cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1056
Views
0
Helpful
19
Replies

CE590 http Saving

m.abdallah
Level 1
Level 1

I installed Cisco Content Engine 590 on ISP network

How can I test the performance of the CE590 ??

What is the accepted saving percentage ?

sh ver

Cisco Content Engine

Copyright (c) 1999-2001 by Cisco Systems, Inc.

Cisco Content Engine Software Release 3.11 (build FCS May 30 2001)

Version: ce590-cache-3.1.1

Compiled 09:49:25 May 30 2001 by bbalagot

Compile Time Options: PP

System was restarted on Thu Oct 31 11:39:00 2002.

The system has been up for 2 hours, 5 minutes, 42 seconds.

content#

content#sh staticontent#sh statistics htt saving

Statistics - Savings

Requests Bytes

-----------------------------------------------------------

Total: 123145 805553899

Hits: 16533 44281031

Miss: 106612 761272868

Savings: 13.4 % 5.5 %

What is the accepted saving percentage ?

My router show my the following statistics :

Router#show ip wccp web-cache

Global WCCP information:

Router information:

Router Identifier: 62.32.60.254

Protocol Version: 2.0

Service Identifier: web-cache

Number of Cache Engines: 1

Number of routers: 1

Total Packets Redirected: 882029

Redirect access-list: -none-

Total Packets Denied Redirect: 0

Total Packets Unassigned: 0

Group access-list: -none-

Total Messages Denied to Group: 0

Total Authentication failures: 0

Router#show ip wccp web-cache detail

WCCP Cache-Engine information:

IP Address: 62.32.60.250

Protocol Version: 2.0

State: Usable

Initial Hash Info: 00000000000000000000000000000000

00000000000000000000000000000000

Assigned Hash Info: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF

FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF

Hash Allotment: 256 (100.00%)

Packets Redirected: 882673

Connect Time: 02:14:08

I think, the caching performance is not good

What do you suggest ??

Thanks

Mohamed Abdallah

19 Replies 19

pknoops
Level 3
Level 3

Mohamed,

It's hard to say what an acceptable number should be in this senario, but in general I would say something in the 30-40% savings range is normal. This is dependant on the configuration say if you're bypassing certain clients, servers, etc..

In your senario, you should probably take a look at the "show bypass" data and get a sense of why you have misses and bypasses. In many instances, people who do not have PTR records of their CE ip address in their DNS network see problems simply due to the fact that external websites very often do reverse lookups and this can cause alot of bypass instances.

Regards

Pete Knoops

Cisco Systems

Pete,

Thanks for your help

PTR record is done

The CE is configured as transparent caching

show bypass give me server error

content#show bypass

Total number of HTTP connections bypassed = 216349

Connections bypassed due to system overload = 0

Connections bypassed due to authentication issues = 0

Connections bypassed due to facilitate error transparency = 216349

Connections bypassed due to static configuration = 0

Total number of entries in the bypass list = 43

Number of Authentication bypass entries = 0

Number of Error bypass entries = 43

Number of Static Configuration entries = 0

content#

content#show bypass list

Client Server Entry type

------ ------ ----------

62.32.60.41:0 212.133.68.62:80 server-error

62.32.60.42:0 213.184.179.67:80 server-error

62.32.60.41:0 128.242.201.186:80 server-error

62.32.60.41:0 193.227.13.44:80 server-error

62.32.60.41:0 193.111.198.37:80 server-error

62.32.60.42:0 216.239.53.101:80 server-error

62.32.60.41:0 64.94.89.210:80 server-error

62.32.60.41:0 212.26.27.88:80 server-error

62.32.60.42:0 193.232.242.69:80 server-error

62.32.60.41:0 66.218.77.72:80 server-error

62.32.60.41:0 66.163.173.23:80 server-error

62.32.60.42:0 198.64.138.89:80 server-error

62.32.60.42:0 66.135.192.83:80 server-error

62.32.60.41:0 130.127.28.32:80 server-error

62.32.60.41:0 171.68.4.69:80 server-error

62.32.60.41:0 195.229.240.108:80 server-error

62.32.60.41:0 128.242.237.107:80 server-error

62.32.60.42:0 217.52.21.203:80 server-error

62.32.60.41:0 62.65.186.197:80 server-error

62.32.60.41:0 216.167.51.189:80 server-error

62.32.60.42:0 64.94.89.210:80 server-error

62.32.60.42:0 212.31.2.45:80 server-error

62.32.60.61:0 209.247.228.210:80 server-error

62.32.60.42:0 193.232.242.65:80 server-error

62.32.60.41:0 66.218.77.68:80 server-error

62.32.60.41:0 205.214.64.191:80 server-error

62.32.60.61:0 147.208.175.70:80 server-error

62.32.60.41:0 216.239.33.104:80 server-error

62.32.60.42:0 216.167.51.189:80 server-error

62.32.60.41:0 193.78.46.43:80 server-error

62.32.60.41:0 206.129.95.55:80 server-error

62.32.60.42:0 66.40.9.142:80 server-error

62.32.60.41:0 66.70.83.135:80 server-error

62.32.60.42:0 63.68.55.65:80 server-error

62.32.60.42:0 195.161.119.249:80 server-error

62.32.60.41:0 65.199.10.130:80 server-error

62.32.60.42:0 66.135.192.11:80 server-error

62.32.60.41:0 63.88.212.80:80 server-error

62.32.60.42:0 195.161.113.4:80 server-error

62.32.60.41:0 133.6.152.2:80 server-error

62.32.60.42:0 66.45.5.89:80 server-error

62.32.60.41:0 66.218.77.70:80 server-error

62.32.60.41:0 209.225.53.187:80 server-error

62.32.60.41:0 216.239.53.101:80 server-error

62.32.60.41:0 193.232.242.69:80 server-error

content#

Saving now is 8% , and performance is not good

What do you suggest ?

Regards

Mohamed Abdallah

Mohamed,

This is a classic case of the nimda virus of something of that nature. You will want to put in the following filters and then do a show rules to see if you are getting hits on them. I would imagine you will definately see hits based on the "error transparency" number listed in your last reply.

Rules:

rule block url-regex .*/default\.ida

rule block url-regex .*/root.exe

rule block url-regex .*\cmd.exe

rule block url-regex ^http://.*www\.worm\.com/default\.ida$

rule block url-regex ^http://.*/default\.ida$

rule no-cache url-regex .*cgi-bin.*

rule no-cache url-regex .*aw-cgi.*

Pete..

Pete,

why do you think there is a nimda virus ??

how can I get the no. of hits on these applied rules ? show rule all command didnot show any hits !!!!!!

after 30 min. from applying the rules, I got the below output :

What do you suggest ??

Thanks for your help

Regards

Mohamed Abdallah

content#show rule all

Rules Template Configuration

----------------------------

Rule Processing Enabled

rule block url-regex .*\cmd.exe

rule block url-regex .*/root.exe

rule block url-regex .*/default\.ida

rule block url-regex ^http://.*/default\.ida$

rule block url-regex ^http://.*www\.worm\.com/default\.ida$

rule no-cache url-regex .*aw-cgi.*

rule no-cache url-regex .*cgi-bin.*

content#

content#

content#

content#show stat http sav

Statistics - Savings

Requests Bytes

-----------------------------------------------------------

Total: 7814793 57478234325

Hits: 2005380 7881773025

Miss: 5809413 49596461300

Savings: 25.7 % 13.7 %

content#

content#

content#show bypass

Total number of HTTP connections bypassed = 442687

Connections bypassed due to system overload = 0

Connections bypassed due to authentication issues = 0

Connections bypassed due to facilitate error transparency = 442687

Connections bypassed due to static configuration = 0

Total number of entries in the bypass list = 58

Number of Authentication bypass entries = 0

Number of Error bypass entries = 58

Number of Static Configuration entries = 0

content#

content#

content#show bypass list

Client Server Entry type

------ ------ ----------

62.32.60.41:0 209.132.206.147:80 server-error

62.32.60.41:0 216.203.156.216:80 server-error

62.32.60.40:0 194.8.167.244:80 server-error

62.32.60.41:0 200.199.201.83:80 server-error

62.32.60.40:0 207.25.71.195:80 server-error

62.32.60.40:0 64.94.89.168:80 server-error

62.32.60.41:0 216.136.131.30:80 server-error

62.32.60.41:0 216.39.104.49:80 server-error

62.32.60.41:0 209.61.228.212:80 server-error

62.32.60.41:0 64.94.89.210:80 server-error

62.32.60.40:0 207.46.196.108:80 server-error

62.32.60.41:0 128.242.118.139:80 server-error

62.32.60.40:0 128.121.4.44:80 server-error

62.32.60.41:0 66.163.173.23:80 server-error

62.32.60.40:0 64.41.146.221:80 server-error

62.32.60.41:0 194.8.167.244:80 server-error

62.32.60.41:0 170.97.67.13:80 server-error

62.32.60.41:0 130.127.28.32:80 server-error

62.32.60.41:0 64.156.188.61:80 server-error

62.32.60.41:0 66.218.70.227:80 server-error

62.32.60.41:0 216.94.230.2:80 server-error

62.32.60.41:0 192.41.170.60:80 server-error

62.32.60.41:0 159.18.1.68:80 server-error

62.32.60.41:0 161.58.226.240:80 server-error

62.32.60.41:0 62.161.94.168:80 server-error

62.32.60.41:0 216.167.51.189:80 server-error

62.32.60.41:0 209.15.63.191:80 server-error

62.32.60.41:0 209.10.17.133:80 server-error

62.32.60.41:0 66.218.70.105:80 server-error

62.32.60.41:0 199.231.130.13:80 server-error

62.32.60.41:0 12.129.204.160:80 server-error

62.32.60.41:0 66.218.77.68:80 server-error

62.32.60.40:0 208.170.46.164:80 server-error

62.32.60.41:0 216.239.33.104:80 server-error

62.32.60.41:0 128.121.124.167:80 server-error

62.32.60.41:0 207.46.196.109:80 server-error

62.32.60.41:0 130.54.44.157:80 server-error

62.32.60.41:0 193.233.1.233:80 server-error

62.32.60.40:0 216.239.39.100:80 server-error

62.32.60.41:0 144.226.72.36:80 server-error

62.32.60.41:0 62.4.85.236:80 server-error

62.32.60.41:0 216.239.51.126:80 server-error

62.32.60.40:0 65.89.139.6:80 server-error

62.32.60.41:0 204.71.191.241:80 server-error

62.32.60.41:0 200.199.201.81:80 server-error

62.32.60.41:0 65.199.10.130:80 server-error

62.32.60.41:0 205.158.107.32:80 server-error

62.32.60.41:0 207.182.248.211:80 server-error

62.32.60.41:0 66.28.60.230:80 server-error

62.32.60.40:0 193.111.198.37:80 server-error

62.32.60.40:0 80.94.193.92:80 server-error

62.32.60.41:0 65.214.39.7:80 server-error

62.32.60.41:0 216.239.51.101:80 server-error

62.32.60.40:0 64.94.89.210:80 server-error

62.32.60.40:0 216.120.60.144:80 server-error

62.32.60.41:0 193.232.242.69:80 server-error

62.32.60.40:0 64.83.28.78:80 server-error

62.32.60.61:0 any-server:0 server-error

content#

content#

content#

content#

Sorry about the confusion on the exact command.

Please take a look at "show stat rule all"

It should look something like this:

---------------------show stat rule all---------------------

Rules Template Statistics

-------------------------

rule block domain www.test.com

Rule hit count = 0

rule block domain www.test.com

Rule hit count = 0

rule no-cache dst-ip 10.1.1.1 255.255.255.0

Rule hit count = 0

rule no-cache url-regex .*cgi-bin.*

Rule hit count = 0

rule no-cache url-regex .*aw-cgi.*

Rule hit count = 0

rule no-cache domain smartforce.com

Rule hit count = 0

I would imagine you will see hit counts here.

Pete

Pete,

Thanks for your help

Yes, I find some hits on cmd.exe and root.exe

What does that mean ?

Do I have an infected Server by virus ? Which Server ?

What do you suggest ?

content#show stat rule all

Rules Template Statistics

-------------------------

Rule hit count = 0 Rule: rule block url-regex ^http://.*/default\.ida$

Rule hit count = 0 Rule: rule block url-regex ^http://.*www\.worm\.com/defa

Rule hit count = 28 Rule: rule block url-regex .*\cmd.exe

Rule hit count = 4 Rule: rule block url-regex .*/root.exe

Rule hit count = 0 Rule: rule block url-regex .*/default\.ida

Rule hit count = 0 Rule: rule no-cache url-regex .*aw-cgi.*

Rule hit count = 0 Rule: rule no-cache url-regex .*cgi-bin.*

Regards

Mohamed Abdallah

Pete,

Today the cmd.exe and root.exe hits increase , and a new hit ( one hit ) appear for http://.*/default\.ida$

Is this a virus ? which server is affected ?

Can the virus affect my CE 590 ?

I noticed also that the CFS ( disk01 ) is full, NO FREE Sapce for CFS !!!!!

content#show stat rule all

Rules Template Statistics

-------------------------

Rule hit count = 1 Rule: rule block url-regex ^http://.*/default\.ida$

Rule hit count = 0 Rule: rule block url-regex ^http://.*www\.worm\.com/default\.ida$

Rule hit count = 71 Rule: rule block url-regex .*\cmd.exe

Rule hit count = 12 Rule: rule block url-regex .*/root.exe

Rule hit count = 0 Rule: rule block url-regex .*/default\.ida

Rule hit count = 0 Rule: rule no-cache url-regex .*aw-cgi.*

Rule hit count = 0 Rule: rule no-cache url-regex .*cgi-bin.*

content#show stat http sav

Statistics - Savings

Requests Bytes

-----------------------------------------------------------

Total: 9138555 66713366028

Hits: 2541319 9936652228

Miss: 6597236 56776713800

Savings: 27.8 % 14.9 %

content#

content#sho disk-partitions disk00

Disk size in 512 byte blocks: 35566448

num: type start size status

-----------------------------------------------------

0: SWFS 32 3145728 System Reserved

1: SYSFS 3145760 7113289 mounted at local1

2: NONE

3: NONE

Free disk space: 25307431 blocks (12357 M)

content#

content#show disk-partitions disk01

Disk size in 512 byte blocks: 35566448

num: type start size status

-----------------------------------------------------

0: CFS 32 35566448 mounted

1: NONE

2: NONE

3: NONE

Free disk space: 0 blocks (0 M)

content#

Mohamed,

So now it appears that you are blocking the nimda virus and maybe some others that are affecting your CE (this is good that you are now blocking them)

I see that the savings has increased (this is good too). I would now verify in your network that you are virus free. Also, you can do a "clear cache" on the CE to clean up the disk and start off fresh now that you are blocking the viruses.

Regards

Pete..

Pete,

I cleaned the Cache using clear cache command.

The saving percentage is decreased again

content#show stat http saving

Statistics - Savings

Requests Bytes

-----------------------------------------------------------

Total: 25759 178627253

Hits: 3317 8701935

Miss: 22442 169925318

Savings: 12.9 % 4.9 %

Is there is command that can show me the saved web on my CE 590 ?

Thanks

Regards

Mohamed Abdallah

Mohamed,

The savings went down now because alot of the information has to be received from the web to the CE now that it has nothing cached. In effect, once it is up for a while, you should see the savings increase and then stabilize

Pete..

Pete,

Do you still recommend to upgrade the CE 590 with ACNS 4.2.x ?

I would highly recommend you upgrade. There is no other way to put it. ACNS 4.2 is definately the way to go especially when you are runnning a 590 that is a powerful CE.

Pete..

Pete,

I will upgrade to ACNS ver. 4.2.3

After upgrading, Does the CE 590 keep its old configuration ?

OR Should I make some changes in the configuration with the new ACNS 4.2.3 ??

Regards

Mohamed Abdallah

Old config should be fine

Pete..

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: