cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1788
Views
10
Helpful
6
Replies

question in tracing wccp traffic

Dr.X
Level 2
Level 2

hi ,

my question is how to trace the wccp traffic in" upload and dowload "   "from and to "   clients .

assume the topology below :

we have router with 4  interfaces :

here is the config of router with wccp :

============================================================

GI0/1========>ip wccp 80 redirect in

GI0/4========>ip wccp redirect exclude in

GI0/3========>ip wccp 90 redirect in

and in the gloabl config of the router we have :

#ip access-list ex cache80

#permit tcp 192.168.1.0 0.0.0.255 any eq 80

#ip access-list ex cache90

#permit tcp any 192.168.1.0 0.0.0.255

#ip wccp 80 redirect-list cache80

i#p wccp 90 redirect-list cache90

======================================================

my question is , how to trace the http trafic from client to internet .

i will post my understanding  and wish to correct me if im not correct .

*******************

when clinet make http request , it enter the interface Gi01

then it matched by the acl redirect cache80 ,

then it will be redirected to the interface where cache seerver of service 80 exist , so it will go to interface GI0/4.

the cache server will see if the request cache before or not .

to here , its clear ,

but im understanding wt will come next

plz i wish somebody clarify what is comming next .

aslo another question ,

the interface GI0/2 has no relation to cache , does it require any wccp config under interface config "Gi0/2 " ???

wish my best regards

http://www5.0zz0.com/2013/05/23/11/170478839.jpg

1 Accepted Solution

Accepted Solutions

getting security threat in opening your diagram,

regarding wccp exclude in --

take for example instead of using ip wccp 80 redirect in on LAN, you used ip wccp 80 redirect out on WAN, SO in that case there is chance that packet egress from cache engine will again get redirected back to CE, because of redirection in "out" direction. So we can instruct router to exclude traffic entering from CE interface from further redirection and avoid loop

View solution in original post

6 Replies 6

gaursin2
Level 1
Level 1

I will try to explaing what happen next.

once traffic is redirected to cache-engine, and cache enigne has no content locally cached, it will forward the request to orignal server. Now there are two ways of doing that, one by intiating connection using its own IP, second spoofing orignal client IP and intiating backend connection using that.

For case 1, as conection is intiated by CE only, so return traffic will be destined to it.

For case 2, return traffic from server will be destined to orignal client thats why need redirection, so wccp service 90 come in picutre [hoping gig0/3 is our WAN interface].

Also note that you have used ip wccp redirect exclude in, for CE facing interface. With configuration you are using i.e redirection in "IN" direction, we do not need that command.

Cannot open your diagram, so not able to answer your question on interface gig0/2

hi ,

thanks alot for reply ,

u can have a look on my diagram from here :

http://www5.0zz0.com/2013/05/23/11/170478839.jpg

=======================================================================

but im still not understanding , why we dont need the command ip wccp redirect exlude in in my sitiuation ??

i mean that  all the redirection has the direction "in "  , as i fresult i  dont need the command :

ip wccp redirect exclude in on the interface Gi0/4

=========================================================

i just need an example or explanation , when we need it , and i wish it with an example about the topology ive posted , i think it will help me in understaning it .

with my best regards

getting security threat in opening your diagram,

regarding wccp exclude in --

take for example instead of using ip wccp 80 redirect in on LAN, you used ip wccp 80 redirect out on WAN, SO in that case there is chance that packet egress from cache engine will again get redirected back to CE, because of redirection in "out" direction. So we can instruct router to exclude traffic entering from CE interface from further redirection and avoid loop

nice ,

relative to ur answer above  , if i put redirect out in wan interface , and redirect in  in wan interface .

but my question is  ,

how will the router estimate this traffic if it was  redirected from squid or not ???!!!!

is there method the router use  to estimate that the traffic

it seems clear to me

regards

Not sure about  internal mechanism which router uses, but from top, router simply filter traffic arriving from interface [on which wccp exclude is configured] for further redirection.

thanks alot for your replies .

i really got alot benefit  .

regards

Review Cisco Networking for a $25 gift card