07-28-2010 06:35 AM
Hi,
I try to setup a WCCP configuration on routers to redirect trafic to a WAN optimizer which is located on a L3 switch (different subnet as the router)
So I configure an ACL to tell which trafic I want to intercept/redirect
On the first Router
ip wccp 51 redirect-list WCCP
ip access-list extended WCCP
permit ip host 10.137.142.39 host 10.137.152.58
permit ip host 10.137.152.58 host 10.137.142.39
interface FastEthernet0/0
description to LAN
ip address 10.137.152.28 255.255.255.254
ip accounting output-packets
ip wccp 51 redirect out
ip wccp 51 redirect in
ip load-sharing per-packet
duplex full
speed 100
no clns route-cache
On the second router
ip wccp 51 redirect-list WCCP
ip access-list extended WCCP
permit ip host 10.137.142.39 host 10.137.152.58
permit ip host 10.137.152.58 host 10.137.142.39
!
interface GigabitEthernet0/0
description To LAN
ip address 10.137.142.202 255.255.255.254
no ip redirects
ip wccp 51 redirect out
ip wccp 51 redirect in
duplex full
When I issue a "show access-list WCCP" on the router, the acces list seems to be not matched
Of course we have asymetric routing on the WAN, but the packets are even seen on the other router...
any idea why the access list is not éatched for the WCCP interception? Does it need something special to be matched?
08-05-2010 05:06 AM
Hello Romain,
You mentioned that you are doing WCCP on an L3 Switch.
WCCP is done in hardware on the Switch platform, so you don't see any hit counts increment on the ACL,
The best way to verify that WCCP is working is by running "show wccp gre" on the WAAS device. Even if you are doing, L2 redirection you will see the packets increment on that command.
wae-512-2#show wccp gre
Transparent GRE packets received: 0
Transparent non-GRE packets received: 249080
Transparent non-GRE non-WCCP packets received: 0
Total packets accepted: 77091
Invalid packets received: 0
Packets received with invalid service: 0
The highlighted packets are WCCP packets.
The other option on the WAAS box is to run "show stat conn" and you'll be able to see the connections redirected.
I hope this helps.
Tom Jardin
08-05-2010 05:28 AM
Hello Tom,
Thank you for your answer
The WCCP is not directly configured on the L3 switch but on the router. It is just that the WAN Optimizer is on another subnet thant the router.
Romain
08-05-2010 06:11 AM
Hi Romain,
First question, You mention "WAN Optimizer". Is that a Cisco device?
Next question is, Are you saying that WCCP is not working at all or are you just saying the ACL is not incrementing.
You can also run this on the router. Show ip wccp 61 detail
That will show you if the WCCP is fully up and running. Here is a sample.
WCCP Client information:
WCCP Client ID: 172.16.11.7
Protocol Version: 2.0
State: Usable
Redirection: GRE
Packet Return: GRE
Assignment: HASH
Initial Hash Info: 00000000000000000000000000000000
00000000000000000000000000000000
Assigned Hash Info: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
Hash Allotment: 256 (100.00%)
Packets s/w Redirected: 52368
Connect Time: 5d19h
Bypassed Packets
Process: 0
CEF: 0
Errors: 0
The things to look for is that it is "usable" has a proer Hash allotment and is dong GRE redirection. In that case, you should see hits on the ACL.
Other than that, I would need show techs from the router and the WAN optimizer to fully understand if WCCP is working and that is probably more than can be done in this forum.
Perhaps a TAC case is needed if you don't think the WCCP is working.
Regards,
Tom
08-05-2010 06:40 AM
Tom,
Unfortunaltly it is not a Cisco opptimizer. It is a Citrix one.
I will check the different pieces of advises you gave me
Thank you
Regards
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide