03-04-2009 01:00 AM
Hello
I installed a WAAS with WCCP configured for traffic redirection.
It was working properly at first, that once i got a error (The error LED was on), so after checking the LOGS i found the following error log:
02-26-2009 17:52:35 Syslog.Error 192.168.95.2 2009 Feb 26 14: kernel: %WAAS-SYS-3-900000: 192.168.99.4:3809 - 192.168.2.111:2967 - opt_syn_rcv: Routing Loop detected - Packet has our own device. Packet dropped.
What could cause such a problem, note that there is an access-list configured for the WCCP redirection on the router:
ip wccp 61 redirect-list wccp-exclusion-in
ip wccp 62 redirect-list wccp-exclusion-out
and the traffic is passing between the HO and a BRANCH
Please advise
Regards,
03-04-2009 07:48 PM
Hi Georges,
This error means that the WAE sees it's own Device ID (mac address) in a returning packet. This usually means that we are re-intercepting traffic that has egressed the WAE. This can be due to a routing loop or asymetric traffic flows where the routers enabled with wccp are seeing the traffic leaving the WAEs on interfaces with interception enabled.
Are you doing redirect-out on an interface or redirect-in on both LAN/WAN?
Are you intercepting traffic with more then one router?
Dan
03-04-2009 11:07 PM
Helloo
The WAE AND THE CORE switch are connected to two different interfaces on the router
So once the traffic arrives to the router, it is redirected to another physical interface to the CORE WAE and then goes to the WAN from a 3rd interface (Serial)
This the WCCP configuration done on the router:
ip wccp 61 redirect-list wccp-exclusion-in
ip wccp 62 redirect-list wccp-exclusion-out
ip cef
interface FastEthernet0/0
description 'CONNECTED TO L3 Switch'
ip address 192.168.96.199 255.255.255.0
ip wccp 61 redirect in
ip wccp 62 redirect out
ip nat inside
ip virtual-reassembly
load-interval 30
duplex auto
speed auto
traffic-shape group 111 350000 8400 8400 1000
traffic-shape group 112 650000 15600 15600 1000
no cdp enable
!
interface FastEthernet0/1
Connected to CORE-WAE
ip address 192.168.95.1 255.255.255.252
ip wccp redirect exclude in
duplex auto
speed auto
and the acl's
ip access-list extended wccp-exclusion-in
deny ip host 192.168.98.27 any
deny ip any host 192.168.3.111
permit ip 192.168.98.0 0.0.0.255 192.168.6.0 0.0.0.255
permit ip 192.168.8.0 0.0.0.255 192.168.6.0 0.0.0.255
permit ip 192.168.100.0 0.0.0.255 192.168.6.0 0.0.0.255
permit ip 192.168.99.0 0.0.0.255 192.168.6.0 0.0.0.255
ip access-list extended
wccp-exclusion-out
deny ip any host 192.168.98.27
deny ip host 192.168.3.111 any
permit ip 192.168.6.0 0.0.0.255 192.168.98.0 0.0.0.255
permit ip 192.168.6.0 0.0.0.255 192.168.8.0 0.0.0.255
permit ip 192.168.6.0 0.0.0.255 192.168.99.0 0.0.0.255
permit ip 192.168.6.0 0.0.0.255 192.168.100.0 0.0.0.255
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide