Urgent ! Router-WAAS WCCP problem

s.uslay · ‎10-19-2007

I have dot1q enabled 7507 connecting frame relay branch to data centre.

Core WAAS sits on a VLAN subinterface.

As soon as I enable "ip wcccp redirect 61 in" on VLAN trunked interface, I am loosing connection to the branch.

the config is here..

interface GigabitEthernet4/0/0

description Core Data Centre Trunk VLAN 3,120 to SWDC03 3/16

no ip address

no ip redirects

no ip unreachables

no ip proxy-arp

load-interval 30

negotiation auto

no cdp enable

interface GigabitEthernet4/0/0.3

description Core Data Centre VLAN

encap dot1q 3

ip address xxxx

ip wccp 61 redirect in

no ip redirects

no ip unreachables

no ip proxy-arp

ip nbar protocol-discovery

ip route-cache flow

no cdp enable

standby 3 ip 10.64.205.17

standby 3 priority 150

standby 3 preempt

interface GigabitEthernet4/0/0.120

description Core WAAS VLAN120

encap dot1q 120

ip address yyyyyyy

ip wccp redirect exclude in

no ip redirects

no ip unreachables

interface Serial0/0/3.64 point-to-point

ip wccp 62 redirect in

The IOS version is rsp-jsv-mz.123-17b and WAAS version 4.0.13.I have tested this before without VLAN trunking on another router using a seperate interface and it was working.Any idea ?

thanks

Zach Seils · ‎10-24-2007

Serhat,

Are you losing all client connectivity to the branch, or just telnet/ssh access to the branch router? If it is the latter, CSCsg30875 may be an issue. Can you please clarify the extent of the connectivity loss?

Thanks,

Zach

s.uslay · ‎10-24-2007

Thanks Zach.Cisco SE told me that this only happens when the default gateway in WAAS is not the same as WCCP router address. I will move HSRP active interface from 6509 VLAN to WAN router and test it again. I will keep you informed.

thanks

Serhat

Zach Seils · ‎10-24-2007

There is no requirement that the default gateway used on the WAE has to be the same as the IP addresses configured in the WCCP router-list. In fact, when HSRP is configured on the WAE VLAN, the default-gateway is set to the HSRP VIP, while the WCCP router-list uses the real interface IP addresses of each HSRP member.

Zach

dstolt · ‎10-24-2007

Looks like you are doing wccp 62 redirect in on the WAAS VLAN? The WAAS VLAN should be a dedicated VLAN and excluded from interception. Try moving 62 to the WAN interface (frame relay).

Dan

s.uslay · ‎10-24-2007

thanks guys. I will explain the problem a bit more.When WAAS sits on a seperate i/f on WAN router, it works fine. i.e "wccp redirect 61 in " on interface connecting WAN router to Data Centre and "wccp redirect 62 in" on WAN frame relay. Then I configured the i/f connecting WAN router to Data Centre as dot1q trunk and a dedicated VLAN is created for WAAS. The default gateway for WAAS is HSRP address in 6509s. The WCCP router address configured in WAAS is the loopback0 address of the WAN router. The "wccp redirect 62 in" on WAN frame relay stays same. However, " wccp redirect 61 in " carried to a new subinterface on the same access as WAAS VLAN.

All WCCP commands show that there is a connection between WAAS and WAN router, packet count goes up. However, all TCP sessions to the brach (initiated from the Data Centre) fail. I have also tested with and without "wccp redirect exclude in" on WAAS VLAN subinterface without success. Since I had to install the branch the WAAS on the weekend, I moved WAAS back to dedicated interface on WAN router. It works fine but I can not implement redundancy.

The suggestion was to make WAN router subinterface HSRP active rather than 6509 MSFCs.So WAAS talks to WAN routers loopback address and default gateway also points to the same router rather than MSFC. I have not had a chance to test this but I will test in the coming weeks. I was also suggested to use layer2 redirection on 6509 but did not have any chance to look at it closely.

thanks

Serhat