WAAS Passthrough
Hi All,
We have WAE devices that are passingthrough large amounts of connections with the description PT App Cfg,
Please can someone explain what this means?
Many Thanks
Kris
PT App Cfg
The policy action for this application is configured as pass-through.
source: http://www.cisco.com/en/US/docs/app_ntwk_services/waas/waas/v417/command/reference/execmds.html#wp3113061
so, check your policies configurations
Similar Messages
-
WAAS - Custom Reporting - Documentation
Does anyone have a link to documentation regarding creating custom reports on the WAAS appliance? I have been told that you can create a custom report that will let me look at data for a specific port on a specific day during a specific time.
What I am ultimately looking for is a report that will let me look at traffic that was handledly by one of the WAAS devices at a remote location say last night between 8:00pm and 4:00am.
So far all that I have been able to get out of the system is traffic that happened yestarday summerized over the 24 hour period.
We are completing a product evaluation and are trying to evaluate traffic patterns without WAAS or the rules in passthrough and with WAAS. This information is lumped into the daily summary and we cannot seem to get specific detailed reports.Brent,
I think for documentation, what you are looking for is here...
http://www.cisco.com/en/US/docs/app_ntwk_services/waas/waas/v413/configuration/guide/monitor.html#wp1080130
I hope that helps,
Dan -
WAAS Not returning proper web redirects
We have one WAAS edge device which is not returning the proper results when entered in a browser. When we reload
the WAAS device, while it is rebooting, it will return the proper results. We have cleared all of the caches that we know
of and all of our edge devices are the same and using the same policy.
It is not handling redirects properly.
We have one server running Apache, which handles redirects. For Instance Typing in :
prod goes to https://prod.domain.com
test goes to https://test.domain.com
train goes to https://train.domain.com
When the WAAS is up, typing prod,test,or train will all take you to https://prod.doman.com
When the WAAS is down or rebooting typing prod,test, or train will take you to the correct URL as specified until
it comes back up. The other sites are configured identically as can be seen by the WAAS central manager. This WAAS
device is running version 4.4.1.12
Has anyone run into this before? WThis case is now solved, for now. We opened a TAC and there was something wrong with the policy that was applied that was affecting mutiple WAAS devices. We were unable to grab a trace while this issue was in failure.
In summary, we have an "ALL WAAS" policy which applies to all devices. The TAC technican created a singular policy
that applied directly to one of the affected WAAS devices and set the policy to TFO only. Just putting this policy in force
seemed to correct the issue. After this was done, we then reapplied the orginal policy and the issue no longer existed.
The issue has not returned so far. When the issue was happening, it was easy to reproduce. Setting the HTTP AO policy to "PassThrough" immediately corrected the issue. Setting it back, the issue would return.
So right now we are working, but do not know the "Why" as to exactly what caused the problem. -
ASK THE EXPERTS - WAAS MONITORING AND REPORTING
Welcome to the Cisco Networking Professionals Ask the Expert conversation. This is an opportunity to learn about Cisco Wide Area Application Services monitoring and reporting with Michael Holloway and Joe Merrill. Michael is an escalation support engineer in the Application Delivery Business Unit focusing on escalations to engineering related to the Cisco Wide Area Application Services (WAAS) product. He has worked with Cisco WAAS since its initial development, and with the first product beta.
/* Style Definitions */
table.MsoNormalTable
{mso-style-name:"Table Normal";
mso-tstyle-rowband-size:0;
mso-tstyle-colband-size:0;
mso-style-noshow:yes;
mso-style-priority:99;
mso-style-qformat:yes;
mso-style-parent:"";
mso-padding-alt:0in 5.4pt 0in 5.4pt;
mso-para-margin:0in;
mso-para-margin-bottom:.0001pt;
mso-pagination:widow-orphan;
font-size:11.0pt;
font-family:"Calibri","sans-serif";
mso-ascii-font-family:Calibri;
mso-ascii-theme-font:minor-latin;
mso-fareast-font-family:"Times New Roman";
mso-fareast-theme-font:minor-fareast;
mso-hansi-font-family:Calibri;
mso-hansi-theme-font:minor-latin;
mso-bidi-font-family:"Times New Roman";
mso-bidi-theme-font:minor-bidi;}
Joe Merrill is an escalation support engineer in the Application Delivery Business Unit focusing on escalations to engineering related to the Cisco Wide Area Application Services (WAAS) product. He has worked with Cisco WAAS since its initial development, and with the first product beta.
Remember to use the rating system to let Michael and Joe know if you have received an adequate response.
Michael and Joe might not be able to answer each question due to the volume expected during this event. Our moderators will post many of the unanswered questions in other discussion forums shortly after the event. This event lasts through August 27, 2010. Visit this forum often to view responses to your questions and the questions of other community members.Very good questions. Let me try and take them one at a time. Some of the answers you will likely find in the CM GUI help (upper-left corner is the Help button), or in the online documentation. But let's add a little more color and detail.
1)When we pull bandwidth Optimization report, on Y-Axis the graphs says Effective Capacity .What is Effective Capacity?
Basically, the "effective increased bandwidth capacity" is telling you how much additional WAN bandwidth you've gained because of the optimization. It will chart somewhere between 1 times and 100 times. Typically it charts all traffic, though you can configure it to chart traffic for specific Applications.
The CDM online help gives the formulas used to chart the graph:
Effective WAN Capacity = 1 / (1-% Reduction Excluding Pass-Through)
% Reduction Excluding Pass-Through = (Original Excluding Pass-Through - Optimized) / (Original Excluding Pass-Through)
2)what is reduction % excluding and including passthrough
Looking at the formulas given above might help you understand. The one is a reduction ratio compared to only the original traffic that is optimized. The other is a reduction ratio compared to all original traffic, whether it is optimized or not. So, if you want to know what kind of optimization you are getting for the traffic that you configured to have optimized, look at the "excluding pass-through" numbers. If you want to know the positive effect that optimization is having on your full traffic load, take a look at the "including pass-through" numbers.
3)What is effectivity capacity including and excluding passthrough ?
The effective capacity is what kind of throughput you can potentially realize on the WAN -- assuming you would fill it to 100% capacity -- because of the level of optimization you are seeing. The "including" numbers show you the effect of optimization compared to all the traffic passing through the WAE whether it is optimized or not. The "excluding" numbers show the effect of optimization compared only to the traffic that is receiving optimizations.
4)With the help of which report, we can show the customer that the file download which took 10 mins in first attempt, is downloaded in 10secons in next attempt?
This one is a little trickier. The reports are much broader than a single connection. They are for all traffic, or for traffic that matches specific defined Applications. You could create a separate Application and matching classifiers for the client and/or server IP addresses and/or ports, run the test, then configure the charts to only show you the data for that Application. By default, statistics for an Application aren’t charted unless you check the "Enable Statistics" box when defining/editing the Application.
5)How to show that the bandwidth utilization has decreased by which %.
You want to look at the % reduction numbers you asked about in #2 above.
6)Which report says that the applications have become this much time faster?
These questions are normally put forwarded by many customers ? Can you please help me with your expertise answer ?
This is probably the hardest question to answer.
"Faster" isn't always easy to define. You are probably talking about user experience rather than statistics found in a network device. What determines that experience? A web page fully populating with all the pictures? A CIFS-based application that saves a file? A custom application that collects data from different servers over different protocols to perform some operation? Much of that is subjective and based on multiple individual requests, sometimes over different protocols.
What we can provide are statistics to show the effect of WAN optimization and application acceleration for specific types of traffic. We can't show you that displaying a web page is N times faster with WAAS, because we don't know which of all the many HTTP requests that are made are specific to the user experience. But we can show that each of the requests received so much overall optimization, so much optimization from DRE, so much optimization from LZ, so much added benefit from HTTP acceleration.
What you would probably do is collect some base-line timings for performing certain user activities, then perform the same operations both cold (first pass) and warm (subsequent passes). Back up those timing numbers with reports from the CM GUI, and perhaps even the "show statistics connection connection-id ". Which reports to use? Start with those Optimization and Acceleration reports. Those are the reports we expect will give the most complete/accurate pictures of the benefit of WAAS. You can also create and even schedule custom reports as needed. -
Error message trying to enable WAAS Express
I have one location that is giving me fits trying to enable WAAS express. The three before it went fine but I think this may be related to the fact that this one location is currently configured to support COS. The message I receive when issueing the waas enable command is
% waas enable failed: Unable to create WAAS class-map as class-map BGP already exists in another type.
This are their current definitions ...
class-map match-any BGP
match protocol bgp
class-map match-any COS3
match access-group name COS3-Traffic
match protocol icmp
class-map match-any COS2
match access-group name COS2-Traffic
match protocol bgp
class-map match-any COS1
match access-group name COS1-Traffic
policy-map MARK-BGP
class BGP
set ip dscp cs6
policy-map COS
class COS1
priority 320
set ip dscp ef
class COS2
bandwidth remaining percent 60
set ip dscp af31
service-policy MARK-BGP
class COS3
bandwidth remaining percent 30
set ip dscp af21
class class-default
bandwidth remaining percent 10
set ip dscp defaultHi,
When you first enable WAAS express on a device, it will define a set of policies for traffic optimization. Among those, there is one called BGP, which is conflicting with the current one and as a result, enabling WAAS fails and the error you saw is displayed
To solve this issue, you will have to change the configuration of your device to ensure that there are no classes or policies with the same names as the ones that WAAS will configure.
For your reference, below you can see a list of the configuration that will be added by WAAS Express by default:
class-map type waas match-any BFTP match tcp destination port 152 class-map type waas match-any MS-Message-Queuing match tcp destination port 1801 match tcp destination port 2101 match tcp destination port 2103 match tcp destination port 2105 class-map type waas match-any WINS match tcp destination port 42 match tcp destination port 137 match tcp destination port 1512 class-map type waas match-any NNTP match tcp destination port 119 class-map type waas match-any PPTP match tcp destination port 1723 class-map type waas match-any Internet-Mail-secure match tcp destination port 995 match tcp destination port 993 match tcp destination port 465 class-map type waas match-any RTSP match tcp destination port 554 match tcp destination port 8554 class-map type waas match-any VocalTec match tcp destination port 1490 match tcp destination port 6670 match tcp destination port 25793 match tcp destination port 22555 class-map type waas match-any PostgreSQL match tcp destination port 5432 class-map type waas match-any Danware-NetOp match tcp destination port 6502 class-map type waas match-any TACACS match tcp destination port 49 class-map type waas match-any XWindows match tcp destination port 6000 6063 class-map type waas match-any Cisco-CallManager match tcp destination port 2748 match tcp destination port 2443 class-map type waas match-any MS-EndPointMapper match tcp destination port 135 class-map type waas match-any PDMWorks match tcp destination port 30000 match tcp destination port 40000 class-map type waas match-any MS-Chat match tcp destination port 6665 match tcp destination port 6667 class-map type waas match-any SASL match tcp destination port 3659 class-map type waas match-any SOAP match tcp destination port 7627 class-map type waas match-any Laplink-ShareDirect match tcp destination port 2705 class-map type waas match-any EMC-SRDFA-IP match tcp destination port 1748 class-map type waas match-any FTPS match tcp destination port 990 class-map type waas match-any Veritas-NetBackup match tcp destination port 13720 match tcp destination port 13721 match tcp destination port 13782 match tcp destination port 13785 class-map type waas match-any Basic-TCP-services match tcp destination port 1 19 class-map type waas match-any Connected-DataProtector match tcp destination port 16384 class-map type waas match-any MS-Terminal-Services match tcp destination port 3389 class-map type waas match-any TFTP match tcp destination port 69 class-map type waas match-any HTTP match tcp destination port 80 match tcp destination port 8080 match tcp destination port 8000 match tcp destination port 8001 match tcp destination port 3128 class-map type waas match-any QMTP match tcp destination port 209 class-map type waas match-any IBM-NetView match tcp destination port 729 731 class-map type waas match-any LDAP match tcp destination port 389 match tcp destination port 8404 class-map type waas match-any BitTorrent match tcp destination port 6881 6889 match tcp destination port 6969 class-map type waas match-any FCIP match tcp destination port 3225 class-map type waas match-any Novell-ZenWorks match tcp destination port 1761 1763 match tcp destination port 517 match tcp destination port 2544 match tcp destination port 8039 match tcp destination port 2037 class-map type waas match-any UniSQL match tcp destination port 1978 match tcp destination port 1979 class-map type waas match-any RAdmin match tcp destination port 4899 class-map type waas match-any SoulSeek match tcp destination port 2234 match tcp destination port 5534 class-map type waas match-any WBEM match tcp destination port 5987 match tcp destination port 5988 class-map type waas match-any CIFS match tcp destination port 139 match tcp destination port 445 class-map type waas match-any Lotus-Sametime-Connect match tcp destination port 1533 class-map type waas match-any IBM-TSM match tcp destination port 1500 1502 class-map type waas match-any Remote-Replication-Agent match tcp destination port 5678 class-map type waas match-any Telnet match tcp destination port 23 match tcp destination port 107 match tcp destination port 513 class-map type waas match-any LDAP-secure match tcp destination port 636 class-map type waas match-any Remote-Anything match tcp destination port 3999 4000 class-map type waas match-any Double-Take match tcp destination port 1105 match tcp destination port 1100 class-map type waas match-any Borland-Interbase match tcp destination port 3050 class-map type waas match-any Sun-RPC match tcp destination port 111 class-map type waas match-any NetApp-SnapMirror match tcp destination port 10565 10569 class-map type waas match-any Amanda match tcp destination port 10080 class-map type waas match-any iSNS match tcp destination port 3205 class-map type waas match-any FTP-Control match tcp destination port 21 class-map type waas match-any HP-OpenMail match tcp destination port 5755 match tcp destination port 5757 match tcp destination port 5766 match tcp destination port 5767 match tcp destination port 5768 match tcp destination port 5729 class-map type waas match-any PCAnywhere match tcp destination port 73 match tcp destination port 5631 5632 match tcp destination port 65301 class-map type waas match-any EMC-Celerra-Replicator match tcp destination port 8888 class-map type waas match-any Gnutella match tcp destination port 6346 6349 match tcp destination port 6355 match tcp destination port 5634 class-map type waas match-any HP-OpenView match tcp destination port 7426 7431 match tcp destination port 7501 match tcp destination port 7510 class-map type waas match-any MSN-Messenger match tcp destination port 1863 match tcp destination port 6891 6900 class-map type waas match-any Yahoo-Messenger match tcp destination port 5000 5001 match tcp destination port 5050 match tcp destination port 5100 class-map type waas match-any Apple-AFP match tcp destination port 548 class-map type waas match-any Apple-iChat match tcp destination port 5297 match tcp destination port 5298 class-map type waas match-any PCMail-Server match tcp destination port 158 class-map type waas match-any Siebel match tcp destination port 8448 match tcp destination port 2320 match tcp destination port 2321 class-map type waas match-any Kerberos match tcp destination port 88 match tcp destination port 2053 match tcp destination port 754 match tcp destination port 888 match tcp destination port 543 match tcp destination port 464 match tcp destination port 544 match tcp destination port 749 class-map type waas match-any MS-NetMeeting match tcp destination port 522 match tcp destination port 1503 match tcp destination port 1731 class-map type waas match-any Oracle match tcp destination port 66 match tcp destination port 1525 match tcp destination port 1521 class-map type waas match-any Unix-Printing match tcp destination port 515 match tcp destination port 170 class-map type waas match-any Documentum match tcp destination port 1489 class-map type waas match-any Pervasive-SQL match tcp destination port 1583 class-map type waas match-any Jabber match tcp destination port 5222 match tcp destination port 5269 class-map type waas match-any iFCP match tcp destination port 3420 class-map type waas match-any NNTP-secure match tcp destination port 563 class-map type waas match-any SQL-Service match tcp destination port 156 class-map type waas match-any Internet-Mail match tcp destination port 25 match tcp destination port 110 match tcp destination port 143 match tcp destination port 220 class-map type waas match-any Lotus-Notes match tcp destination port 1352 class-map type waas match-any SSL-Shell match tcp destination port 614 class-map type waas match-any CU-SeeMe match tcp destination port 7640 match tcp destination port 7642 match tcp destination port 7648 match tcp destination port 7649 class-map type waas match-any Simple-FTP match tcp destination port 115 class-map type waas match-any AOL match tcp destination port 5190 5193 class-map type waas match-any SAP match tcp destination port 3200 3219 match tcp destination port 3390 3399 match tcp destination port 3284 3305 match tcp destination port 3226 3267 match tcp destination port 3662 3699 match tcp destination port 3221 3224 match tcp destination port 3270 3282 match tcp destination port 3307 3388 match tcp destination port 3600 3659 class-map type waas match-any waas-default match tcp any class-map type waas match-any Laplink-PCSync match tcp destination port 8444 class-map type waas match-any TFTPS match tcp destination port 3713 class-map type waas match-any WinMX match tcp destination port 6699 class-map type waas match-any CVS match tcp destination port 2401 class-map type waas match-any ezMeeting match tcp destination port 10101 10103 match tcp destination port 26260 26261 class-map type waas match-any NetIQ match tcp destination port 2220 match tcp destination port 2735 match tcp destination port 10113 10116 class-map type waas match-any Grouper match tcp destination port 8038 class-map type waas match-any Netopia-Timbuktu match tcp destination port 407 match tcp destination port 1417 1420 class-map type waas match-any Novell-Groupwise match tcp destination port 1677 match tcp destination port 1099 match tcp destination port 9850 match tcp destination port 7205 match tcp destination port 3800 match tcp destination port 7100 match tcp destination port 7180 match tcp destination port 7101 match tcp destination port 7181 match tcp destination port 2800 class-map type waas match-any SSH match tcp destination port 22 class-map type waas match-any IPP match tcp destination port 631 class-map type waas match-any IBM-Tivoli match tcp destination port 94 match tcp destination port 627 match tcp destination port 1965 match tcp destination port 1580 match tcp destination port 1581 class-map type waas match-any NTP match tcp destination port 123 class-map type waas match-any VoIP-Control match tcp destination port 1300 match tcp destination port 2428 match tcp destination port 2000 2002 match tcp destination port 1718 1720 match tcp destination port 5060 match tcp destination port 11000 11999 class-map type waas match-any HTTPS match tcp destination port 443 class-map type waas match-any SUN-Xprint match tcp destination port 8100 class-map type waas match-any Clearcase match tcp destination port 371 class-map type waas match-any Service-Location match tcp destination port 427 class-map type waas match-any MS-NetShow match tcp destination port 1755 class-map type waas match-any Napster match tcp destination port 8875 match tcp destination port 7777 match tcp destination port 6700 match tcp destination port 6666 match tcp destination port 6677 match tcp destination port 6688 class-map type waas match-any Kazaa match tcp destination port 1214 class-map type waas match-any Laplink-Host match tcp destination port 1547 class-map type waas match-any Telnets match tcp destination port 992 class-map type waas match-any AFS match tcp destination port 7000 7009 class-map type waas match-any Scalable-SQL match tcp destination port 3352 class-map type waas match-any WASTE match tcp destination port 1337 class-map type waas match-any BGP match tcp destination port 179 class-map type waas match-any BMC-Patrol match tcp destination port 6161 match tcp destination port 6162 match tcp destination port 8160 match tcp destination port 8161 match tcp destination port 6767 match tcp destination port 6768 match tcp destination port 10128 class-map type waas match-any Rsync match tcp destination port 873 class-map type waas match-any Qnext match tcp destination port 44 match tcp destination port 5555 class-map type waas match-any Intel-Proshare match tcp destination port 5713 5717 class-map type waas match-any Liquid-Audio match tcp destination port 18888 class-map type waas match-any WAAS-FlowMonitor match tcp destination port 7878 class-map type waas match-any eDonkey match tcp destination port 4661 4662 class-map type waas match-any IRC match tcp destination port 531 match tcp destination port 6660 6669 class-map type waas match-any DNS match tcp destination port 53 class-map type waas match-any Filenet match tcp destination port 32768 32774 class-map type waas match-any ControlIT match tcp destination port 799 class-map type waas match-any Citrix-ICA match tcp destination port 1494 match tcp destination port 2598 class-map type waas match-any NFS match tcp destination port 2049 class-map type waas match-any Netopia-netOctopus match tcp destination port 1917 match tcp destination port 1921 class-map type waas match-any VNC match tcp destination port 5801 5809 match tcp destination port 6900 6909 class-map type waas match-any Vmware-VMConsole match tcp destination port 902 class-map type waas match-any Sybase-SQL match tcp destination port 1498 match tcp destination port 2638 match tcp destination port 2439 match tcp destination port 3968 class-map type waas match-any Unix-Remote-Execution match tcp destination port 514 match tcp destination port 512 class-map type waas match-any ProjectWise-FileTransfer match tcp destination port 5800 class-map type waas match-any Other-Secure match tcp destination port 261 match tcp destination port 448 match tcp destination port 684 match tcp destination port 695 match tcp destination port 994 match tcp destination port 2252 match tcp destination port 2478 match tcp destination port 2479 match tcp destination port 2482 match tcp destination port 2484 match tcp destination port 2679 match tcp destination port 2762 match tcp destination port 2998 match tcp destination port 3077 match tcp destination port 3078 match tcp destination port 3183 match tcp destination port 3191 match tcp destination port 3220 match tcp destination port 3410 match tcp destination port 3424 match tcp destination port 3471 match tcp destination port 3496 match tcp destination port 3509 match tcp destination port 3529 match tcp destination port 3539 match tcp destination port 3660 match tcp destination port 3661 match tcp destination port 3747 match tcp destination port 3864 match tcp destination port 3885 match tcp destination port 3896 match tcp destination port 3897 match tcp destination port 3995 match tcp destination port 4031 match tcp destination port 5007 match tcp destination port 5989 match tcp destination port 5990 match tcp destination port 7674 match tcp destination port 9802 match tcp destination port 12109 class-map type waas match-any FTP-Data match tcp source port 20 class-map type waas match-any IBM-DB2 match tcp destination port 523 class-map type waas match-any LDAP-Global-Catalog match tcp destination port 3268 class-map type waas match-any Legato-RepliStor match tcp destination port 7144 match tcp destination port 7145 class-map type waas match-any MDaemon match tcp destination port 3000 match tcp destination port 3001 class-map type waas match-any Novell-NetWare match tcp destination port 524 class-map type waas match-any Altiris-CarbonCopy match tcp destination port 1680 class-map type waas match-any iSCSI match tcp destination port 3260 class-map type waas match-any AppSocket match tcp destination port 9100 class-map type waas match-any HP-Radia match tcp destination port 3460 match tcp destination port 3461 match tcp destination port 3464 match tcp destination port 3466 class-map type waas match-any VDOLive match tcp destination port 7000 class-map type waas match-any X400 match tcp destination port 102 class-map type waas match-any Apple-NetAssistant match tcp destination port 3283 class-map type waas match-any Symantec-AntiVirus match tcp destination port 2847 match tcp destination port 2848 match tcp destination port 2967 match tcp destination port 2968 match tcp destination port 38037 match tcp destination port 38292 class-map type waas match-any Legato-NetWorker match tcp destination port 7937 match tcp destination port 7938 match tcp destination port 7939 class-map type waas match-any SIP-secure match tcp destination port 5061 class-map type waas match-any InterSystems-Cache match tcp destination port 1972 class-map type waas match-any BackupExpress match tcp destination port 6123 class-map type waas match-any CommVault match tcp destination port 8400 8403 class-map type waas match-any Veritas-BackupExec match tcp destination port 6101 match tcp destination port 6102 match tcp destination port 6106 match tcp destination port 3527 match tcp destination port 1125 class-map type waas match-any L2TP match tcp destination port 1701 class-map type waas match-any LANDesk match tcp destination port 9535 match tcp destination port 9593 9595 class-map type waas match-any MySQL match tcp destination port 3306 class-map type waas match-any FTPS-Control match tcp source port 989 class-map type waas match-any LDAP-Global-Catalog-Secure match tcp destination port 3269 class-map type waas match-any MS-Content-Replication-Service match tcp destination port 560 match tcp destination port 507 class-map type waas match-any OpenVPN match tcp destination port 1194 class-map type waas match-any HotLine match tcp destination port 5500 5503 class-map type waas match-any MS-SQL match tcp destination port 1433 class-map type waas match-any Laplink-PCSync-secure match tcp destination port 8443 !!policy-map type waas waas_global class AFS optimize tfo dre lz application File-System class AOL passthrough application Instant-Messaging class Altiris-CarbonCopy passthrough application Remote-Desktop class Amanda optimize tfo application Backup class AppSocket optimize tfo dre lz application Printing class Apple-AFP optimize tfo dre lz application File-System class Apple-NetAssistant passthrough application Remote-Desktop class Apple-iChat passthrough application Instant-Messaging class BFTP optimize tfo dre lz application File-Transfer class BGP optimize tfo dre lz application Other class BMC-Patrol passthrough application Systems-Management class BackupExpress optimize tfo application Backup class Basic-TCP-services passthrough application Other class BitTorrent passthrough application P2P class Borland-Interbase optimize tfo dre lz application SQL class CIFS optimize tfo dre lz application WAFS class CU-SeeMe passthrough application Conferencing class CVS optimize tfo dre lz application Version-Management class Cisco-CallManager passthrough application Call-Management class Citrix-ICA optimize tfo dre lz application Remote-Desktop class Clearcase optimize tfo dre lz application Version-Management class CommVault optimize tfo application Backup class Connected-DataProtector optimize tfo application Backup class ControlIT optimize tfo application Remote-Desktop class DNS passthrough application Name-Services class Danware-NetOp optimize tfo application Remote-Desktop class Documentum optimize tfo dre lz application Content-Management class Double-Take optimize tfo dre lz application Replication class EMC-Celerra-Replicator optimize tfo dre lz application Replication class EMC-SRDFA-IP optimize tfo dre lz application Storage class FCIP optimize tfo dre lz application Storage class FTP-Control passthrough application File-Transfer class FTP-Data optimize tfo dre lz application File-Transfer class FTPS optimize tfo application File-Transfer class FTPS-Control passthrough application File-Transfer class Filenet optimize tfo dre lz application Content-Management class Gnutella passthrough application P2P class Grouper passthrough application P2P class HP-OpenMail optimize tfo dre lz application Email-and-Messaging class HP-OpenView passthrough application Systems-Management class HP-Radia optimize tfo dre lz application Systems-Management class HTTP optimize tfo dre lz application Web class HTTPS optimize tfo application SSL class HotLine passthrough application P2P class IBM-DB2 optimize tfo dre lz application SQL class IBM-NetView passthrough application Systems-Management class IBM-TSM optimize tfo dre lz application Backup class IBM-Tivoli optimize tfo dre lz application Systems-Management class IPP optimize tfo dre lz application Printing class Intel-Proshare passthrough application Conferencing class InterSystems-Cache optimize tfo dre lz application SQL class Internet-Mail optimize tfo dre lz application Email-and-Messaging class Internet-Mail-secure optimize tfo application Email-and-Messaging class Jabber passthrough application Instant-Messaging class Kazaa passthrough application P2P class Kerberos passthrough application Authentication class L2TP optimize tfo application VPN class LANDesk optimize tfo dre lz application Systems-Management class LDAP optimize tfo dre lz application Directory-Services class LDAP-Global-Catalog optimize tfo dre lz application Directory-Services class LDAP-Global-Catalog-Secure passthrough application Directory-Services class LDAP-secure passthrough application Directory-Services class Laplink-Host optimize tfo application Remote-Desktop class Laplink-PCSync optimize tfo application Remote-Desktop class Laplink-PCSync-secure optimize tfo application Remote-Desktop class Laplink-ShareDirect passthrough application P2P class Legato-NetWorker optimize tfo application Backup class Legato-RepliStor optimize tfo application Backup class Liquid-Audio optimize tfo dre lz application Streaming class Lotus-Notes optimize tfo dre lz application Email-and-Messaging class Lotus-Sametime-Connect passthrough application Instant-Messaging class MDaemon optimize tfo dre lz application Email-and-Messaging class MS-Chat passthrough application Instant-Messaging class MS-Content-Replication-Service optimize tfo application Replication class MS-EndPointMapper optimize tfo application Other class MS-Message-Queuing optimize tfo dre lz application Other class MS-NetMeeting passthrough application Conferencing class MS-NetShow optimize tfo dre lz application Streaming class MS-SQL optimize tfo dre lz application SQL class MS-Terminal-Services optimize tfo application Remote-Desktop class MSN-Messenger passthrough application Instant-Messaging class MySQL optimize tfo dre lz application SQL class NFS optimize tfo dre lz application File-System class NNTP optimize tfo dre lz application Email-and-Messaging class NNTP-secure optimize tfo application Email-and-Messaging class NTP passthrough application Other class Napster passthrough application P2P class NetApp-SnapMirror optimize tfo dre lz application Replication class NetIQ passthrough application Systems-Management class Netopia-Timbuktu optimize tfo application Remote-Desktop class Netopia-netOctopus passthrough application Systems-Management class Novell-Groupwise optimize tfo dre lz application Email-and-Messaging class Novell-NetWare optimize tfo dre lz application File-System class Novell-ZenWorks optimize tfo dre lz application Systems-Management class OpenVPN optimize tfo application VPN class Oracle optimize tfo dre lz application SQL class Other-Secure passthrough application Other class PCAnywhere optimize tfo application Remote-Desktop class PCMail-Server optimize tfo dre lz application Email-and-Messaging class PDMWorks optimize tfo dre lz application CAD class PPTP optimize tfo application VPN class Pervasive-SQL optimize tfo dre lz application SQL class PostgreSQL optimize tfo dre lz application SQL class ProjectWise-FileTransfer optimize tfo dre lz application Content-Management class QMTP optimize tfo dre lz application Email-and-Messaging class Qnext passthrough application P2P class RAdmin optimize tfo application Remote-Desktop class RTSP optimize tfo dre lz application Streaming class Remote-Anything optimize tfo application Remote-Desktop class Remote-Replication-Agent optimize tfo application Replication class Rsync optimize tfo dre lz application Replication class SASL passthrough application Authentication class SIP-secure passthrough application Call-Management class SOAP optimize tfo dre lz application Other class SQL-Service optimize tfo dre lz application SQL class SSH optimize tfo application SSH class SSL-Shell passthrough application Console class SUN-Xprint optimize tfo dre lz application Printing class Scalable-SQL optimize tfo dre lz application SQL class Service-Location passthrough application Name-Services class Siebel optimize tfo dre lz application Enterprise-Applications class Simple-FTP optimize tfo dre lz application File-Transfer class SoulSeek passthrough application P2P class Sun-RPC passthrough application File-System class Sybase-SQL optimize tfo dre lz application SQL class Symantec-AntiVirus optimize tfo dre lz application Other class TACACS passthrough application Authentication class TFTP optimize tfo dre lz application File-Transfer class TFTPS optimize tfo application File-Transfer class Telnet passthrough application Console class Telnets passthrough application Console class UniSQL optimize tfo dre lz application SQL class Unix-Printing optimize tfo dre lz application Printing class Unix-Remote-Execution passthrough application Console class VDOLive optimize tfo dre lz application Streaming class Veritas-BackupExec optimize tfo application Backup class Veritas-NetBackup optimize tfo application Backup class Vmware-VMConsole optimize tfo application Remote-Desktop class VoIP-Control passthrough application Call-Management class VocalTec passthrough application Conferencing class WAAS-FlowMonitor optimize tfo lz application Systems-Management class WASTE passthrough application P2P class WBEM passthrough application Systems-Management class WINS passthrough application Name-Services class WinMX passthrough application P2P class X400 optimize tfo dre lz application Email-and-Messaging class XWindows optimize tfo application Remote-Desktop class Yahoo-Messenger passthrough application Instant-Messaging class eDonkey passthrough application P2P class ezMeeting passthrough application Conferencing class iFCP optimize tfo dre lz application Storage class iSCSI optimize tfo dre lz application Storage class iSNS passthrough application Name-Services class IRC passthrough application Instant-Messaging class SAP optimize tfo dre lz application Enterprise-Applications class VNC optimize tfo application Remote-Desktop class waas-default optimize tfo dre lz application waas-default
I hope this helps
Daniel -
WAAS Rjct Resources and conditions for asymmetric traffic
Hello,
I have a customer network of 30 WAE's connected to an MPLS cloud. Interception method is inline for all WAE, and WCCP for NM-WAE.
Of those WAE's (running 4.1.1c), I have 3 that are connected in Datacenters, as such they are expected to receive most of the traffic and have been dimensioned as OE7341 appliances.
It is my impression that this network statistics are not as good as they should be: Some of the optimizations factor are at 1.2 or 1.3X and most are simply 1.0X.
My impression is that there is a lot of passthrough traffic, and although some of it is configured as so on the application policies, when I check statistics pass-through on several WAE's on the network I see that the Rjct Resources is very high in a particular WAE in a Datacenter - that has a 7341 Box (12Gb RAM!) - and I also do get non-zero counters on other boxes.
Is there any way to see on a given moment how many connections are going through the box so that I understand if I'm really facing a box capacity issue? The initial shows I did didn't look as there were that many connections running through the box, but if I checked them live I saw about 65 Rjct Resource connection at a given time.
Can anybody shed some light on this particular statistic?
sghmansin--17w#
sh statistics pass-through
Outbound
PT Client:
Bytes 4081578138946
Packets 11567591648
PT Server:
Bytes 8833662508567
Packets 13797553929
Active Completed
Overall 0 0
No Peer 7 141742513
Rjct Capabilities 0 0
Rjct Resources 65 273669865
App Config 6 25610854
Global Config 0 0
Asymmetric 1 1597096
In Progress 97 453847516
Intermediate 0 0
Overload 0 0
Internal Error 0 478
App Override 0 0
Server Black List 0 150553
AD Version Mismatch 0 0
sghmansin--17w#
One other observation is that pass-through through asymetric is also very frequent. Given that the customer is mostly using inline interception, even if a connection comes through a WAN/LAN interface pair and exits through another, the optimization should still be done.
The datacenter designs are dual-homed active/passive, and traffic goes through the same (and only) WAE box. The customer assures me that there is no asymetrical traffic.
Can anybody explain to me how is the decision made to mark a given flow as asymmetrical (and them pass-through it)?
Thanks
Gustavo NovaisHi Dan, Thank you for your reply.
That show was just from one of the boxes, in this case on the Datacenter.
For instance I also see asymetricals in NM-WAE's configured for WCCP. But the number is not that substantial, which makes me believe the interception is well configured (unfortunately the routers are managed by a third party, and I am yet to have access to their config).
All boxes on this network have Enterprise License activated.
How can I check on a given moment all connections count on the box? is there any MIB oid pollable to check that?
Do passthrough connections count to the overall limit?
While doing the diagnostics on the WAAS devices there was in deed a WAAS device marked as having asymetrical traffic, but many others have PT Asym connections and have not been marked as such by the diagnostics?
How does the diagnostic work? Is it a instantaneous dianostic (i.e. checks connection table at time T to see if any of the current connections is PT Asym )?
If on the far end of a connection we do have an asymetrical network topology, does the near end also mark the same connection as PT Asym, or will it simply say No Peer?
thanks
Thanks -
Hi -
We are going into a WAAS deployment and have PIX firewalls running 6.3 code. We are looking to place the WAAS devices on the inside of our firewalls at each end. They will be deployed with WCCP, not inline mode.
I know the "inspect" commands are available in 7.x code, but it will be a big pain to upgrade these firewalls.
From what I read, the WAAS devices use IP or TCP options. Is this true? That's why you need the inspect on 7.x? Is there a way to preserve the options in 6.3 code?
Thanks in advance for a reply! : )Hi Zach;
I am doing one WAAS POC, and I have the problem of the no optmization connections. I reconfigured my appliances, but the prooblem happen, yet.
I would like if pix version ( 6.3.5 ) can to be the my problem?
The brief topology is in attach files.
Regards;
Fabio
Follow any outputs:
REMOTE SITE#SH STaTistics COnnection
Current Active Optimized Flows: 10
Current Active Optimized TCP Plus Flows: 9
Current Active Optimized TCP Only Flows: 0
Current Active Optimized TCP Preposition Flows: 0
Current Active Auto-Discovery Flows: 13
Current Reserved Flows: 10
Current Active Pass-Through Flows: 88
Historical Flows: 200
D:DRE,L:LZ,T:TCP Optimization RR:Total Reduction Ratio
A:AOIM,C:CIFS,E:EPM,G:GENERIC,H:HTTP,M:MAPI,N:NFS,S:SSL,V:VIDEO
ConnID Source IP:Port Dest IP:Port PeerID Accel RR
4061 172.25.101.46:1843 10.40.25.25:8014 00:1a:64:f2:23:81 TA 00.0%
4062 172.25.101.21:3053 10.40.10.102:139 00:1a:64:f2:23:81 TA 00.0%
4063 172.25.101.180:3919 10.40.10.197:8080 00:1a:64:f2:23:81 TA 00.0%
4064 172.25.101.68:4001 10.40.10.31:1417 00:1a:64:f2:23:81 TA 00.0%
4065 172.25.101.54:1703 10.40.10.197:8080 00:1a:64:f2:23:81 TA 00.0%
4066 172.25.101.21:3081 10.44.29.21:1026 00:1a:64:f2:23:81 TA 00.0%
4067 172.25.101.47:1567 10.42.25.25:8014 00:1a:64:f2:23:81 TA 00.0%
4068 172.25.200.250:29314 10.40.100.25:443 00:1a:64:f2:23:81 TA 00.0%
4069 172.25.101.180:3939 10.40.10.197:8080 00:1a:64:f2:23:81 TA 00.0%
4070 172.25.101.24:3123 10.40.15.87:10051 00:1a:64:f2:23:81 TA 00.0%
O-ST: Origin State, T-ST: Terminal State
E: Established, S: Syn, A: Ack, F: Fin, R: Reset
s: sent, r: received, O: Options, P: Passthrough
Local IP:Port Remote IP:Port Peer ID O-ST T-ST ConnType
10.42.25.25:8014 172.25.101.62:3083 00:1a:64:f2:23:81 Sr Sso EXTERNAL CLIENT
10.42.25.25:8014 172.25.101.54:1723 00:1a:64:f2:23:81 Sr Sso EXTERNAL CLIENT
172.25.101.24:10050 10.40.15.87:45117 00:1a:64:f2:23:81 SAsO SAr EXTERNAL SERVER
172.25.101.22:10050 10.40.15.87:54799 00:1a:64:f2:23:81 SAsO SAr EXTERNAL SERVER
172.25.101.22:10050 10.40.15.87:53856 00:1a:64:f2:23:81 SAsO SAr EXTERNAL SERVER
172.25.101.22:10050 10.40.15.87:54342 00:1a:64:f2:23:81 SAsO SAr EXTERNAL SERVER
172.25.101.24:10050 10.40.15.87:38569 00:1a:64:f2:23:81 SAsO SAr EXTERNAL SERVER
172.25.101.24:10050 10.40.15.87:38611 00:1a:64:f2:23:81 SAsO SAr EXTERNAL SERVER
10.40.10.102:389 172.25.101.22:1984 00:1a:64:f2:23:81 Sr Sso EXTERNAL CLIENT
10.40.10.31:1417 172.25.101.68:4006 00:1a:64:f2:23:81 Sr Sso EXTERNAL CLIENT
172.25.101.21:445 10.42.10.198:3639 00:1a:64:f2:23:81 SAsO SAr EXTERNAL SERVER
10.40.10.197:8080 172.25.101.54:1722 00:1a:64:f2:23:81 Sr Sso EXTERNAL CLIENT
10.40.10.197:8080 172.25.101.54:1721 00:1a:64:f2:23:81 Sr Sso EXTERNAL CLIENT
Local IP:Port Remote IP:Port Peer ID ConnType
172.25.101.151:1062 10.40.15.139:5061 N/A PT In Progress
10.40.10.102:1026 172.25.101.167:4058 N/A PT In Progress
172.25.101.160:1663 192.168.207.15:44718 00:1a:64:f2:23:81 PT Peer AOIM Sync in Pr
199.105.179.227:8292 172.25.101.164:8278 N/A PT In Progress
10.40.10.31:1417 172.25.101.162:2598 N/A PT In Progress
10.40.17.107:1494 172.25.101.59:4325 00:1a:64:f2:23:81 PT Peer AOIM Sync in Pr
10.40.10.102:389 172.25.101.21:3099 00:1a:64:f2:23:81 PT Peer AOIM Sync in Pr
10.40.17.102:1494 172.25.101.69:2151 00:1a:64:f2:23:81 PT Peer AOIM Sync in Pr
172.25.101.160:1086 10.40.15.139:5061 N/A PT In Progress
10.40.10.197:11801 172.25.101.68:3790 N/A PT App Cfg
10.40.10.197:8080 172.25.101.54:1720 00:1a:64:f2:23:81 PT Peer AOIM Sync in Pr
172.25.101.21:3101 10.40.10.102:389 00:1a:64:f2:23:81 PT Peer AOIM Sync in Pr
172.25.101.21:10050 10.40.15.87:58088 00:1a:64:f2:23:81 PT Asymmetric
172.25.101.62:1602 10.40.17.107:1494 N/A PT In Progress
10.40.17.102:1494 172.25.101.42:1240 N/A PT In Progress
10.40.10.102:389 172.25.101.22:1980 00:1a:64:f2:23:81 PT Peer AOIM Sync in Pr
172.25.101.164:2829 192.168.206.15:44718 00:1a:64:f2:23:81 PT Peer AOIM Sync in Pr
172.25.101.170:4868 10.40.15.156:80 N/A PT In Progress
172.25.101.164:1960 10.40.15.139:5061 N/A PT In Progress
172.25.101.21:3099 10.40.10.102:389 00:1a:64:f2:23:81 PT Peer AOIM Sync in Pr
10.40.10.94:445 172.25.101.22:1976 00:1a:64:f2:23:81 PT Peer AOIM Sync in Pr
172.25.101.22:1977 10.40.10.94:139 00:1a:64:f2:23:81 PT Peer AOIM Sync in Pr
172.25.101.22:10050 10.40.15.87:51185 00:1a:64:f2:23:81 PT Asymmetric
192.168.207.15:44718 172.25.101.151:1215 00:1a:64:f2:23:81 PT Peer AOIM Sync in Pr
192.168.207.15:44718 172.25.101.166:1531 00:1a:64:f2:23:81 PT Peer AOIM Sync in Pr
172.25.101.22:1976 10.40.10.94:445 00:1a:64:f2:23:81 PT Peer AOIM Sync in Pr
172.25.101.22:139 10.42.10.57:1513 00:1a:64:f2:23:81 PT Asymmetric
10.40.15.87:50394 172.25.101.22:10050 00:1a:64:f2:23:81 PT Asymmetric
10.40.10.197:8080 172.25.101.54:1719 N/A PT In Progress
10.40.15.156:80 172.25.101.170:4869 N/A PT In Progress
10.40.32.128:3630 172.25.101.21:445 00:1a:64:f2:23:81 PT Asymmetric
172.25.101.64:2068 10.40.15.156:80 00:1a:64:f2:23:81 PT Peer AOIM Sync in Pr
172.25.101.21:139 10.44.31.44:1623 00:1a:64:f2:23:81 PT Asymmetric
172.25.101.151:1215 192.168.207.15:44718 00:1a:64:f2:23:81 PT Peer AOIM Sync in Pr
172.25.101.42:1240 10.40.17.102:1494 N/A PT In Progress
10.42.10.57:1513 172.25.101.22:139 00:1a:64:f2:23:81 PT Asymmetric
172.25.101.163:1769 10.40.10.31:1417 N/A PT In Progress
192.168.207.15:44718 172.25.101.41:1213 00:1a:64:f2:23:81 PT Peer AOIM Sync in Pr
172.25.101.69:1273 10.40.17.107:1494 00:1a:64:f2:23:81 PT Peer AOIM Sync in Pr
172.25.101.24:10050 10.40.15.87:37482 00:1a:64:f2:23:81 PT Asymmetric
172.25.101.167:3988 10.40.15.139:5061 N/A PT In Progress
10.40.10.197:43079 172.25.101.68:1284 N/A PT In Progress
172.25.101.62:3069 10.42.25.25:8014 N/A PT In Progress
172.25.101.59:4279 10.40.17.102:1494 N/A PT In Progress
172.25.101.47:4625 10.40.17.107:1494 00:1a:64:f2:23:81 PT Peer AOIM Sync in Pr
10.40.10.31:1417 172.25.101.166:2849 N/A PT In Progress
172.25.101.164:8278 199.105.179.227:8292 N/A PT In Progress
192.168.206.15:44718 172.25.101.151:1214 00:1a:64:f2:23:81 PT Peer AOIM Sync in Pr
10.40.10.31:1417 172.25.101.42:1165 N/A PT In Progress
172.25.101.72:1643 10.40.10.31:1417 N/A PT In Progress
172.25.101.54:1720 10.40.10.197:8080 00:1a:64:f2:23:81 PT Peer AOIM Sync in Pr
172.25.101.166:1530 192.168.206.15:44718 N/A PT In Progress
172.25.101.164:8277 199.105.179.20:8292 N/A PT In Progress
10.40.15.87:59095 172.25.101.21:10050 00:1a:64:f2:23:81 PT Asymmetric
10.40.10.31:1417 172.25.101.42:1167 N/A PT In Progress
10.40.15.87:35209 172.25.101.24:10050 00:1a:64:f2:23:81 PT Asymmetric
172.25.101.166:2849 10.40.10.31:1417 N/A PT In Progress
10.40.10.31:1417 172.25.101.61:1454 N/A PT In Progress
10.40.15.139:5061 172.25.101.166:4585 N/A PT In Progress
172.25.101.64:2066 10.40.15.156:80 00:1a:64:f2:23:81 PT Peer AOIM Sync in Pr
172.25.101.42:1167 10.40.10.31:1417 N/A PT In Progress
172.25.101.42:2161 10.40.10.102:1026 N/A PT In Progress
10.40.10.102:1026 172.25.101.42:2408 N/A PT In Progress
10.42.25.25:8014 172.25.101.62:3069 N/A PT In Progress
172.25.101.62:3076 10.40.10.31:1417 N/A PT In Progress
172.25.101.151:1214 192.168.206.15:44718 00:1a:64:f2:23:81 PT Peer AOIM Sync in Pr
172.25.101.170:4869 10.40.15.156:80 N/A PT In Progress
192.168.206.15:44718 172.25.101.159:1187 N/A PT In Progress
172.25.101.152:2984 10.40.10.197:8080 N/A PT In Progress
172.25.101.24:10050 10.40.15.87:35209 00:1a:64:f2:23:81 PT Asymmetric
172.25.101.22:1975 10.40.10.102:389 00:1a:64:f2:23:81 PT Peer AOIM Sync in Pr
10.40.10.85:4681 172.25.101.21:139 00:1a:64:f2:23:81 PT Asymmetric
172.25.101.164:2830 192.168.207.15:44718 00:1a:64:f2:23:81 PT Peer AOIM Sync in Pr
10.40.15.139:5061 172.25.101.158:1130 N/A PT In Progress
10.40.10.31:1417 172.25.101.46:1844 N/A PT In Progress
10.40.10.31:1417 172.25.101.162:2646 00:1a:64:f2:23:81 PT Peer AOIM Sync in Pr
172.25.101.68:1272 10.40.10.197:42465 N/A PT In Progress
172.25.101.41:1213 192.168.207.15:44718 00:1a:64:f2:23:81 PT Peer AOIM Sync in Pr
192.168.207.16:44718 172.25.101.69:1413 00:1a:64:f2:23:81 PT Peer AOIM Sync in Pr
10.40.10.31:1417 172.25.101.62:3082 N/A PT In Progress
199.105.179.20:8292 172.25.101.164:8277 N/A PT In Progress
10.40.10.102:389 172.25.101.22:1982 00:1a:64:f2:23:81 PT Peer AOIM Sync in Pr
10.44.31.44:1623 172.25.101.21:139 00:1a:64:f2:23:81 PT Asymmetric
172.25.101.42:2408 10.40.10.102:1026 N/A PT In Progress
10.40.15.87:60046 172.25.101.21:10050 00:1a:64:f2:23:81 PT Asymmetric
10.40.10.102:1026 172.25.101.42:2161 N/A PT In Progress
172.25.101.68:3790 10.40.10.197:11801 N/A PT App Cfg
172.25.101.21:139 10.40.10.85:4681 00:1a:64:f2:23:81 PT Asymmetric
10.40.15.87:51254 172.25.101.22:10050 00:1a:64:f2:23:81 PT Asymmetric
10.40.17.107:1494 172.25.101.69:1273 00:1a:64:f2:23:81 PT Peer AOIM Sync in Pr
172.25.101.69:2151 10.40.17.102:1494 00:1a:64:f2:23:81 PT Peer AOIM Sync in Pr
10.40.10.197:8080 172.25.101.54:1717 N/A PT In Progress
172.25.101.160:1662 192.168.206.15:44718 00:1a:64:f2:23:81 PT Peer AOIM Sync in Pr
10.40.10.31:1417 172.25.101.52:1181 N/A PT In Progress
172.25.101.159:1189 192.168.207.15:44718 00:1a:64:f2:23:81 PT Peer AOIM Sync in Pr
10.40.15.87:51185 172.25.101.22:10050 00:1a:64:f2:23:81 PT Asymmetric
172.25.101.21:445 10.40.10.172:14095 00:1a:64:f2:23:81 PT Asymmetric
172.25.101.21:445 10.40.32.128:3630 00:1a:64:f2:23:81 PT Asymmetric
10.40.15.156:80 172.25.101.64:2066 00:1a:64:f2:23:81 PT Peer AOIM Sync in Pr
192.168.206.15:44718 172.25.101.166:1530 N/A PT In Progress
172.25.101.59:4325 10.40.17.107:1494 00:1a:64:f2:23:81 PT Peer AOIM Sync in Pr
10.40.10.197:8080 172.25.101.152:2984 N/A PT In Progress
10.40.15.139:5061 172.25.101.154:3473 N/A PT In Progress
172.25.101.42:1165 10.40.10.31:1417 N/A PT In Progress
10.40.10.31:1417 172.25.101.61:1437 N/A PT In Progress
172.25.101.163:2626 10.41.22.31:139 N/A PT In Progress
172.25.101.22:1980 10.40.10.102:389 00:1a:64:f2:23:81 PT Peer AOIM Sync in Pr
10.40.10.172:14095 172.25.101.21:445 00:1a:64:f2:23:81 PT Asymmetric
172.25.101.22:10050 10.40.15.87:50394 00:1a:64:f2:23:81 PT Asymmetric
10.40.15.87:57663 172.25.101.21:10050 00:1a:64:f2:23:81 PT Asymmetric
172.25.101.61:1437 10.40.10.31:1417 N/A PT In Progress
172.25.101.42:1242 10.40.17.102:1494 N/A PT In Progress
172.25.101.69:1412 192.168.206.16:44718 00:1a:64:f2:23:81 PT Peer AOIM Sync in Pr
10.40.10.102:389 172.25.101.22:1975 00:1a:64:f2:23:81 PT Peer AOIM Sync in Pr
172.25.101.71:2538 10.40.10.31:1417 N/A PT In Progress
172.25.101.22:10050 10.40.15.87:51254 00:1a:64:f2:23:81 PT Asymmetric
172.25.101.159:1187 192.168.206.15:44718 N/A PT In Progress
10.40.10.31:1417 172.25.101.72:1643 N/A PT In Progress
172.25.101.54:1717 10.40.10.197:8080 N/A PT In Progress
172.25.101.167:4056 10.40.10.102:1026 N/A PT In Progress
10.40.15.139:5061 172.25.101.51:3188 N/A PT In Progress
192.168.206.15:44718 172.25.101.160:1662 00:1a:64:f2:23:81 PT Peer AOIM Sync in Pr
10.40.15.87:35513 172.25.101.24:10050 00:1a:64:f2:23:81 PT Asymmetric
10.40.10.31:1417 172.25.101.71:2538 N/A PT In Progress
172.25.101.166:4585 10.40.15.139:5061 N/A PT In Progress
172.25.101.154:3473 10.40.15.139:5061 N/A PT In Progress
172.25.101.158:1130 10.40.15.139:5061 N/A PT In Progress
10.40.17.102:1494 172.25.101.59:4279 N/A PT In Progress
172.25.101.62:3082 10.40.10.31:1417 N/A PT In Progress
10.42.25.25:8014 172.25.101.54:1696 N/A PT In Progress
10.40.10.102:1026 172.25.101.167:4056 N/A PT In Progress
10.40.15.87:58088 172.25.101.21:10050 00:1a:64:f2:23:81 PT Asymmetric
10.40.10.31:1417 172.25.101.166:2831 N/A PT In Progress
172.25.101.166:2831 10.40.10.31:1417 N/A PT In Progress
192.168.207.15:44718 172.25.101.160:1663 00:1a:64:f2:23:81 PT Peer AOIM Sync in Pr
172.25.101.41:1212 192.168.206.15:44718 00:1a:64:f2:23:81 PT Peer AOIM Sync in Pr
10.40.10.31:1417 172.25.101.163:1769 N/A PT In Progress
172.25.101.61:1454 10.40.10.31:1417 N/A PT In Progress
10.40.17.107:1494 172.25.101.62:1602 N/A PT In Progress
172.25.101.52:1181 10.40.10.31:1417 N/A PT In Progress
172.25.101.24:10050 10.40.15.87:35513 00:1a:64:f2:23:81 PT Asymmetric
10.40.15.139:5061 172.25.101.151:1062 N/A PT In Progress
172.25.101.51:3188 10.40.15.139:5061 N/A PT In Progress
10.40.15.156:80 172.25.101.170:4868 N/A PT In Progress
192.168.206.16:44718 172.25.101.69:1412 00:1a:64:f2:23:81 PT Peer AOIM Sync in Pr
10.40.15.139:5061 172.25.101.164:1960 N/A PT In Progress
172.25.101.54:1719 10.40.10.197:8080 N/A PT In Progress
172.25.101.166:1531 192.168.207.15:44718 00:1a:64:f2:23:81 PT Peer AOIM Sync in Pr
172.25.101.54:1696 10.42.25.25:8014 N/A PT In Progress
10.40.17.102:1494 172.25.101.42:1242 N/A PT In Progress
10.40.15.87:59892 172.25.101.21:10050 00:1a:64:f2:23:81 PT Asymmetric
172.25.101.21:10050 10.40.15.87:57663 00:1a:64:f2:23:81 PT Asymmetric
10.40.17.107:1494 172.25.101.47:4625 00:1a:64:f2:23:81 PT Peer AOIM Sync in Pr
172.25.101.69:1413 192.168.207.16:44718 00:1a:64:f2:23:81 PT Peer AOIM Sync in Pr
10.40.15.87:37482 172.25.101.24:10050 00:1a:64:f2:23:81 PT Asymmetric
192.168.206.15:44718 172.25.101.164:2829 00:1a:64:f2:23:81 PT Peer AOIM Sync in Pr
10.40.15.139:5061 172.25.101.160:1086 N/A PT In Progress
172.25.101.22:1982 10.40.10.102:389 00:1a:64:f2:23:81 PT Peer AOIM Sync in Pr
172.25.101.21:10050 10.40.15.87:59095 00:1a:64:f2:23:81 PT Asymmetric
10.41.22.31:139 172.25.101.163:2626 N/A PT In Progress
172.25.101.167:4058 10.40.10.102:1026 N/A PT In Progress
172.25.101.68:1284 10.40.10.197:43079 N/A PT In Progress
10.40.10.197:42465 172.25.101.68:1272 N/A PT In Progress
172.25.101.162:2598 10.40.10.31:1417 N/A PT In Progress
10.40.10.31:1417 172.25.101.62:3076 N/A PT In Progress
10.40.15.139:5061 172.25.101.167:3988 N/A PT In Progress
172.25.101.21:10050 10.40.15.87:60046 00:1a:64:f2:23:81 PT Asymmetric
192.168.206.15:44718 172.25.101.41:1212 00:1a:64:f2:23:81 PT Peer AOIM Sync in Pr
192.168.207.15:44718 172.25.101.159:1189 00:1a:64:f2:23:81 PT Peer AOIM Sync in Pr
192.168.207.15:44718 172.25.101.164:2830 00:1a:64:f2:23:81 PT Peer AOIM Sync in Pr
10.40.10.94:139 172.25.101.22:1977 00:1a:64:f2:23:81 PT Peer AOIM Sync in Pr
172.25.101.162:2646 10.40.10.31:1417 00:1a:64:f2:23:81 PT Peer AOIM Sync in Pr
10.40.15.156:80 172.25.101.64:2068 00:1a:64:f2:23:81 PT Peer AOIM Sync in Pr
10.40.10.102:389 172.25.101.21:3101 00:1a:64:f2:23:81 PT Peer AOIM Sync in Pr
172.25.101.21:10050 10.40.15.87:59892 00:1a:64:f2:23:81 PT Asymmetric
172.25.101.46:1844 10.40.10.31:1417 N/A PT In Progress
WAE-DC-CORE#SH STATistics COnnection
Current Active Optimized Flows: 7
Current Active Optimized TCP Plus Flows: 7
Current Active Optimized TCP Only Flows: 0
Current Active Optimized TCP Preposition Flows: 0
Current Active Auto-Discovery Flows: 19
Current Reserved Flows: 10
Current Active Pass-Through Flows: 289
Historical Flows: 200
D:DRE,L:LZ,T:TCP Optimization RR:Total Reduction Ratio
A:AOIM,C:CIFS,E:EPM,G:GENERIC,H:HTTP,M:MAPI,N:NFS,S:SSL,V:VIDEO
ConnID Source IP:Port Dest IP:Port PeerID Accel RR
8192 10.40.15.87:38710 172.25.101.22:10050 00:23:7d:06:4e:7c TA 00.0%
8193 10.40.15.87:45117 172.25.101.24:10050 00:23:7d:06:4e:7c TA 00.0%
8196 10.42.10.198:3639 172.25.101.21:445 00:23:7d:06:4e:7c TA 00.0%
8198 10.40.15.87:53856 172.25.101.22:10050 00:23:7d:06:4e:7c TA 00.0%
8200 10.40.15.87:42552 172.25.101.24:10050 00:23:7d:06:4e:7c TA 00.0%
8201 10.41.4.41:2001 10.40.10.31:135 N/A E 00.0%
8202 10.40.15.87:48193 172.25.101.21:10050 00:23:7d:06:4e:7c TA 00.0%
O-ST: Origin State, T-ST: Terminal State
E: Established, S: Syn, A: Ack, F: Fin, R: Reset
s: sent, r: received, O: Options, P: Passthrough
Local IP:Port Remote IP:Port Peer ID O-ST T-ST ConnType
10.40.10.197:8080 172.25.101.54:1743 00:23:7d:06:4e:7c SAsO SAr EXTERNAL SERVER
10.40.10.197:8080 172.25.101.54:1742 00:23:7d:06:4e:7c SAsO SAr EXTERNAL SERVER
10.41.1.151:445 10.42.10.27:65440 N/A Sr Ss EXTERNAL CLIENT
10.41.1.151:139 10.42.10.27:65441 N/A Sr Ss EXTERNAL CLIENT
10.41.1.151:139 10.42.10.27:65442 N/A Sr Ss EXTERNAL CLIENT
10.40.10.197:8080 172.25.101.180:3939 00:23:7d:06:4e:7c SAsO SAr EXTERNAL SERVER
172.25.101.21:139 172.1.0.6:4200 00:23:7d:06:4e:7c Sr Sso EXTERNAL CLIENT
10.40.100.25:443 172.25.200.250:2931400:23:7d:06:4e:7c SAsO SAr EXTERNAL SERVER
10.40.10.31:135 172.25.101.41:2426 00:23:7d:06:4e:7c SAsO SAr EXTERNAL SERVER
10.40.10.102:389 172.25.101.22:1992 00:23:7d:06:4e:7c SAsO SAr EXTERNAL SERVER
10.40.25.25:8014 172.25.101.46:1862 00:23:7d:06:4e:7c SAsO SAr EXTERNAL SERVER
10.40.15.87:10051 172.25.101.24:3123 00:23:7d:06:4e:7c SAsO SAr EXTERNAL SERVER
172.25.101.21:445 10.42.10.198:4186 00:23:7d:06:4e:7c Sr Sso EXTERNAL CLIENT
10.41.1.54:135 10.40.10.50:1409 N/A Sr Ss EXTERNAL CLIENT
10.40.10.197:8080 172.25.101.72:2350 00:23:7d:06:4e:7c SAsO SAr EXTERNAL SERVER
172.25.101.21:139 10.42.10.198:4215 00:23:7d:06:4e:7c Sr Sso EXTERNAL CLIENT
10.44.29.21:1026 172.25.101.21:3081 00:23:7d:06:4e:7c SAsO SAr EXTERNAL SERVER
10.42.25.25:8014 172.25.101.47:1567 00:23:7d:06:4e:7c SAsO SAr EXTERNAL SERVER
10.40.10.197:8080 172.25.101.47:1573 00:23:7d:06:4e:7c SAsO SAr EXTERNAL SERVER
Local IP:Port Remote IP:Port Peer ID ConnType
10.42.10.182:26755 172.25.101.24:139 N/A PT In Progress
172.25.101.22:10050 10.40.15.87:41566 00:23:7d:06:4e:7c PT Peer AOIM Sync in Pr
10.40.10.31:1417 10.41.1.150:4569 N/A PT In Progress
10.42.10.27:65451 10.41.6.22:445 N/A PT In Progress
10.41.1.21:139 10.40.10.85:1153 N/A PT No Peer
172.30.101.116:4852 10.42.17.101:1494 N/A PT In Progress
10.41.1.22:1870 10.40.10.94:1433 N/A PT No Peer
10.40.10.197:8080 10.41.4.41:2006 N/A PT No Peer
10.40.10.197:8080 10.41.80.143:1863 N/A PT No Peer
10.41.22.35:139 10.41.80.143:1867 N/A PT No Peer
10.40.15.222:80 10.41.4.42:2138 N/A PT No Peer
172.25.101.68:3790 10.40.10.197:11801 N/A PT App Cfg
10.41.4.41:1998 10.40.10.197:8080 N/A PT No Peer
10.40.15.87:47493 10.41.11.21:10050 N/A PT No Peer
10.40.10.197:8080 10.41.7.142:2987 N/A PT In Progress
172.25.101.166:1530 192.168.206.15:44718 00:23:7d:06:4e:7c PT Asymmetric
10.40.17.102:1494 172.25.101.175:3951 N/A PT In Progress
10.40.15.87:53532 10.41.80.21:10050 N/A PT No Peer
172.25.101.21:139 10.40.10.85:4681 N/A PT In Progress
172.25.101.52:1186 10.40.10.31:1417 N/A PT In Progress
10.42.17.101:1494 172.30.101.116:4852 N/A PT In Progress
172.25.101.160:1663 192.168.207.15:44718 00:23:7d:06:4e:7c PT Asymmetric
10.41.4.142:3102 192.168.207.15:44718 N/A PT No Peer
172.30.101.151:445 10.40.10.85:1050 N/A PT No Peer
10.40.15.87:44478 10.41.6.21:10050 N/A PT No Peer
10.41.4.22:10050 10.40.15.87:51065 N/A PT No Peer
172.30.101.151:10050 10.40.15.87:49696 N/A PT No Peer
172.30.101.56:3079 10.40.15.139:5061 N/A PT In Progress
10.41.1.150:1189 192.168.206.15:44718 N/A PT No Peer
10.40.15.87:51135 10.41.80.22:10050 N/A PT No Peer
199.105.179.227:8292 172.25.101.164:8278 N/A PT In Progress
10.40.17.107:1494 172.25.101.69:1273 00:23:7d:06:4e:7c PT Asymmetric
10.41.22.35:445 10.41.80.143:1866 N/A PT No Peer
172.25.101.54:1741 10.40.10.197:8080 00:23:7d:06:4e:7c PT Asymmetric
172.25.101.56:3407 10.42.25.25:8014 00:23:7d:06:4e:7c PT Asymmetric
172.25.101.21:10050 10.40.15.87:46744 00:23:7d:06:4e:7c PT Peer AOIM Sync in Pr
10.41.6.22:10050 10.40.15.87:60136 N/A PT No Peer
10.40.15.87:52517 10.41.80.22:10050 N/A PT No Peer
172.25.101.164:8277 199.105.179.20:8292 N/A PT In Progress
172.30.101.72:2856 10.40.15.139:5061 N/A PT In Progress
172.30.101.101:3369 10.40.10.197:8080 N/A PT No Peer
10.40.17.107:1494 172.25.101.59:4325 00:23:7d:06:4e:7c PT Asymmetric
10.40.15.87:50525 10.41.1.22:10050 N/A PT No Peer
10.41.4.41:2005 10.40.10.197:8080 N/A PT No Peer
10.40.10.31:1417 172.25.101.166:2831 N/A PT In Progress
172.25.101.166:2831 10.40.10.31:1417 N/A PT In Progress
172.25.101.69:2151 10.40.17.102:1494 00:23:7d:06:4e:7c PT Asymmetric
172.30.101.110:2858 192.168.207.16:44718 N/A PT No Peer
10.41.7.21:10050 10.40.15.87:58747 N/A PT No Peer
10.40.10.31:1417 10.41.1.62:4122 N/A PT In Progress
172.25.101.160:1662 192.168.206.15:44718 00:23:7d:06:4e:7c PT Asymmetric
10.41.7.21:10050 10.40.15.87:57793 N/A PT No Peer
192.168.207.15:44718 172.25.101.160:1663 00:23:7d:06:4e:7c PT Asymmetric
10.40.10.197:8080 172.30.101.114:2173 N/A PT In Progress
10.40.15.87:52823 10.41.80.22:10050 N/A PT No Peer
10.41.1.62:4122 10.40.10.31:1417 N/A PT In Progress
10.40.15.203:80 10.41.7.143:3701 N/A PT In Progress
10.40.17.102:1494 172.25.101.69:2151 00:23:7d:06:4e:7c PT Asymmetric
10.41.4.42:2139 10.40.15.222:80 N/A PT No Peer
172.25.101.41:1212 192.168.206.15:44718 00:23:7d:06:4e:7c PT Asymmetric
10.40.10.31:1417 10.41.1.150:1933 N/A PT In Progress
10.41.6.22:4544 10.40.25.25:8014 N/A PT In Progress
10.41.6.21:445 10.42.10.198:4086 N/A PT In Progress
10.40.10.197:8080 10.41.80.143:1852 N/A PT No Peer
10.40.10.31:1417 10.41.1.52:3675 N/A PT In Progress
10.41.4.21:445 10.42.10.198:3924 N/A PT In Progress
10.40.15.203:80 10.41.1.62:1921 N/A PT In Progress
10.40.15.87:38582 10.41.7.22:10050 N/A PT No Peer
10.40.15.87:44797 10.41.6.21:10050 N/A PT No Peer
10.41.80.143:1864 10.40.10.197:8080 N/A PT No Peer
10.41.80.22:10050 10.40.15.87:52777 N/A PT No Peer
10.41.4.142:3101 192.168.206.15:44718 N/A PT No Peer
10.42.10.198:4086 10.41.6.21:445 N/A PT In Progress
10.40.15.87:50685 10.41.80.22:10050 N/A PT No Peer
10.40.10.31:1417 172.25.101.163:1769 N/A PT In Progress
10.40.10.31:1417 172.25.101.41:2181 N/A PT In Progress
192.168.207.16:44718 10.41.4.44:2728 N/A PT No Peer
172.25.101.41:2429 10.42.25.25:8014 00:23:7d:06:4e:7c PT Asymmetric
10.41.22.32:139 10.41.80.45:2646 N/A PT In Progress
10.40.10.31:1417 172.30.101.51:2626 N/A PT In Progress
10.40.10.197:11801 172.25.101.68:3790 N/A PT App Cfg
10.40.10.31:1417 10.41.1.51:2973 N/A PT In Progress
10.40.15.87:38245 10.41.7.22:10050 N/A PT No Peer
10.41.4.49:1243 10.42.17.103:1494 N/A PT In Progress
10.40.15.87:52777 10.41.80.22:10050 N/A PT No Peer
10.40.15.87:57793 10.41.7.21:10050 N/A PT No Peer
10.40.10.31:1417 172.30.101.53:2960 N/A PT In Progress
10.40.34.74:445 172.25.101.166:4566 N/A PT In Progress
10.41.6.22:10050 10.40.15.87:32814 N/A PT No Peer
10.40.10.197:8080 172.25.101.54:1741 00:23:7d:06:4e:7c PT Asymmetric
10.40.15.87:57550 10.41.7.21:10050 N/A PT No Peer
10.40.10.31:1417 172.25.101.52:1181 N/A PT In Progress
172.30.101.51:2626 10.40.10.31:1417 N/A PT In Progress
10.41.1.150:1118 10.40.15.139:5061 N/A PT In Progress
10.42.25.25:8014 172.25.101.41:2429 00:23:7d:06:4e:7c PT Asymmetric
10.42.17.103:1494 10.41.4.49:1243 N/A PT In Progress
172.25.101.61:1210 10.42.25.25:8014 00:23:7d:06:4e:7c PT Asymmetric
10.41.7.142:2987 10.40.10.197:8080 N/A PT In Progress
10.40.10.85:1163 10.41.80.21:139 N/A PT No Peer
192.168.206.16:44718 172.30.101.110:2857 N/A PT No Peer
172.25.101.52:1181 10.40.10.31:1417 N/A PT In Progress
10.40.10.31:1417 10.41.6.141:2816 N/A PT In Progress
10.41.1.52:4807 10.42.10.102:445 N/A PT In Progress
10.41.4.21:445 10.40.10.85:4666 N/A PT In Progress
10.41.7.143:3701 10.40.15.203:80 N/A PT In Progress
10.41.1.50:4545 10.40.17.107:1494 N/A PT No Peer
10.40.10.85:1153 10.41.1.21:139 N/A PT No Peer
10.41.80.143:1865 10.40.10.197:8080 N/A PT No Peer
10.41.4.21:445 10.40.10.85:1235 N/A PT No Peer
10.41.6.22:10050 10.40.15.87:59337 N/A PT No Peer
172.25.101.159:1189 192.168.207.15:44718 00:23:7d:06:4e:7c PT Asymmetric
172.25.101.170:4801 10.40.10.31:1417 N/A PT In Progress
172.25.101.21:10050 10.40.15.87:45074 00:23:7d:06:4e:7c PT Peer AOIM Sync in Pr
10.41.80.142:1823 10.41.22.35:445 N/A PT No Peer
10.42.10.198:3882 10.41.11.21:445 N/A PT In Progress
10.41.80.21:445 10.42.10.27:65455 N/A PT In Progress
10.41.6.48:4629 10.40.10.102:1026 N/A PT In Progress
10.42.10.198:4049 10.41.83.21:445 N/A PT In Progress
10.41.1.50:3762 10.40.15.139:5061 N/A PT In Progress
10.40.25.25:8014 10.41.4.48:1436 N/A PT In Progress
10.40.17.107:1494 172.30.101.69:2720 N/A PT In Progress
10.40.10.31:1417 172.25.101.49:2416 N/A PT In Progress
172.25.101.62:2027 10.40.15.139:5061 N/A PT In Progress
10.41.1.21:445 10.42.10.198:4061 N/A PT In Progress
172.30.101.51:3091 10.40.10.31:1417 N/A PT No Peer
10.41.1.21:10050 10.40.15.87:53725 N/A PT No Peer
10.40.15.87:42827 10.41.6.21:10050 N/A PT No Peer
10.41.4.49:1242 10.40.17.102:1494 N/A PT In Progress
10.40.10.31:1417 10.41.1.150:4570 N/A PT No Peer
10.42.10.27:65455 10.41.80.21:445 N/A PT In Progress
10.41.1.62:1757 10.40.10.175:445 N/A PT No Peer
10.40.10.197:8080 10.41.7.142:2988 N/A PT No Peer
10.41.6.21:10050 10.40.15.87:44280 N/A PT No Peer
10.40.10.197:8080 10.41.1.55:3872 N/A PT No Peer
10.41.80.21:10050 10.40.15.87:53532 N/A PT No Peer
10.41.11.22:10050 10.40.15.87:50717 N/A PT No Peer
10.40.15.87:52520 10.41.1.21:10050 N/A PT No Peer
10.40.10.197:8080 10.41.1.55:3898 N/A PT No Peer
10.41.1.62:4085 192.168.201.153:443 N/A PT In Progress
10.40.15.87:51315 172.25.101.24:10050 00:23:7d:06:4e:7c PT Peer AOIM Sync in Pr
172.25.101.167:4018 10.40.10.31:1417 N/A PT In Progress
10.40.15.87:59367 10.41.6.22:10050 N/A PT No Peer
192.168.206.15:44718 172.25.101.166:1530 00:23:7d:06:4e:7c PT Asymmetric
10.40.25.25:8014 172.25.101.180:3908 N/A PT In Progress
172.25.101.59:4325 10.40.17.107:1494 00:23:7d:06:4e:7c PT Asymmetric
10.41.80.21:445 10.40.10.85:1156 N/A PT No Peer
172.30.101.151:445 10.42.10.198:3217 N/A PT In Progress
10.41.1.52:3675 10.40.10.31:1417 N/A PT In Progress
10.42.10.27:65460 172.25.101.22:445 00:23:7d:06:4e:7c PT Peer AOIM Sync in Pr
10.40.25.25:8014 10.41.6.22:4544 N/A PT In Progress
172.25.101.54:1739 10.40.10.197:8080 00:23:7d:06:4e:7c PT Asymmetric
10.41.6.22:10050 10.40.15.87:59367 N/A PT No Peer
172.30.101.151:10050 10.40.15.87:49145 N/A PT No Peer
10.40.15.139:5061 172.25.101.163:1056 N/A PT In Progress
172.30.101.53:3128 10.40.10.31:1417 N/A PT No Peer
10.41.80.22:10050 10.40.15.87:50660 N/A PT No Peer
10.41.4.49:2010 10.41.22.35:139 N/A PT In Progress
172.25.101.24:10050 10.40.15.87:51107 00:23:7d:06:4e:7c PT Peer AOIM Sync in Pr
192.168.206.16:44718 172.25.101.69:1412 00:23:7d:06:4e:7c PT Asymmetric
172.25.101.21:3118 10.44.9.21:1025 00:23:7d:06:4e:7c PT Asymmetric
10.40.10.197:8080 10.41.80.143:1870 N/A PT No Peer
10.40.15.87:10051 10.41.6.21:3959 N/A PT No Peer
10.40.10.102:1026 172.25.101.21:3004 N/A PT In Progress
10.41.1.62:4084 192.168.201.153:443 N/A PT In Progress
10.40.10.197:8080 172.25.101.47:1570 00:23:7d:06:4e:7c PT Asymmetric
10.40.15.87:53725 10.41.1.21:10050 N/A PT No Peer
10.40.10.85:1236 10.41.4.21:139 N/A PT No Peer
10.40.15.87:37488 10.41.7.22:10050 N/A PT No Peer
10.40.10.31:1417 10.41.4.142:4230 N/A PT In Progress
10.40.15.139:5061 10.41.1.57:4427 N/A PT In Progress
10.41.11.22:10050 10.40.15.87:49203 N/A PT No Peer
10.40.15.87:46735 10.41.11.21:10050 N/A PT No Peer
10.41.80.143:1870 10.40.10.197:8080 N/A PT No Peer
10.40.10.197:8080 172.30.101.53:3127 N/A PT No Peer
172.30.101.69:4050 10.40.10.31:1417 N/A PT In Progress
10.41.1.42:3541 192.168.201.153:443 N/A PT In Progress
10.41.7.146:2596 10.40.10.31:1417 N/A PT In Progress
172.30.101.101:3368 10.40.10.197:8080 N/A PT No Peer
10.42.10.198:3217 172.30.101.151:445 N/A PT In Progress
10.40.10.85:1068 10.41.6.21:445 N/A PT In Progress
10.40.15.87:54352 172.30.101.152:10050 N/A PT No Peer
10.40.15.139:5061 10.41.4.41:3772 N/A PT In Progress
10.42.10.197:8080 172.30.101.69:4074 N/A PT No Peer
172.25.101.164:2829 192.168.206.15:44718 00:23:7d:06:4e:7c PT Asymmetric
10.41.1.22:10050 10.40.15.87:51195 N/A PT No Peer
10.42.10.102:445 10.41.1.52:4807 N/A PT In Progress
10.40.10.103:1026 10.41.1.42:3850 N/A PT In Progress
10.40.10.103:1026 10.41.1.62:4281 N/A PT In Progress
172.25.101.156:4804 10.40.15.139:5061 N/A PT In Progress
10.40.10.85:1156 10.41.80.21:445 N/A PT No Peer
172.25.101.166:1531 192.168.207.15:44718 00:23:7d:06:4e:7c PT Asymmetric
10.40.10.31:1417 172.30.101.116:1322 N/A PT In Progress
192.168.201.153:443 10.41.1.62:4084 N/A PT In Progress
172.25.101.42:1104 10.40.10.102:1026 N/A PT In Progress
10.40.17.107:1494 10.41.1.50:4545 N/A PT No Peer
10.40.10.85:1050 172.30.101.151:445 N/A PT No Peer
10.40.15.87:50601 10.41.11.22:10050 N/A PT No Peer
10.41.1.60:4515 10.40.10.31:1382 N/A PT In Progress
10.40.15.87:50717 10.41.11.22:10050 N/A PT No Peer
172.30.101.71:1303 192.168.206.15:44718 N/A PT No Peer
10.41.80.43:4121 10.42.25.25:8014 N/A PT In Progress
10.40.10.31:1417 10.41.7.44:1512 N/A PT In Progress
172.30.101.116:1322 10.40.10.31:1417 N/A PT In Progress
10.40.10.31:1382 10.41.1.42:3554 N/A PT In Progress
10.40.15.87:45429 172.25.101.21:10050 00:23:7d:06:4e:7c PT Peer AOIM Sync in Pr
10.40.10.85:4666 10.41.4.21:445 N/A PT In Progress
10.42.25.25:8014 172.25.101.56:3407 00:23:7d:06:4e:7c PT Asymmetric
10.40.10.197:8080 10.41.80.143:1871 N/A PT No Peer
10.40.10.197:8080 10.41.4.41:1998 N/A PT No Peer
172.25.101.49:2416 10.40.10.31:1417 N/A PT In Progress
10.40.15.222:80 10.41.4.42:2139 N/A PT No Peer
10.41.7.44:1512 10.40.10.31:1417 N/A PT In Progress
10.40.15.87:49145 172.30.101.151:10050 N/A PT No Peer
172.25.101.156:3452 10.40.10.197:8080 N/A PT In Progress
10.41.1.51:2973 10.40.10.31:1417 N/A PT In Progress
10.40.15.87:50660 10.41.80.22:10050 N/A PT No Peer
172.25.101.52:1189 10.40.15.156:80 00:23:7d:06:4e:7c PT Asymmetric
172.30.101.53:3129 10.40.10.197:8080 N/A PT No Peer
172.25.101.62:3076 10.40.10.31:1417 N/A PT In Progress
10.40.25.25:8014 10.41.7.143:3655 N/A PT In Progress
10.41.83.21:139 10.40.10.85:1223 N/A PT No Peer
10.40.15.87:60387 10.41.6.22:10050 N/A PT No Peer
10.42.10.198:3954 10.41.7.21:445 N/A PT In Progress
172.25.101.41:2181 10.40.10.31:1417 N/A PT In Progress
10.41.1.142:2784 10.40.25.25:8014 N/A PT No Peer
10.44.62.21:2644 172.25.101.24:139 N/A PT In Progress
172.30.101.72:4720 10.40.25.25:8014 N/A PT In Progress
10.41.1.62:1921 10.40.15.203:80 N/A PT In Progress
172.25.101.168:1071 10.40.15.139:5061 N/A PT In Progress
10.41.80.143:1849 10.40.10.197:8080 N/A PT No Peer
172.30.101.151:10050 10.40.15.87:48082 N/A PT No Peer
10.40.10.31:1417 172.30.101.78:2812 N/A PT In Progress
10.40.10.31:1417 10.41.6.48:4329 N/A PT In Progress
172.25.101.151:1214 192.168.206.15:44718 00:23:7d:06:4e:7c PT Asymmetric
172.25.101.47:1570 10.40.10.197:8080 00:23:7d:06:4e:7c PT Asymmetric
10.40.17.107:1494 172.25.101.47:4625 00:23:7d:06:4e:7c PT Asymmetric
10.41.80.21:10050 10.40.15.87:53558 N/A PT No Peer
10.40.15.87:51065 10.41.4.22:10050 N/A PT No Peer
10.40.25.25:8014 10.41.1.142:2784 N/A PT No Peer
10.41.7.142:2989 10.40.10.197:8080 N/A PT No Peer
10.40.10.197:8080 172.30.101.53:3129 N/A PT No Peer
10.40.15.87:41566 172.25.101.22:10050 00:23:7d:06:4e:7c PT Peer AOIM Sync in Pr
10.41.80.22:10050 10.40.15.87:51135 N/A PT No Peer
10.41.1.22:10050 10.40.15.87:50525 N/A PT No Peer
10.40.15.87:60136 10.41.6.22:10050 N/A PT No Peer
10.41.7.142:2316 10.40.17.102:1494 N/A PT No Peer
10.40.10.31:1417 10.41.7.146:2596 N/A PT In Progress
10.40.10.197:8080 10.41.4.41:2005 N/A PT No Peer
172.30.101.53:2960 10.40.10.31:1417 N/A PT In Progress
10.40.10.31:1417 172.30.101.51:3091 N/A PT No Peer
10.42.17.101:1494 10.41.1.51:2132 N/A PT No Peer
10.40.10.197:8080 172.25.101.54:1739 00:23:7d:06:4e:7c PT Asymmetric
10.41.4.41:3772 10.40.15.139:5061 N/A PT In Progress
10.41.7.21:10050 10.40.15.87:57550 N/A PT No Peer
10.41.6.141:2816 10.40.10.31:1417 N/A PT In Progress
10.41.7.21:10050 10.40.15.87:57780 N/A PT No Peer
10.40.10.102:1026 172.25.101.42:1104 N/A PT In Progress
10.40.10.197:8080 172.30.101.101:3369 N/A PT No Peer
192.168.207.15:44718 172.25.101.151:1215 00:23:7d:06:4e:7c PT Asymmetric
10.41.80.21:10050 10.40.15.87:53311 N/A PT No Peer
10.42.10.198:3922 10.41.80.21:139 N/A PT In Progress
192.168.206.15:44718 172.25.101.159:1187 00:23:7d:06:4e:7c PT Asymmetric
10.40.10.31:1417 10.41.1.143:1276 N/A PT In Progress
10.41.1.55:3872 10.40.10.197:8080 N/A PT No Peer
192.168.201.153:443 10.41.1.62:4085 N/A PT In Progress
10.42.10.197:3926 172.30.101.152:2967 N/A PT No Peer
10.41.1.145:2676 10.40.17.107:1494 N/A PT In Progress
172.30.101.114:2173 10.40.10.197:8080 N/A PT In Progress
172.25.101.54:1738 10.40.10.197:8080 00:23:7d:06:4e:7c PT Asymmetric
172.25.101.69:1413 192.168.207.16:44718 00:23:7d:06:4e:7c PT Asymmetric
172.25.101.21:10050 10.40.15.87:45429 00:23:7d:06:4e:7c PT Peer AOIM Sync in Pr
10.41.1.142:2785 10.40.25.25:8014 N/A PT No Peer
10.40.15.139:5061 10.41.6.150:1581 N/A PT In Progress
172.25.101.21:445 10.40.32.128:3640 00:23:7d:06:4e:7c PT Peer AOIM Sync in Pr
10.41.7.21:10050 10.40.15.87:60329 N/A PT No Peer
10.40.15.87:52288 172.30.101.152:10050 N/A PT No Peer
10.41.11.21:10050 10.40.15.87:47493 N/A PT No Peer
10.41.80.22:10050 10.40.15.87:50685 N/A PT No Peer
10.40.15.139:5061 172.25.101.168:1071 N/A PT In Progress
172.30.101.152:10050 10.40.15.87:52288 N/A PT No Peer
10.41.83.21:445 10.42.10.198:4049 N/A PT In Progress
10.41.80.143:1853 10.40.10.197:8080 N/A PT No Peer
10.40.15.87:51195 10.41.1.22:10050 N/A PT No Peer
10.41.6.21:10050 10.40.15.87:44478 N/A PT No Peer
10.41.6.21:10050 10.40.15.87:42675 N/A PT No Peer
192.168.207.15:44718 172.25.101.166:1531 00:23:7d:06:4e:7c PT Asymmetric
10.41.6.48:4330 10.40.10.31:1417 N/A PT In Progress
10.41.1.150:4569 10.40.10.31:1417 N/A PT In Progress
10.41.7.42:3974 10.40.15.139:5061 N/A PT In Progress
10.40.15.87:59337 10.41.6.22:10050 N/A PT No Peer
10.40.10.197:8080 10.41.80.143:1853 N/A PT No Peer
10.40.10.102:1026 10.41.6.48:4629 N/A PT In Progress
10.40.10.197:8080 172.25.101.46:1860 N/A PT In Progress
172.25.101.69:1412 192.168.206.16:44718 00:23:7d:06:4e:7c PT Asymmetric
10.41.6.22:10050 10.40.15.87:60815 N/A PT No Peer
10.41.4.44:2728 192.168.207.16:44718 N/A PT No Peer
10.40.10.197:8080 10.41.80.143:1862 N/A PT No Peer
192.168.206.15:44718 172.25.101.164:2829 00:23:7d:06:4e:7c PT Asymmetric
10.41.7.22:10050 10.40.15.87:38245 N/A PT No Peer
10.40.10.102:1026 172.25.101.21:3120 00:23:7d:06:4e:7c PT Asymmetric
10.42.10.198:4061 10.41.1.21:445 N/A PT In Progress
10.41.1.60:2750 10.40.10.31:1417 N/A PT In Progress
10.41.4.47:4733 10.40.17.107:1494 N/A PT No Peer
10.41.80.45:2646 10.41.22.32:139 N/A PT In Progress
192.168.201.153:443 10.41.1.42:3541 N/A PT In Progress
172.25.101.21:3004 10.40.10.102:1026 N/A PT In Progress
10.40.15.87:47815 172.30.101.151:10050 N/A PT No Peer
10.41.11.21:445 10.40.10.85:4913 N/A PT In Progress
172.30.101.101:3367 10.40.10.197:8080 N/A PT No Peer
10.40.15.87:47834 10.41.4.21:10050 N/A PT No Peer
10.40.10.85:1235 10.41.4.21:445 N/A PT No Peer
10.41.4.21:10050 10.40.15.87:49525 N/A PT No Peer
10.41.7.142:2988 10.40.10.197:8080 N/A PT No Peer
10.40.15.87:49725 10.41.11.22:10050 N/A PT No Peer
10.40.15.156:80 172.25.101.52:1188 00:23:7d:06:4e:7c PT Asymmetric
10.44.9.21:1025 172.25.101.21:2999 N/A PT In Progress
172.30.101.69:4074 10.42.10.197:8080 N/A PT No Peer
10.41.80.22:10050 10.40.15.87:52823 N/A PT No Peer
192.168.206.15:44718 10.41.4.142:3101 N/A PT No Peer
10.41.1.50:4540 10.42.17.101:1494 N/A PT No Peer
10.41.1.143:1276 10.40.10.31:1417 N/A PT In Progress
10.41.80.143:1867 10.41.22.35:139 N/A PT No Peer
10.40.15.87:48709 10.41.4.22:10050 N/A PT No Peer
10.40.15.87:52295 10.41.80.21:10050 N/A PT No Peer
10.41.80.22:10050 10.40.15.87:50424 N/A PT No Peer
10.40.10.31:1417 172.25.101.170:4801 N/A PT In Progress
10.40.10.31:1382 10.41.1.62:4072 N/A PT In Progress
172.25.101.42:2643 10.40.10.49:443 00:23:7d:06:4e:7c PT Asymmetric
10.41.6.21:10050 10.40.15.87:42827 N/A PT No Peer
10.41.1.42:3554 10.40.10.31:1382 N/A PT In Progress
10.41.1.42:3850 10.40.10.103:1026 N/A PT In Progress
10.40.32.128:3641 172.25.101.21:139 00:23:7d:06:4e:7c PT Peer AOIM Sync in Pr
10.40.15.87:46474 10.41.11.21:10050 N/A PT No Peer
10.40.10.31:1417 10.41.1.60:2750 N/A PT In Progress
10.41.22.35:139 10.41.80.143:1839 N/A PT No Peer
10.40.15.139:5061 10.41.7.42:3974 N/A PT In Progress
172.25.101.47:1569 10.40.10.197:8080 00:23:7d:06:4e:7c PT Asymmetric
10.41.4.41:1999 10.40.10.197:8080 N/A PT No Peer
10.40.10.85:4681 172.25.101.21:139 N/A PT In Progress
10.41.80.143:1852 10.40.10.197:8080 N/A PT No Peer
172.30.101.101:1451 10.40.15.139:5061 N/A PT In Progress
10.40.25.25:8014 10.41.1.142:2761 N/A PT In Progress
10.41.1.62:4072 10.40.10.31:1382 N/A PT In Progress
10.40.17.102:1494 10.41.4.49:1242 N/A PT In Progress
10.41.11.22:10050 10.40.15.87:49725 N/A PT No Peer
10.40.10.175:445 10.41.1.62:1757 N/A PT No Peer
10.41.80.21:10050 10.40.15.87:52295 N/A PT No Peer
172.25.101.22:139 10.42.10.27:65461 00:23:7d:06:4e:7c PT Peer AOIM Sync in Pr
10.40.10.31:1417 172.25.101.162:2647 00:23:7d:06:4e:7c PT Asymmetric
10.40.15.87:45074 172.25.101.21:10050 00:23:7d:06:4e:7c PT Peer AOIM Sync in Pr
172.25.101.163:1056 10.40.15.139:5061 N/A PT In Progress
10.41.1.21:445 10.40.10.85:1146 N/A PT No Peer
172.25.101.180:3908 10.40.25.25:8014 N/A PT In Progress
10.40.10.31:1417 172.30.101.116:1318 N/A PT In Progress
10.40.10.197:8080 172.25.101.156:3452 N/A PT In Progress
10.41.4.22:10050 10.40.15.87:48709 N/A PT No Peer
10.41.80.143:1861 10.40.10.197:8080 N/A PT No Peer
10.42.10.67:5242 10.41.1.52:4809 N/A PT In Progress
172.25.101.175:3951 10.40.17.102:1494 N/A PT In Progress
172.30.101.152:2967 10.42.10.197:3926 N/A PT No Peer
10.41.6.22:445 10.42.10.27:65451 N/A PT In Progress
172.30.101.116:1318 10.40.10.31:1417 N/A PT -
Hi team,
I am experiencing couple of issues with WAAS monitoring using NetQoS product. Here is what I have configured so far:
IP of the SuperAgent management console on the WAEs
enabled flow monitor on the WAEs
all WAEs appeared automatically under management console and connected to appropriate aggregator
opened icmp and 7878 port on the FW
The output of "show statistics flow monitor tcpstat-v1" command tells me:
for the Host connection (to management console)
connection state: Waiting to poll
connection failiures: never
for the Collector connection (to aggregator)
connection state: connected
connection failures: never
for the collection statisticsall zeros
I am interesting in unoptimized traffic stats on the superagent so I disabled all acceleration features (on the CM: Configure > Acceleration > Enabled Features > unchecked all).
So my questions are:
is "Waiting to poll" status for the Host connection OK ??
as I disabled all optimization features I see only passthrough traffic on the WAEs which is the way it should be. But will be this traffic sent to the aggregator (so far there are no collections from the aggregator)??
Many thanks!
Regards,
StanStan,
Unfortunately the Cisco WAE only exports optimized traffic through to the Aggregator. So you would need optimized data to get it to export. You would need a regular SuperAgent collector to see the unoptimized data through a SPAN/tap feed.
Other things to check on the WAE, once you optimize the traffic is to ensure that the host filters are the same as the WCCP redirect traffic that the WAE is seeing. You can see this data in a few places.
To address your first question, the "waiting to poll" is totally okay. The communication to the management console is asynchronous. So it's not continually updating.
If I can answer other questions let me know. I'm happy to help. -
Hi ,
I've problem with some waas device of my infrastructure .
the version i 4.4.1.
when I check the statistic I see that Optimization is null.
waasballdre1#show statistics conn
Current Active Optimized Flows: 0
Current Active Optimized TCP Plus Flows: 0
Current Active Optimized TCP Only Flows: 0
Current Active Optimized TCP Preposition Flows: 0
Current Active Auto-Discovery Flows: 4
Current Reserved Flows: 10
Current Active Pass-Through Flows: 26
Historical Flows: 85
O-ST: Origin State, T-ST: Terminal State
E: Established, S: Syn, A: Ack, F: Fin, R: Reset
s: sent, r: received, O: Options, P: Passthrough
Local IP:Port Remote IP:Port Peer ID O-ST T-ST ConnType
10.2.144.11:80 10.20.21.42:4256 N/A Sr Sso EXTERNAL CLIENT
10.2.144.12:80 10.20.21.42:4261 N/A Sr Sso EXTERNAL CLIENT
10.2.144.11:80 10.20.21.42:2343 N/A Sr Sso EXTERNAL CLIENT
10.2.144.12:80 10.20.21.42:2347 N/A Sr Sso EXTERNAL CLIENT
Local IP:Port Remote IP:Port Peer ID ConnType
150.217.21.17:1137 10.1.144.73:4637 N/A PT In Progress
10.9.144.44:50352 10.9.21.42:2000 N/A PT In Progress
150.217.21.17:1137 10.1.144.78:1548 N/A PT In Progress
150.217.21.17:1137 10.1.144.88:3140 N/A PT In Progress
192.86.102.121:80 10.1.144.86:3620 N/A PT No Peer
150.217.21.17:1137 10.1.144.83:4067 N/A PT In Progress
10.9.21.42:2000 10.9.144.32:15133 N/A PT In Progress
10.1.144.86:3620 192.86.102.121:80 N/A PT No Peer
I have controlled the application policy and now is identical to other device that it good work .
what can I do?
thanks.
RobertoHi Ahmad,
in the step 1 is ok and I've post the output:
al-balldre#sh ip wccp 61 detail
WCCP Client information:
WCCP Client ID: 10.5.144.33
Protocol Version: 2.0
State: Usable
Initial Hash Info: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
Assigned Hash Info: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
Hash Allotment: 256 (100.00%)
Packets s/w Redirected: 392369
Connect Time: 03:30:42
Bypassed Packets
Process: 0
Fast: 0
CEF: 0
al-balldre#sh ip wccp 62 detail
WCCP Client information:
WCCP Client ID: 10.5.144.33
Protocol Version: 2.0
State: Usable
Initial Hash Info: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
Assigned Hash Info: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
Hash Allotment: 256 (100.00%)
Packets s/w Redirected: 459781
Connect Time: 03:30:47
Bypassed Packets
Process: 0
Fast: 0
CEF: 0
al-balldre#
and in the interface is all configuired with any site (I've check).
THE TEST
waasballdre1#sh statistics connection | in 10.1.144.243
10.1.144.243:2472 10.1.21.41:445 N/A PT No Peer
yes I'm using wccp gre
waasballdre1#sh wccp gre
Transparent GRE packets received: 1324923
Transparent non-GRE packets received: 0
Transparent non-GRE non-WCCP packets received: 0
Total packets accepted: 896070
Invalid packets received: 19
Packets received with invalid service: 0
Packets received on a disabled service: 0
Packets received too small: 0
Packets dropped due to zero TTL: 0
Packets dropped due to bad buckets: 0
Packets dropped due to no redirect address: 0
Packets dropped due to loopback redirect: 0
Pass-through pkts on non-owned bucket: 0
Connections bypassed due to load: 0
Packets sent back to router: 0
GRE packets sent to router (not bypass): 0
Packets sent to another WAE: 0
GRE fragments redirected: 0
GRE encapsulated fragments received: 2840
Packets failed encapsulated reassembly: 0
Packets failed GRE encapsulation: 0
Packets dropped due to invalid fwd method: 0
Packets dropped due to insufficient memory: 0
Packets bypassed, no pending connection: 0
Connections bypassed during wccp shutdown: 0
Connections bypassed due to bypass-list lookup:0
Conditionally Accepted connections: 0
Conditionally Bypassed connections: 0
L2 Bypass packets destined for loopback: 0
Packets w/WCCP GRE received too small: 0
Packets dropped due to received on loopback: 2
Packets dropped due to IP access-list deny: 0
Packets fragmented for bypass: 0
Packets fragmented for egress: 0
Packet pullups needed: 0
Packets dropped due to no route found: 0
waasballdre1#
waasballdre1#show egress-methods
Intercept method : WCCP
WCCP negotiated return method : WCCP GRE
Egress Method Egress Method
Destination Configured Used
any IP Forwarding IP Forwarding
Intercept method : Generic L2
Egress Method Egress Method
Destination Configured Used
any not configurable IP Forwarding
waasballdre1#
----------part of configuration of my waas
sh run:
wccp router-list 1 10.5.144.1
wccp tcp-promiscuous service-pair 61 62 failure-detection 30
wccp tcp-promiscuous service-pair 61 62 router-list-num 1
wccp version 2
nota : I've copy one file in the PC of the Balldre from my server in the center site . when the copy is finished , I've paste again and the time for the copy is the same.
The waas does not cache.
thanks.
R -
Cisco WAAS-Global policy for VMware Vsphere and/or 3par replication
So, this is somewhat annoying that VMware Site Recovery Manager 5.0 does not seem to get much replication acceleration, mostly it is just Pass Through. I have read a couple of Cisco marketing powerpoints that say WAAS will accelerate VMware. But there are no Policies to that effect or configuration assistance. So, vmware has a hundred or so connections in passthrough, all using port 44046, this web site here:
http://kb.vmware.com/selfservice/microsites/search.do?cmd=displayKC&externalId=1009562
Shows that this is the port used for Ongoing replication, and port 31031 is used for the initial replication. So, I have two 674-8gb with inline cards. One in main office, one at DR office, both running 5.0.1. The Lan ports on each side point to the LAN and the WAN interfaces on each end point to each other. I have a layer 2 - 90Mbps link between the two locations, so "show cdp neighbor" shows the WAN interface connected.
My question is, is there a policy I should create for this data to be accelerated and stop being "PT Asymmetric"?
Second question, very similar to the first, 3par replication. Same as above, but 3par uses port 5785 and the traffic shows up as "PT In Progress", there are only 6 or so connections in this state, but all are on this port 5785.
If I pull up the pretty graphs on the CM for this device, it shows a well distributed graph, but if I click the check box for "include Pass-Through" it turns all blue and says 100% of traffic is "other-traffic" Since 99% of what goes between these two WAAS devices is VMware site recovery manager 5.0 and 3par replication, I would really like to find a fix for this.ANSWER ******* SOLUTION ******* ANSWER
I created 2 - Optimization Policy Rules for "WAAS-GLOBAL"
par3-rcopy, destination ports - 5785, 3491-3492, Application - Replication, TFO with DRE Adaptive and LZ
VMware-Replication, destination ports - 44046, 31031, Application - Replication, TFO with DRE Adaptive and LZ
Then I rebooted both WAAS devices and shut off the link for 20 minutes. When I brought the link back online. 100% of data was accelerated, and 99% of the data was classified as "Replication" data. I now get between 60% and 90% acceleration on this "Replication" traffic. The final 1% is other data, remote desktop, ssl, citrix, sql, web...
Lessons learned: The 3par and VMware keep TCP connections open forever, and once the traffic in that session is classified as something, "other traffic" or "Pass Through" it does not change until you reset the connection. So, if you make any changes, you have to shutdown the link, and clear all TCP connections from the WAAS devices, then it will go to a different optimization rule.
Final thoughts: I am not completely sure that the Optimization policy rule "TFO with DRE Adaptive and LZ" is the BEST possible rule to use for this traffic. If anyone has a better configuration for this traffic, I would really appreciate your input. -
Hello All,
I have the scenario below and the comunication between the Routers and Core Switchs are in a load share way witch means that we will have asymmetry on the WAAS below. How can we avoid it ? is there any specific configuration or feature to enable to avoid Asymmetry ? We must keep the inline design as the Routers and Core Switchs are HPN devices and do not support WCCP.
NOTE: Riverbed side we have "Connection Forward" feature to avoid asymmetry.Hi,
What i understand from "connection forward" feature of riverbed is that it will switch to passthrough mode for assymetric connections (without this feature such connection will be droped). Please correct me if i am wrong.
comparing to cisco WAAS, which work on different mechanism of WAE discovery (TCP options), asymetric routing will result in no optimization (as end WAE's not able to see each other), but there will be no connection drop.
Now in your setup i see asymetric flow for corporate MPLS. Can;t we modifying routing (only for LAN and still use both WAN) to make a single path (switch--WAE--routerA) preferable. -
A problem with RDP when WAEs was connected to the network
The customer has a problem with RDP sessions on one Microsoft cluster server. The problem started when the WAEs (management and acceleration WAEs) are connected to a network (where a cluster is connected). Did anybody have the similar problem? The sessions are connected, but after some different times these sessions are frozen. This problem is only with this Microsoft cluster, the RDP on other servers are good. The WAAS is 4.0.17b14.
Hi,
I have the same problem as I write. RDP seems to get slower when I connect the WAEs and the login timesout before the user can type the username and password.
I have ensured that "EPM Classification" is disbled.
Check and see if Term-services are well configured on the TS server side. Maybe some config is conflicting with WAAS TS optimization.
What happens when you set TS to passthrough?
Also try this for your case;
" HOW-TO: Configuring RDP and Terminal Services for Full WAAS Optimization
Microsoft RDP and Terminal Services are, by default, compressed and encrypted. As such, the default Cisco WAAS policy for these applications is to apply TCP optimizations only. RDP and Terminal Services can be configured to allow Cisco WAAS to provide full optimization (DRE, LZ, TFO) which is a 2X-10X improvement over native WAN and 2X-3X improvement over the compression provided by Microsoft.
Configuring Microsoft RDP and Terminal Services to support Cisco WAAS full optimization requires a change to the client and a change to the server.
On the client, disable compression by editing the .RDP file for the connection using Notepad or a similar text editor. Identify a line in the file that shows "compression:i:1". Modify this line to say "compression:i:0". This disables compression for the RDP/TS connection.
On the server, open the Terminal Services Configuration found under Start > Programs > Administrative Tools. From here, expand Terminal Services Configuration to Connections. Double-click the "RDP-Tcp" entry found in the workspace. Change the encryption level to "Low", which specifies that only login will be encrypted. Then, click "Ok" and close Terminal Services Configuration.
Then, modify the Cisco WAAS policy on the configured device group (or explicitly on each of the WAEs) called "MS-Terminal-Services". Set this policy to "Optimize Full". "
Anyone out there with a clue why RDP gets disconnected? -
Is KVM VGA Passthrough Possible on Macbook Pro Mid 2014?
I've been using Arch on and off for a couple years on different hardware, and this time I'm trying to get it to work semi-flawlessly on my mid 2014 Macbook Pro. My Linux skills are meager, so I need some help understanding if VGA passthrough is possible on this machine, and if it is, how to set it up. I have hope that it might work after reading this blog and the Arch forums. An outline of my current setup follows. I will also document progress and research for anyone who might want to try this in the future.
Here are the specifications for this machine:
Processor: 2.5 GHz Intel Core i7
Memory: 16 GB 1600 MHz DDR3
Graphics: Intel Iris Pro 1536 MB, Nvidia GT 750M 2 GB
I have successfully dual-booted Mac OS X Yosemite and Arch with EFI on a btrfs partition using this blog and the wiki as starting points. Somlo's research also helped. All the basic functionality works (networking, WiFi, etc.), and I am able to boot the physical Arch partition as a Virtualbox VM with the help of the wiki. However, I'm having trouble with getting the integrated Intel graphics to work. The following command:
lspci | grep VGA
prints the Nvidia card specifications, and nothing about the Intel graphics.
Reading this blog, it looks like someone had to apply a "grub gmux" patch to grub to disable the Nvidia card at boot. I feel uncomfortable installing anything other than the official Arch packages, so I have to know if installing a patched grub is still necessary, and if installing it would still allow me to use VGA passthrough in KVM.
My ambitious to-do list looks like this:
1. Dual-boot Mac OS X and Arch with btrfs. -done
2. Setup the physical Arch partition to boot in Virtualbox. -done
3. Get Intel graphics to work on Arch ideally with OpenGL support. -done
4. Get Enlightenment working as the desktop environment on Arch. -done
5. Get Qemu+KVM to boot off the physical Mac OS X partition. -tbd
6. Enable VGA passthrough for Mac OS X from Qemu+KVM. -tbd
7. Install Windows as a VM in Qemu+KVM. -tbd
8. Enable VGA passthrough for Windows from Qemu+KVM. -tbd
9. Work and do research on Mac OS X from Arch, play hardcore 3D games on WIndows from Arch, play around with Arch, and live happily ever after. -tbd
Can anyone help me with this? Thanks in advance for any hints/input.
Edit:
The Ubuntu forums has something about getting the two graphics cards to be recognised by using `refind` instead of `grub`. I was able to set up `refind` to boot using the `efi-stub`, but:
$ lspci
00:00.0 Host bridge: Intel Corporation Crystal Well DRAM Controller (rev 08)
00:01.0 PCI bridge: Intel Corporation Crystal Well PCI Express x16 Controller (rev 08)
00:01.1 PCI bridge: Intel Corporation Crystal Well PCI Express x8 Controller (rev 08)
00:14.0 USB controller: Intel Corporation 8 Series/C220 Series Chipset Family USB xHCI (rev 05)
00:16.0 Communication controller: Intel Corporation 8 Series/C220 Series Chipset Family MEI Controller #1 (rev 04)
00:1b.0 Audio device: Intel Corporation 8 Series/C220 Series Chipset High Definition Audio Controller (rev 05)
00:1c.0 PCI bridge: Intel Corporation 8 Series/C220 Series Chipset Family PCI Express Root Port #1 (rev d5)
00:1c.2 PCI bridge: Intel Corporation 8 Series/C220 Series Chipset Family PCI Express Root Port #3 (rev d5)
00:1c.3 PCI bridge: Intel Corporation 8 Series/C220 Series Chipset Family PCI Express Root Port #4 (rev d5)
00:1c.4 PCI bridge: Intel Corporation 8 Series/C220 Series Chipset Family PCI Express Root Port #5 (rev d5)
00:1f.0 ISA bridge: Intel Corporation HM87 Express LPC Controller (rev 05)
00:1f.3 SMBus: Intel Corporation 8 Series/C220 Series Chipset Family SMBus Controller (rev 05)
01:00.0 VGA compatible controller: NVIDIA Corporation GK107M [GeForce GT 750M Mac Edition] (rev a1)
01:00.1 Audio device: NVIDIA Corporation GK107 HDMI Audio Controller (rev a1)
03:00.0 Network controller: Broadcom Corporation BCM4360 802.11ac Wireless Network Adapter (rev 03)
04:00.0 Multimedia controller: Broadcom Corporation 720p FaceTime HD Camera
05:00.0 SATA controller: Samsung Electronics Co Ltd Apple PCIe SSD (rev 01)
06:00.0 PCI bridge: Intel Corporation Device 156d
07:00.0 PCI bridge: Intel Corporation Device 156d
07:03.0 PCI bridge: Intel Corporation Device 156d
07:04.0 PCI bridge: Intel Corporation Device 156d
07:05.0 PCI bridge: Intel Corporation Device 156d
07:06.0 PCI bridge: Intel Corporation Device 156d
08:00.0 System peripheral: Intel Corporation Device 156c
still only shows the Nvidia card. The boot options suggested by this blog did not change anything. However, this very helpful discussion led me to this on-going project. I patched the kernel according the instructions in the said project's `readme`, and Arch is now able to see the two graphics cards and an extra Intel audio controller.
$ lspci
00:02.0 VGA compatible controller: Intel Corporation Crystal Well Integrated Graphics Controller (rev 08)[/bold]
00:03.0 Audio device: Intel Corporation Crystal Well HD Audio Controller (rev 08)
01:00.0 VGA compatible controller: NVIDIA Corporation GK107M [GeForce GT 750M Mac Edition] (rev a1)
Also, I was able to fire up Enlightenment using the Intel graphics card and `0xbb`'s `gpu-switch` script. After using some post-installation tips from this, the computer started getting hot. I followed this thread to get it back to normal.
Edit:
So I finally got some time to experiment on this. I ended up installing Gnome 3 after trying out Enlightenment, KDE Plasma 5, and Cinnamon. I thought Gnome 3 and Cinnamon had the best Hi-DPI support of those four. Cinnamon's look was too much trouble for me to configure, so I ended up choosing Gnome 3.
To achieve the graphics card passthrough, I tried setting up and starting a VM in `virt-manager`, but starting the VM would cause Arch to freeze. Finally, I tried following the instructions on the wiki, this thread, and the Arch forums. I haven't yet tried booting the Windows installer, but the following are the steps I took so far:
1. Uninstall all `nvidia` drivers from my system.
2. Blacklist the `nouveau` driver.
3. Add `pci-stub` to the modules array in `mkinitcpio.conf`.
4. Recreate the `initramfs`.
5. Add `intel_iommu=on pci-stub.ids=10de:0fe9,10de:0e1b,8086:156c` to the `refind.conf` `options` line.
- These three IDs are ones for the Nvidia graphics, Nvidia sound, and the "Intel Corporation Device" (probably the HDMI port, or something related to the
ethernet card), which belong to the same "IOMMU group". What was curious was that a Gigabit ethernet controller would appear in the IOMMU group iff I had
an ethernet cable connected to my thunderbolt port. I don't know if I have to add the ID for this, but so far there are no complaints about it in `dmesg`.
6. Install `ovmf-svn` from the AUR.
6. Follow the "Binding a device to vfio-pci" section documented at https://bbs.archlinux.org/viewtopic.php?id=162768.
7. Follow the "Testing if its working out" section documented at https://bbs.archlinux.org/viewtopic.php?id=162768.
So far, the test at step 7 is failing -- I get a `vfio-pci 0000:01:00.0: Invalid ROM contents` complaint in `dmesg`, and I see a prompt in the `qemu` window. I'm supposed to be getting a black `qemu` window, and a prompt on an external monitor which I haven't connected yet. I read the comments on this blog about graphics card ROM and EFI compatibility, and it looks like my graphics card ROM can't be read. I also read that the graphics card ROM would only be read once by qemu/KVM and saved as a file for later use, so all I need to do to get around that is pass a snapshot of the ROM of the Nvidia GT 750M card to qemu/KVM. Apparently, "You can download the 750m rom files directly from Lenovo's website on the support page" according to this thread, but all I see is this. I will continue hunting around for a ROM file for this graphics card.
Last edited by rb3 (2015-06-05 02:01:20)It`s not beacuse of the case. I have the same problem with a macbook pro retina 15 late 2013 (I7 - 2.3 Ghz, 16 GB, 512 SSD, GT750M) with windows 8.1 on bootcamp. The temperature is higher than yosemite. It gets easily at 80 celsius in a demanding game, while on yosemite it barely reaches 55-60 under heavy load. It`s beacuse of windows, and these are the temperatures, I got the same average 55-60 in windows and 45 celsius in yosemite. I read on the forums and I tried evend with a cooler pad. But it doesn`t seem to be any improvement with lowering the temperature in windows.
-
Problem with VPN Client passthrough on ASA 5505
I am having a problem with passing through a VPN client connection on an ASA 5505. The ASA is running version 8 and terminates an anyconnect VPN. The ASA is using PAT. When the inside user connects with the VPN client, it connects but no traffic passes through the tunnel. I see the error
305006 regular translation creation failed for protocol 50 src INSIDE:y.y.y.y dst OUTSIDE:x.x.x.x
UDP 500,4500 and ESP are allowed into the ASA. Ipsec inspection has also been setup on a global policy, but the user still cannot pass traffice to the remote VPN he is connected through.
At the Main Office we have an ASA 5510 that terminates a site to site VPN, allows remote connections with PAT and allows passthrough no problems. Any ideas?I am having a simuliar issue with my ASA 5505 that I have set up. I am trying to VPN into the Office. I have no problem accessing the Office network when I am on the internet without the ASA 5505. After I installed the 5505, and there is internet access, I try to connect to the Office network without success. The VPN connects with the following error.
3 Dec 31 2007 05:30:00 305006 xxx.xx.114.97
regular translation creation failed for protocol 50 src inside:192.168.1.9 dst outside:xxx.xx.114.97
HELP? -
KVM VGA-Passthrough using the new vfio-vga support in kernel = 3.9
This is intented for people who wish to pass-through a GPU to a virtual machine using the KVM hypervisor, QEMU and vfio-pci
NOTE: AMD RADEON 5xxx, 6xxx, 7xxx, 2xx and NVIDIA GEFORCE 7, 8, 4xx, 5xx, 6xx, 7xx 9xx have been reported working with this, passing though an intel IGD is not supported YET
NOTE: THIS IS EXPERIMENTAL SO IT MIGHT NOT WORK ON YOUR SYSTEM
This is the result on my radeon 6950:
This is the result on my geforce 470 gtx:
Recommended reads
Alex Williamson's blog and FAQ for detailed technical information
OVMF whitepaper.
GPU passthrough database by noctavian
At this moment there are two ways to achieve this using KVM: legacy VGA via Seabios or non-VGA (UEFI) via OVMF
The main practical advantage of using OVMF is that on intel systems you no longer need the i915 VGA arbiter patch which also disables DRI on the host
Requirements
AMD-VI/VT-D enabled and working (On intel systems both your MB and you CPU must support it, to find out if you CPU has VT-D support go here: http://ark.intel.com/, you also need to boot with intel_iommu=on to enable it)
At least 2 GPU's, one primary boot device and the card you wish to pass-through
Qemu=>2.0
Aditional kernel patches might be required if you're using an Intel CPU: ACS override patch and i915 VGA arbiter patch, you can find a kernel package with these patches included on AUR: linux-vfio
Aditional requirements for OVMF:
An UEFI compatible GPU (Most modern gpus support this, SEE: Does my graphics card ROM support EFI?
An UEFI compatible GUEST (ex: Windows 7 and up)
OVMF: Gerd Hoffmann's rpms or OVMF-svn from AUR
If you're building your kernel manually this option is required:
CONFIG_VFIO_PCI_VGA=y
Preparing your System
On intel system the i915 VGA arbiter patch is required if:
You're using the IGD on your host
You're doing VGA assignment
NOTE: Enabling this will disable DRI!
If you wish to avoid this, then then you should try OVMF
To enable it add this kernel parameter to your bootloader:
i915.enable_hd_vgaarb=1
Next, we need to prepare the GPU for vfio:
Blacklist radeon or nouveau or nvidia or fglrx on /etc/modprobe.d/blacklist.conf
Example, blacklisting the opensource radeon module:
echo "blacklist radeon" >> /etc/modprobe.d/blacklist.conf
Use pci-stub
In my case since i have 2 radeon cards blacklisting the radeon module is not an option, so i use pci-stub
NOTE: If pci-stub was built as a module, you'll need to modify /etc/mkinitcpio.conf and add pci-stub in the MODULES section, after that you need to update your initramfs like this
mkinitcpio -p linux-mainline
lspci
07:00.0 VGA compatible controller: Advanced Micro Devices, Inc. [AMD/ATI] Cayman PRO [Radeon HD 6950] <-- radeon 6950
07:00.1 Audio device: Advanced Micro Devices, Inc. [AMD/ATI] Cayman/Antilles HDMI Audio [Radeon HD 6900 Series] <-- radeon 6950 audio
lspci -n
07:00.0 0300: 1002:6719 <-- radeon 6950
07:00.1 0403: 1002:aa80 <-- radeon 6950 audio
Now add this kernel parameter to your bootloader:
pci-stub.ids=1002:6719,1002:aa80
dmesg | grep pci-stub
[ 2.096151] pci-stub: add 1002:6719 sub=FFFFFFFF:FFFFFFFF cls=00000000/00000000
[ 2.096160] pci-stub 0000:07:00.0: claimed by stub
[ 2.096165] pci-stub: add 1002:AA80 sub=FFFFFFFF:FFFFFFFF cls=00000000/00000000
[ 2.096174] pci-stub 0000:07:00.1: claimed by stub
[ 2.096178] pci-stub: add 1B21:1042 sub=FFFFFFFF:FFFFFFFF cls=00000000/00000000
Setting up vfio and kvm modules
This is only required if you get this message:
vfio_iommu_type1_attach_group: No interrupt remapping support. Use the module param "allow_unsafe_interrupts" to enable VFIO IOMMU support on this platform
If your board doesn't enable interrupt remapping, you need to add this to your bootloader:
vfio_iommu_type1.allow_unsafe_interrupts=1
Or if vfio-pci was built as a module ( default on arch )
echo "options vfio_iommu_type1 allow_unsafe_interrupts=1" > /etc/modprobe.d/vfio_iommu_type1.conf
Some applications like Passmark Performance Test and SiSoftware Sandra crash the VM without this:
echo "options kvm ignore_msrs=1" >> /etc/modprobe.d/kvm.conf
Binding a device to vfio-pci
We'll use this script to make life easier:
#!/bin/bash
modprobe vfio-pci
for dev in "$@"; do
vendor=$(cat /sys/bus/pci/devices/$dev/vendor)
device=$(cat /sys/bus/pci/devices/$dev/device)
if [ -e /sys/bus/pci/devices/$dev/driver ]; then
echo $dev > /sys/bus/pci/devices/$dev/driver/unbind
fi
echo $vendor $device > /sys/bus/pci/drivers/vfio-pci/new_id
done
Save it as /usr/bin/vfio-bind
chmod 755 /usr/bin/vfio-bind
Bind the GPU and GPU audio:
vfio-bind 0000:07:00.0 0000:07:00.1
Systemd service:
[Unit]
Description=Binds devices to vfio-pci
After=syslog.target
[Service]
EnvironmentFile=-/etc/vfio-pci.cfg
Type=oneshot
RemainAfterExit=yes
ExecStart=-/usr/bin/vfio-bind $DEVICES
[Install]
WantedBy=multi-user.target
cat /etc/vfio-pci.cfg
DEVICES="0000:00:11.0 0000:04:00.0 0000:05:00.0 0000:06:00.0 0000:07:00.0 000:07:00.1"
Testing if its working out
Seabios:
qemu-system-x86_64 -enable-kvm -m 1024 -cpu host,kvm=off \
-smp 4,sockets=1,cores=4,threads=1 \
-device vfio-pci,host=07:00.0,x-vga=on -device vfio-pci,host=07:00.1 \
-vga none
OVMF:
qemu-system-x86_64 -enable-kvm -m 1024 -cpu host,kvm=off \
-smp 4,sockets=1,cores=4,threads=1 \
-drive if=pflash,format=raw,readonly,file=/usr/share/ovmf/x64/ovmf_code_x64.bin \
-drive if=pflash,format=raw,file=/usr/share/ovmf/x64/ovmf_vars_x64.bin \
-device vfio-pci,host=07:00.0 -device vfio-pci,host=07:00.1 \
-vga none
Note:
kvm=off will hide the kvm hypervisor signature, this is required for NVIDIA cards, since its driver will refuse to work on an hypervisor and result in Code 43 on windows (unless you're using a QUADRO)
x-vga=on is required for vga assignment
-vga none disables the default vga device on QEMU, it is also required for vga assignment
You should see a black qemu window on your main display, and seabios/ovmf ouput on your monitor from your passthru'd card saying it cant find anything to boot
If you're using an intel cpu and nothing happens try this:
modprobe -r kvm_intel
modprobe kvm_intel emulate_invalid_guest_state=0
NOTE: There might be some problems using nvidia/fglrx/nouveau drivers on the host gpu, see the ISSUES section below on how to solve this
At this point you're ready to create your vm, you could use libvirt + virt-manager to create your vm using a nice graphical interface, there are
also some interesting examples in this thread, otherwise if you prefer to use the command line continue reading
DISK:
Creating a disk image:
Create a 30Gb raw image:
dd if=/dev/zero of=windows.img bs=1M seek=30000 count=0
Using a VIRTIO controller:
We create our virtio controller for qemu:
-device virtio-scsi-pci,id=scsi
Attaching our hdd:
-drive file=/home/nbhs/windows.img,id=disk,format=raw,if=none -device scsi-hd,drive=disk
Attaching a cdrom:
-drive file=/home/nbhs/windows.iso,id=isocd,if=none -device scsi-cd,drive=isocd
To install windows, you'll need to download the virtio drivers iso from here
Attaching the virtio iso:
-drive file=/home/nbhs/virtio.iso,id=virtiocd,if=none -device ide-cd,bus=ide.1,drive=virtiocd
Windows will complain it cant find a disk to install to, just click browse, find the folder for your os/arch, select "RED HAT VirtIO pass-through controller" then click next.
For more info check out the Archlinux wiki's QEMU section
Using a physical disk or partition:
-drive file=/dev/sdb,id=disk,format=raw,if=none -device scsi-hd,drive=disk
You might need to change the bus depending on the controller you use
If you wish to use a physical partition and be able to read its contents later on, you can follow these guides:
http://fds-team.de/cms/articles/2013-12 … yer-u.html
https://wiki.archlinux.org/index.php/QE … disk_image
Passing a sata disk controller to qemu:
If you dual boot like me you can pass an entire sata controller (in ahci mode) and all the drives attached, and seabios will boot from them.
lspci
00:11.0 SATA controller: Advanced Micro Devices [AMD] nee ATI SB7x0/SB8x0/SB9x0 SATA Controller [AHCI mode] (rev 40)
Make sure all volumes are unmounted, then bind the controller to vfio:
vfio-bind 0000:00:11.0
Now we pass the controller to the vm:
-device vfio-pci,host=00:11.0
USB:
Its also possible to passthrough a usb controller, in my case an ASMEDIA USB3 Controller:
lspci
04:00.0 USB controller: ASMedia Technology Inc. ASM1042 SuperSpeed USB Host Controller
05:00.0 USB controller: ASMedia Technology Inc. ASM1042 SuperSpeed USB Host Controller
06:00.0 USB controller: ASMedia Technology Inc. ASM1042 SuperSpeed USB Host Controller
Bind them to vfio:
vfio-bind 0000:04:00.0 0000:05:00.0 0000:06:00.0
Pass them to the vm:
-device vfio-pci,host=04:00.0 \
-device vfio-pci,host=05:00.0 \
-device vfio-pci,host=06:00.0
Or a specific device:
lsusb
Bus 004 Device 010: ID 045e:00e1 Microsoft Corp. Wireless Laser Mouse 6000 Reciever <-- mouse
Bus 004 Device 011: ID 045e:074b Microsoft Corp. <-- keyboard
We pass them to the vm:
-usb -usbdevice host:045e:00e1 -usbdevice host:045e:074b
NETWORK:
Please see https://wiki.archlinux.org/index.php/QEMU#Networking
AUDIO EMULATION:
To hear the sound from the vm on your host speakers you'll need to add this lines:
-soundhw hda
You might need to start qemu like this:
QEMU_PA_SAMPLES=128 QEMU_AUDIO_DRV=pa qemu-system-x86_64...
alsa:
QEMU_ALSA_DAC_BUFFER_SIZE=512 QEMU_ALSA_DAC_PERIOD_SIZE=170 QEMU_AUDIO_DRV=alsa qemu-system-x86_64...
Note: these are the settings i found that work great on my system, if you get crackling/skipping audio you might want to try different settings
To see the available drivers and audio options:
qemu-system-x86_64 -audio-help
LOADING YOUR CARD ROM FROM A DUMP/FILE:
modify this line:
-device vfio-pci,host=07:00.0,...... \
change it to this:
-device vfio-pci,host=07:00.0,......,romfile=/path/to/your/gpu/bios.bin \
ISSUES:
Using the latest NVIDIA drivers on the guest will result in code 43, but there's a workarround
Using the latest NVIDIA drivers on the guest using hv enlightenments will result in code 43, see: https://forums.geforce.com/default/topi … 8/#4314318
Using AMD proprieraty drivers on the host, see: https://bbs.archlinux.org/viewtopic.php … 2#p1273412 the only solution atm is using the opensource radeon driver
PERFORMANCE IMPROVEMENTS:
SEE: https://bbs.archlinux.org/viewtopic.php … 1#p1270311
Pin vcpu to pcpu, see http://www.linux-kvm.com/content/tip-ru … cific-cpus
Use cgroups, specifically cpuset, see https://access.redhat.com/site/document … puset.html
Use Hugepages, see http://pic.dhe.ibm.com/infocenter/lnxin … ttunhp.htm
Use Hyper-V enlightenments, see: http://blog.wikichoon.com/2014/07/enabl … h-kvm.html
Last edited by nbhs (2015-04-05 20:01:18)nbhs wrote:
apoapo wrote:
I finally got some progress.
After trying mainline kernel and with vbios, I went to bios/uefi and turned the Primary VGA card from onboard to pci-express ...
Now I see the seabios in passthroughed screen, but with blinking cursor in it, so i will try some things .
NIce! have you tried running windows with it yet? does it work if you dont load the rom file by hand?
Hi,
I tried it again and I captured this error message if I use the PCI-e card es Primary Card:
qemu-system-x86_64: -device vfio-pci,host=01:00.0,bus=root.1,addr=00.0,multifunction=on,x-vga=on: VFIO 0000:01:00.0 BAR 0 mmap unsupported. Performance may be slow
This was, when I got some seabios picture.
After some reboots I wanted to try it again, I was spammed with errors . Dont have them to show you now... will look for it.
Now I'm With the onboard as primary Card and I found this in dmesg:
[ 0.401391] DMAR: No ATSR found
[ 0.401412] IOMMU 0 0xfed90000: using Queued invalidation
[ 0.401413] IOMMU 1 0xfed91000: using Queued invalidation
[ 0.401415] IOMMU: Setting RMRR:
[ 0.401422] IOMMU: Setting identity map for device 0000:00:02.0 [0xbf800000 - 0xcf9fffff]
[ 0.402590] IOMMU: Setting identity map for device 0000:00:1d.0 [0xbd568000 - 0xbd59afff]
[ 0.402606] IOMMU: Setting identity map for device 0000:00:1a.0 [0xbd568000 - 0xbd59afff]
[ 0.402619] IOMMU: Setting identity map for device 0000:00:14.0 [0xbd568000 - 0xbd59afff]
[ 0.402628] IOMMU: Prepare 0-16MiB unity mapping for LPC
[ 0.402635] IOMMU: Setting identity map for device 0000:00:1f.0 [0x0 - 0xffffff]
[ 0.402717] PCI-DMA: Intel(R) Virtualization Technology for Directed I/O
[ 0.402782] ------------[ cut here ]------------
[ 0.402786] WARNING: at drivers/pci/search.c:46 pci_find_upstream_pcie_bridge+0x83/0x90()
[ 0.402787] Hardware name: To Be Filled By O.E.M.
[ 0.402788] Modules linked in:
[ 0.402790] Pid: 1, comm: swapper/0 Not tainted 3.9.2-1-mainline #1
[ 0.402791] Call Trace:
[ 0.402796] [<ffffffff81058090>] warn_slowpath_common+0x70/0xa0
[ 0.402797] [<ffffffff8105817a>] warn_slowpath_null+0x1a/0x20
[ 0.402799] [<ffffffff8129ea43>] pci_find_upstream_pcie_bridge+0x83/0x90
[ 0.402802] [<ffffffff813b3c7b>] intel_iommu_add_device+0x4b/0x1f0
[ 0.402805] [<ffffffff813ab630>] ? bus_set_iommu+0x50/0x50
[ 0.402806] [<ffffffff813ab65a>] add_iommu_group+0x2a/0x50
[ 0.402809] [<ffffffff8135bf63>] bus_for_each_dev+0x63/0xa0
[ 0.402811] [<ffffffff813ab622>] bus_set_iommu+0x42/0x50
[ 0.402814] [<ffffffff819130b6>] intel_iommu_init+0xa83/0xb7b
[ 0.402816] [<ffffffff818dd10b>] ? memblock_find_dma_reserve+0x124/0x124
[ 0.402818] [<ffffffff818dd11d>] pci_iommu_init+0x12/0x3c
[ 0.402820] [<ffffffff8100210a>] do_one_initcall+0x10a/0x160
[ 0.402823] [<ffffffff818d5037>] kernel_init_freeable+0x15b/0x1dc
[ 0.402824] [<ffffffff818d4881>] ? do_early_param+0x88/0x88
[ 0.402827] [<ffffffff814b55f0>] ? rest_init+0x90/0x90
[ 0.402828] [<ffffffff814b55fe>] kernel_init+0xe/0x190
[ 0.402830] [<ffffffff814dad6c>] ret_from_fork+0x7c/0xb0
[ 0.402832] [<ffffffff814b55f0>] ? rest_init+0x90/0x9
Maybe you are looking for
-
Error while creating stages & Generating a version for MSMP Workflow
Hello Everyone, I am facing the below error while trying to create stages pertaining to the Z_PATH_2 defined by me. I have entered the path ID and description , then pressed enter. Thereafter, I am clicking on the Z_PATH_2 row, and click on ADD in St
-
Short dumop in J2I5 (provide duplicate entry in Standard table)
Hello Expert , We have a problem in T.Code J2I5 ( Excise Register Extraction) input entry is lelect Excise group 20 . and a date from 04.08.09 onwards. and select the register RG23D . it shows the run time error ( Eg Th
-
Multi Journal Import - Doubts ?
Hi All Right now we are running a Multi Journal Import and we are inserting data into 4 interface tables gl_interface1-4. I would like to know , if i increase the table from 4 to 10 tables ? Any suggestions? Thanks Ravi
-
Mail: cannot multiselect several emails using "shift" key
Very strange: we have several Macs using Snow Leopard. For some reason on my Imac only, I cannot multi-select several emails at one time to delete them. This function with the shift key works on all the other Macs. I have rebuilt the mailboxes, check
-
Encryption algorithms used in SQL Compact Edition 3.5
Hi, In the info for SQL Compact Edition 3.5 it states that one of the features is: Support for newer and more secure encryption algorithms. I can't seem to find details of exactly what these new, more secure algorithms are. It appears 3.1 used 128-bi