Hi Ahmad,

all waas are (wae512 edge end core wae 612 ) configured with wccp .In the edge I've router 1841 with this release IOS(c1841-advsecurityk9-mz.124-10c.bin) . In other site with i've the same hardware device and the waas good work the IOS is "flash:c1841-advsecurityk9-mz.124-9.T6.bin". however in the other edge site I've the same situation (software and hardware ) that I write above  but waas doesn't optimize the traffic .

wccp status

router

Global WCCP information:

    Router information:

        Router Identifier:                   217.24.255.249

        Protocol Version:                    2.0

    Service Identifier: 61

        Number of Service Group Clients:     1

        Number of Service Group Routers:     1

        Total Packets s/w Redirected:        229235

          Process:                           11

          Fast:                              0

          CEF:                               229224

        Redirect access-list:                -none-

        Total Packets Denied Redirect:       0

        Total Packets Unassigned:            3483

        Group access-list:                   -none-

        Total Messages Denied to Group:      0

        Total Authentication failures:       0

        Total Bypassed Packets Received:     0

    Service Identifier: 62

        Number of Service Group Clients:     1

        Number of Service Group Routers:     1

        Total Packets s/w Redirected:        270960

          Process:                           111867

          Fast:                              0

          CEF:                               159093

        Redirect access-list:                -none-

        Total Packets Denied Redirect:       0

        Total Packets Unassigned:            4370

        Group access-list:                   -none-

        Total Messages Denied to Group:      0

        Total Authentication failures:       0

        Total Bypassed Packets Received:     0

WCCP in the WAAS

waasballdre1#sh wccp status

WCCP version 2 is enabled and currently active

waasballdre1#

My network waas is:

- in the core I've n°2 wae-612 and n°1 wae-512 Central manager,

- edge router 1841 or 2811 or 2911 and wae-512 (22 device)

thanks.

Hi Roberto,

Check the output of show ip wccp 61 detail and show ip wccp 62 detail, then make sure you have applied the ip wccp redirection command correctly in the LAN and WAN interfaces.

Run the following test:

Initiate CIFS connection from one of your clients, then check the connection statistics on WAAS (both Edge and Core WAEs) for this connection using show stat conn | in client_ip_address command. If the packets have been redirected you will see the connection in this output, based on the connection status you will have better understanding of the issue.

What is the wccp configuration you have on the WAE? Are you using GRE for forwarding, return and egress methods?

Note: show egress command on WAAS will show you the applied egress method.

Best regards,

Ahmad

Hi Ahmad,

in the step 1 is ok and I've post the output:

al-balldre#sh ip wccp 61 detail

WCCP Client information:

        WCCP Client ID:          10.5.144.33

        Protocol Version:        2.0

        State:                   Usable

        Initial Hash Info:       FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF

                                 FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF

        Assigned Hash Info:      FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF

                                 FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF

        Hash Allotment:          256 (100.00%)

        Packets s/w Redirected:  392369

        Connect Time:            03:30:42

        Bypassed Packets

          Process:               0

          Fast:                  0

          CEF:                   0

al-balldre#sh ip wccp 62 detail

WCCP Client information:

        WCCP Client ID:          10.5.144.33

        Protocol Version:        2.0

        State:                   Usable

        Initial Hash Info:       FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF

                                 FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF

        Assigned Hash Info:      FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF

                                 FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF

        Hash Allotment:          256 (100.00%)

        Packets s/w Redirected:  459781

        Connect Time:            03:30:47

        Bypassed Packets

          Process:               0

          Fast:                  0

          CEF:                   0

al-balldre#

and in the interface is all configuired with any site (I've check).

THE TEST

waasballdre1#sh statistics connection | in 10.1.144.243

10.1.144.243:2472     10.1.21.41:445        N/A               PT No Peer       

yes I'm using wccp gre

waasballdre1#sh wccp gre    

Transparent GRE packets received:              1324923

Transparent non-GRE packets received:          0

Transparent non-GRE non-WCCP packets received: 0

Total packets accepted:                        896070

Invalid packets received:                      19

Packets received with invalid service:         0

Packets received on a disabled service:        0

Packets received too small:                    0

Packets dropped due to zero TTL:               0

Packets dropped due to bad buckets:            0

Packets dropped due to no redirect address:    0

Packets dropped due to loopback redirect:      0

Pass-through pkts on non-owned bucket:         0

Connections bypassed due to load:              0

Packets sent back to router:                   0

GRE packets sent to router (not bypass):       0

Packets sent to another WAE:                   0

GRE fragments redirected:                      0

GRE encapsulated fragments received:           2840

Packets failed encapsulated reassembly:        0

Packets failed GRE encapsulation:              0

Packets dropped due to invalid fwd method:     0

Packets dropped due to insufficient memory:    0

Packets bypassed, no pending connection:       0

Connections bypassed during wccp shutdown:     0

Connections bypassed due to bypass-list lookup:0

Conditionally Accepted connections:            0

Conditionally Bypassed connections:            0

L2 Bypass packets destined for loopback:       0

Packets w/WCCP GRE received too small:         0

Packets dropped due to received on loopback:   2

Packets dropped due to IP access-list deny:    0

Packets fragmented for bypass:                 0

Packets fragmented for egress:                 0

Packet pullups needed:                         0

Packets dropped due to no route found:         0

waasballdre1#

waasballdre1#show egress-methods

Intercept method : WCCP

      WCCP negotiated return method : WCCP GRE

                        Egress Method      Egress Method

      Destination        Configured            Used     

      -----------  ----------------------  -------------

      any          IP Forwarding           IP Forwarding

Intercept method : Generic L2

                        Egress Method      Egress Method

      Destination        Configured            Used     

      -----------  ----------------------  -------------

      any          not configurable        IP Forwarding

waasballdre1#

----------part of configuration of my waas

sh run:

!

wccp router-list 1 10.5.144.1

wccp tcp-promiscuous service-pair 61 62 failure-detection 30

wccp tcp-promiscuous service-pair 61 62 router-list-num 1

wccp version 2

!

!

nota : I've copy one file in the PC of the Balldre from my server in the center site . when the copy is finished , I've paste  again and the time for the copy is the same.

The waas does not cache.

.

thanks.

R

Hi Roberto,

Checking the following output:

waasballdre1#sh statistics connection | in 10.1.144.243

10.1.144.243:2472     10.1.21.41:445        N/A               PT No Peer     

The WAAS is not able to discover the peer device thats why the connection is not optimized and it is in PT (Pass Through).

Do you have any firewalls in between the edge WAE and the core WAE? What kind of firewalls (cisco or other vendor)?

Make sure all the packets for the client connections are passing through the WAE.

Re-do the same test and check the connection statistics on the Core WAEs.

Best regards,

Ahmad

Hi Ahmad,

I haven't any firewall between wae devices.

sh statistics for Core WAE:

WAAS1#sh statistics connection | in 10.1.144.243

10.1.144.243:5631     10.20.21.49:24803     N/A               PT In Progress   

10.20.21.49:24803     10.1.144.243:5631     N/A               PT In Progress   

WAAS1#

WAAS2#sh statistics connection | in 10.1.144.243

10.1.21.41:445        10.1.144.243:2548     00:1a:64:f2:3b:5b PT Asymmetric    

10.1.144.243:5631     10.20.21.49:24803     N/A               PT In Progress   

10.20.21.49:24803     10.1.144.243:5631     N/A               PT In Progress   

10.1.144.243:2548     10.1.21.41:445        00:1a:64:f2:3b:5b PT Asymmetric    

WAAS2#

thanks.

Roberto

Hi Roberto,

Check the connection statistics on WAAS2:

WAAS2#sh statistics connection | in 10.1.144.243

10.1.21.41:445        10.1.144.243:2548     00:1a:64:f2:3b:5b PT Asymmetric      

10.1.144.243:2548     10.1.21.41:445        00:1a:64:f2:3b:5b PT Asymmetric   

The connections been placed in PT because of Asymmetric traffic flow, which mean not all the packets are passing through the same WAE.

Note: The WAAS is using TCP option 0x21 to perform auto-discovery for that reason all the packets between the client and the server should pass through the the same WAASs.

You need to review the traffic flow and the WCCP configuration to make sure the Asymmetric paths have been removed, then the WAAS will start optimizing the traffic.

Please let me know if you require any help figuring that out.

Best regards,

Ahmad   

thank you , but i don't undstand very well.

in the center site I have this configurration:

sw-core-1#sh ip wccp 61 detail

WCCP Client information:

        WCCP Client ID:          10.5.21.35

        Protocol Version:        2.0

        State:                   Usable

        Redirection:             GRE

        Packet Return:           GRE

        Assignment:              HASH

        Initial Hash Info:       00000000000000000000000000000000

                                 00000000000000000000000000000000

        Assigned Hash Info:      00000000000000000000000000000000

                                 FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF

        Hash Allotment:          128 (50.00%)

        Packets s/w Redirected:  2150140

        Connect Time:            02:10:59

        Bypassed Packets

          Process:               0

          CEF:                   4853

          Errors:                0

        WCCP Client ID:          10.5.21.33

        Protocol Version:        2.0

        State:                   Usable

        Redirection:             GRE

        Packet Return:           GRE

        Assignment:              HASH

        Initial Hash Info:       00000000000000000000000000000000

                                 00000000000000000000000000000000

        Assigned Hash Info:      FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF

                                 00000000000000000000000000000000

        Hash Allotment:          128 (50.00%)

        Packets s/w Redirected:  18452807

        Connect Time:            2d02h

        Bypassed Packets

          Process:               0

          CEF:                   4853

          Errors:                0

sw-core-1#sh ip wccp 62 detail

WCCP Client information:

        WCCP Client ID:          10.5.21.35

        Protocol Version:        2.0

        State:                   Usable

        Redirection:             GRE

        Packet Return:           GRE

        Assignment:              HASH

        Initial Hash Info:       00000000000000000000000000000000

                                 00000000000000000000000000000000

        Assigned Hash Info:      00000000000000000000000000000000

                                 FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF

        Hash Allotment:          128 (50.00%)

        Packets s/w Redirected:  285451

        Connect Time:            02:11:19

        Bypassed Packets

          Process:               57

          CEF:                   26252

          Errors:                0

        WCCP Client ID:          10.5.21.33

        Protocol Version:        2.0

        State:                   Usable

        Redirection:             GRE

        Packet Return:           GRE

        Assignment:              HASH

        Initial Hash Info:       00000000000000000000000000000000

                                 00000000000000000000000000000000

        Assigned Hash Info:      FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF

                                 00000000000000000000000000000000

        Hash Allotment:          128 (50.00%)

        Packets s/w Redirected:  5382805

        Connect Time:            2d02h

        Bypassed Packets

          Process:               57

          CEF:                   26252

          Errors:                0

sw-core-1#

What can I do for forced the traffic to one WAAS  (waas1 or waas2)?

Please help me..

Roberto

Hi ,

Now i have shut down the waas1 in the site CORE. this is the situation:

waasballdre1#sh stat connection | in 10.1.144.243

10.1.21.41:445        10.1.144.243:2548     N/A               PT In Progress   

10.1.144.243:5631     10.20.21.49:24803     N/A               PT In Progress   

10.20.21.49:24803     10.1.144.243:5631     N/A               PT In Progress   

10.1.144.243:2548     10.1.21.41:445        N/A               PT In Progress   

waasballdre1#

WAAS2#sh statistics connection | in 10.1.144.243

10.1.21.41:445        10.1.144.243:2548     N/A               PT In Progress   

10.1.144.243:5631     10.20.21.49:24803     N/A               PT In Progress   

10.20.21.49:24803     10.1.144.243:5631     N/A               PT In Progress   

10.1.144.243:2548     10.1.21.41:445        N/A               PT In Progress   

WAAS2#

thanks

Roberto

Hi Roberto,

The WCCP will make sure that all packets within the same flow will be redirected to same WAAS automatically, you dont need to perform anything to force that.

Can you explain brifly the WCCP design you have on both edge and core routers?

What is the client and the server IP addresses you are using in the test?

Get a fresh copy of show ip 61/62 detail from both side with WAAS1 shuted down.

The best action to take now, is to capture the traffic on client, server, edge and core WAEs for the same connection and get them in pcap format so you can check exactly what part of packets' flow breaks the auto-discovery.

Best regards,

Ahmad

Hello Robert,

Do you have a diagram with this topology???

Hello, Roberto

Could you try to test with LZ, DRE, TFO and HTTPAO, then LZ+DRE and so on to check which one is failing?

Did you apply change before this situation started? Has it ever worked?

Do you have any type of device in between the traffic like a firewall?

Which is the current result if you run this command again: #sh statistics connection | in 10.1.144.243?

Jorge

Hello,

Sorry for my late answer, but I was in holiday.

Yes , before the upgrade this waas was functioning  normaly  (such do you see,  more waas is working correctly).

I haven't any type of firewall between sites.

This is the topology:

thanks .

Roberto