if a customer has two WAN connections - one going to provider #1 and another going to provider #2, WCCPv2 can be configured such that the routers participate in the same WCCPv2 service groups, and the WAEs can be configured to register with both of the routers. This also requires that the WCCPv2 redirection configuration be applied identically across each of the routers within the same location, i.e. use of 61/in on the LAN side on both routers and 62/out on the LAN side on both routers (or any valid combination of 61/62 in/out as long as they are identical amongst all routers within the location).
As traffic enters a WAN boundary router, it will determine which WAE to redirect the traffic to based on a hash of either the source IP (service group 61 in the network path) or destination IP (service group 62 in the network path). The allocated hash buckets are synchronized within the service group, and the hash value obtained at either router will be the same as it would be had the traffic been forwarded through the opposite router. In this way, traffic is always redirected to the same WAE every time, regardless of which WAN link is used, or which router the traffic was forwarded to or through. As such, Cisco WAAS provides support for environments where asymmetric routing may be encountered. -
Hi, dear experts!
I) My Input data is (read please, or see attach):
- I have one active data center (main office), one backup data center (backup office), and several branch offices and many corporate internet users
- Each of the offices has redundant internet connection: Main office via ISP1 and ISP2, backup office via ISP3 and ISP4.
- Standby data center duplicates corporates services (such as Exchange, Sharepoint, FileStorage).
- Main office and backup office are long-distanced from each other (about 800 km), and interconnected via 1Gb fiberoptic.
II) My tasks are:
1. Provide redundant network connection for local ofiice users to corporate services.
2. Provide redundant network connection for branch offices and internet users to corporate services.
III) My ideas are:
1. Accordingly to the 1-st task. Here I suppose to use load balancers in redundant configuration.
2. Accordingly to the 2-nd task. To my mind there are two scenarios.
2.1 First scenario. To built a DMVPN topology using main and backup offices as a hubs, and branch offices as a spokes.
2.2 Second scenario. To by provider independet IPv4-adress block and ASN, to advertise main and backup office networks in internet.
IV) My questions are:
-What scenario according to the 2-nd task is better: using a DMVPN-topology or using an ASN-redundancy?
-Is it possible to avoid assymetric routing problems in case of using a an ASN-redundancy?
Thank you!I think Global loadblancer device will solve your both issue or there is an other solution for 2nd question,
to use BGP confedration, that means use two private ASN internaly one in each DC, and put them both DC in one confedration, use one public ASN with all your ISP's.
Regards, -
/* Style Definitions */
table.MsoNormalTable
{mso-style-name:"Table Normal";
mso-tstyle-rowband-size:0;
mso-tstyle-colband-size:0;
mso-style-noshow:yes;
mso-style-priority:99;
mso-style-qformat:yes;
mso-style-parent:"";
mso-padding-alt:0in 5.4pt 0in 5.4pt;
mso-para-margin-top:0in;
mso-para-margin-right:0in;
mso-para-margin-bottom:10.0pt;
mso-para-margin-left:0in;
line-height:115%;
mso-pagination:widow-orphan;
font-size:11.0pt;
font-family:"Calibri","sans-serif";
mso-ascii-font-family:Calibri;
mso-ascii-theme-font:minor-latin;
mso-fareast-font-family:"Times New Roman";
mso-fareast-theme-font:minor-fareast;
mso-hansi-font-family:Calibri;
mso-hansi-theme-font:minor-latin;}
Hello -
We have to redesign our WCCP setup at the branch office, because WAAS VB doesn't support standby. Our current design is having 2 WAN routers, one is for the primary WAN (MPLS) and the 2nd is for a GRE backup. Both WAEs GIG 1/0 interfaces are plugged directly into a 4ESW-HWIC module on an ISR router on the primary one, GIG 2/0 interfaces are plugged directly in another 4ESW-HIC module on the backup GRE router. The 4ESW-HWIC doesn't support port-channel so this is my reasoning for the redesign. See attached WAAS_Branch_Current_Design PIC.
The WCCP 61/62 options are currently configured on the LAN facing interface on the routers, 61 out and 62 redirect in for load balancing based on destination IP address. The new design is moving the WAE to the CORE layer and configuring port-channel since we’re going to be using VB at the branches. The WCCP will still be done at the WAN router edge. I was told it’s best to use the WCCP option inbound only, rather than an outbound redirection.
Based on the attached WAAS Branch Redesign PIC, would there be any WCCP routing loops with respect to where I have placed the 61 and 62 options? Some branches will have remote sale centers hanging off of either the WAN primary router or the GRE backup router, but not have WAAS. It’s most likely traffic could be seen twice on a 61 redirect in. One of the designs I’ve seen in a PDF doc from Networkers (BRKAPP-2021) showing the 61 and 62 are on the WAN facing interfaces to avoid WCCP routing loops with a dual router scenario at a branch site. The number of uses will vary from 50 to 400+. I want to keep the design the same for every branch./* Style Definitions */
table.MsoNormalTable
{mso-style-name:"Table Normal";
mso-tstyle-rowband-size:0;
mso-tstyle-colband-size:0;
mso-style-noshow:yes;
mso-style-priority:99;
mso-style-qformat:yes;
mso-style-parent:"";
mso-padding-alt:0in 5.4pt 0in 5.4pt;
mso-para-margin-top:0in;
mso-para-margin-right:0in;
mso-para-margin-bottom:10.0pt;
mso-para-margin-left:0in;
line-height:115%;
mso-pagination:widow-orphan;
font-size:11.0pt;
font-family:"Calibri","sans-serif";
mso-ascii-font-family:Calibri;
mso-ascii-theme-font:minor-latin;
mso-fareast-font-family:"Times New Roman";
mso-fareast-theme-font:minor-fareast;
mso-hansi-font-family:Calibri;
mso-hansi-theme-font:minor-latin;}
Thank you for your response. The reason for the redesign is to support virtual blades. I don't want to send the VB traffic all the way up to the WAN routers. The VLAN 738 on the new design will live on the core switch and WCCP will be performed on the WAN routers. So yes, I will be using WCCP negotiate returnmethod. The only concern I have is you will be bouncing the traffic in an out of the LAN facing interface on your WAN router. Basically you will be sending all of your original traffic andoptimized traffic out the same LAN interface, possibly doubling your volume on this link if you don't get good compression.
/* Style Definitions */
table.MsoNormalTable
{mso-style-name:"Table Normal";
mso-tstyle-rowband-size:0;
mso-tstyle-colband-size:0;
mso-style-noshow:yes;
mso-style-priority:99;
mso-style-qformat:yes;
mso-style-parent:"";
mso-padding-alt:0in 5.4pt 0in 5.4pt;
mso-para-margin-top:0in;
mso-para-margin-right:0in;
mso-para-margin-bottom:10.0pt;
mso-para-margin-left:0in;
line-height:115%;
mso-pagination:widow-orphan;
font-size:11.0pt;
font-family:"Calibri","sans-serif";
mso-ascii-font-family:Calibri;
mso-ascii-theme-font:minor-latin;
mso-fareast-font-family:"Times New Roman";
mso-fareast-theme-font:minor-fareast;
mso-hansi-font-family:Calibri;
mso-hansi-theme-font:minor-latin;}
Do you see a potential delay in this setup?
Maybe you are looking for
-
My laptop was stolen, how do I get my purchases back?
Recently, my laptop was stolen and I was just wondering if it would be possible to get all my past iTunes purchases back? I had a lot of movies and music that were on that computer. Unfortunately, I only had some of the purchases on my iPod. Can anyo
-
Deploying Adobe Photoshop CS4 Extended over Network - issue
Hi all, I'm hoping anyone can help me with this issue that has plagued me for a few weeks! First of all, here's the details I have: * Adobe Photoshop CS4 Extended - downloaded media from Adobe website * Creative Suite Deployment Toolkit - again, down
-
In car stereo intergration...help!!
i have an iphone and would like to intergrate it with car stereo, no one seems to have a definite answer as to best approach, maybe it would be easier to purchase a new stereo if so does anyone recommend a suitable one? it is for a RAV4... thanks
-
I'm relatively new to RMI so may not understand it fully, but I'm having the following problem: I'm running a Java RMI Application in Unix. Before I run the application I use the "rmiregistry <port num>" command. However, when the RMI application end
-
I downloaded music to my ipod shuffle from itunes and it still saying saying download music from itunes. But there is music on it when I hook it to the computer but it want play on the shuffle. Someone please help me.