cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
854
Views
0
Helpful
8
Replies

Best egress-method on 7341 with two 6505 distribution switches?

jkeeffe
Level 2
Level 2

I'm following the example in the WAAS Deployment Cookbook (v1.0) starting on page 20. We have a data center design exactly like the one in that chapter "Dada Center, WCCP Interception."

The only thing that is missing in the cookbook configuration is in the WAAS WCCP Configuration - there is no mention of what egress-method to use. I understand that negotiated-return is NOT recommended, as it shunts everything to the CPU.

So should we use generic-GRE since we're in a GLBP environment?

If so, how would the GRE tunnels between the two 6505 switches and the WAE-7341 be configured?

2 Accepted Solutions

Accepted Solutions

dstolt
Cisco Employee
Cisco Employee

Jim,

You are correct, you should utilize generic-gre so the traffic will be processed in hardware. Generic-gre requires WAAS 4.1.x and the configs are here...Configuring a GRE Tunnel Interface on a Router

http://www.cisco.com/en/US/docs/app_ntwk_services/waas/waas/v413/configuration/guide/traffic.html#wp1138375

Hope that helps,

Dan

View solution in original post

I think they used a generic example, it's like a loopback address. I think you may be out of addresses on your vlan5 (maybe you can use 4 and 6?) The "tunnel source vlan5" would be the important part. Good luck!

Dan

View solution in original post

8 Replies 8

dstolt
Cisco Employee
Cisco Employee

Jim,

You are correct, you should utilize generic-gre so the traffic will be processed in hardware. Generic-gre requires WAAS 4.1.x and the configs are here...Configuring a GRE Tunnel Interface on a Router

http://www.cisco.com/en/US/docs/app_ntwk_services/waas/waas/v413/configuration/guide/traffic.html#wp1138375

Hope that helps,

Dan

Another follow up question please. Since I will be configuring GRE tunnels between the 7341 and both 6505s, should I remove the GLBP statements on the 6505 L3 SVIs, or do I leave them? The 7341 default-gateway points to the virtual IP address right now.

And I have only one 7341 right now, so should I configure a GRE tunnel from each 6505 to the 7341? can the 7341 have two GRE tunnels configured on one interface?

Jim,

Leave the GLBP statement for the default GW, the WAE will continue to use this for the CM and other management traffic.

You can use multiple GRE tunnels or a multipoint tunnel.

Hope that helps,

Dan

I'm getting confused - it's been a long day. :-)

Here are the pertinent configs of the two 6505s and 7341 relating to WCCP:

6505-A

ip wccp 61

ip wccp 62

!

interface GigabitEthernet4/1

description ROC-Core

ip address x.x.x.x

ip wccp 62 redirect in

!

interface GigabitEthernet4/12

description ROC-7604

ip address x.x.x.x

ip wccp 61 redirect in

!

interface GigabitEthernet4/46

description WAE-7341-A WAAS

switchport

switchport access vlan 5

switchport mode access

no ip address

!

interface GigabitEthernet4/47

description ROC-6504-DW-B 4/47

switchport

switchport access vlan 5

switchport mode access

no ip address

!

interface Vlan5

ip address 192.168.1.2 255.255.255.248

ip pim sparse-mode

glbp 1 ip 192.168.1

glbp 1 priority 110

glbp 1 preempt

------------------------------

6505-B

ip wccp 61

ip wccp 62

!

interface GigabitEthernet4/1

description ROC-Core

ip address x.x.x.x

wccp 62 redirect in

!

interface GigabitEthernet4/12

description ROC-7604

ip address x.x.x.x

ip wccp 61 redirect in

!

interface GigabitEthernet4/47

description ROC-6504-DW-B 4/47

switchport

switchport access vlan 5

switchport mode access

no ip address

!

interface Vlan5

ip address 192.168.1.3 255.255.255.248

ip pim sparse-mode

glbp 1 ip 192.168.1

glbp 1 preempt

------------------------------------

WAE-7341

int g1/0

ip address 192.168.1.5 255.255.255.248

ip default-gateway 192.168.1.1

WccP router-list 1 192.168.1.2 192.168.1.3

wccp tcp-promiscuous router-list num 1 L2-redirect mask-assign

wccp version 2

Since I need to create two GRE tunnels, one from each 6505 to the WAE interface, would you be so kind as to suggest a quick example of how I would change the config?

Jim,

Are you using a SUP32 or 720? Generic GRE requires GRE-redirect, which is supported in hardware on those platforms. Each router should be configured to have an tunnel interface and the WAE should be set to use "egress-method generic-gre intercept-method wccp". Just to restate, you should change your WAE from L2 redirect to the default (GRE redirect), however still use mask-assign.

If you are going to add multiple WAEs to the cluster, then use Multipoint tunnels, otherwise you can just use a point-to-point tunnel like in the example in the config guides. Some ideas on the point-to-point might be as follows on each router...remember, you could also do multipoint if you are adding more then one WAE.

! Tunnel1 is an unnumbered point-to-point tunnel towards WAE1

interface Tunnel1

ip unnumbered vlan5

tunnel source vlan5

! tunnel destination is the IP address of WAE1

tunnel destination 192.168.1.5

ip wccp redirect exclude in

end

WAE-7341

int g1/0

ip address 192.168.1.5 255.255.255.248

ip default-gateway 192.168.1.1

wccp router-list 1 192.168.1.2 192.168.1.3

wccp tcp-promiscuous router-list num 1 mask-assign

wccp version 2

egress-method generic-gre intercept-method wccp

Hope that helps,

Dan

One last question.

If I go with a multipoint tunnel,because eventually I will have another 7341, I would follow this example I found in the config guide:

interface Tunnel1

ip 12.12.12.1 255.255.255.0

tunnel source vlan5

tunnel mode gre multipoint

ip wccp redirect exclude in

end

In this example, where did they get the IP address 12.12.12.1? It couldn't be the IP of the WAE device, as that IP is in vlan5.

I think they used a generic example, it's like a loopback address. I think you may be out of addresses on your vlan5 (maybe you can use 4 and 6?) The "tunnel source vlan5" would be the important part. Good luck!

Dan

Dan,

Does this mean both GRE encapsulation and de-capsulation are processed in hardware when using Generic GRE? How does performance compare to L2-redirect/return then?

thanks,

Review Cisco Networking for a $25 gift card