01-28-2013 04:42 AM
Ok, here the problem I´m having:
Nexus 7000 (nx-os 5.2) connected to my WAEs and configured for only one of the VRFs.
I want to add another one from the VRFs already configured on the Nexus to the WAAS (4.3).
Is this possible? Does anyone have some experience with something similar?
Thanks
P.S.
01-29-2013 05:52 PM
Whereas WCCP is VRF-Aware, the WAE appliance is not. You will need a WAE device for each VRF as needed.
Thank You,
Dan Laden
Cisco PDI Data Center
Want to know more about how PDI can assist you?
http://www.youtube.com/watch?v=3OAJrkMfN3c
http://www.cisco.com/go/pdihelpdesk
UC Virtualization Supported Hardware
02-04-2013 11:40 AM
Hi Dan,
I do not agree 100% with you :
It is correct that WCCP has been made VRF-Aware in recent releases (and of course if the hardware supports it) !
But one could argue that as long as there are no overlapping IP-addresses btw. the two different VRFs, the WAAS device doesn't care - it will just cache parts of the string patterns if it is relevant and serve the content from the DRE cache ... and do it's other kind of magic (LZ, TFO, AO) to the packets.
So it is correct that the WAAS isen't VRF aware, but it doesn't have to be.
It's the same as several VLANs are trunked in through an inline card and they belong to different VRFs.
I'm pretty sure that this will work if you don't mix up with the WCCP redirection and return.
I'm also certain that this is supported acconding to the last part of this chapter :
Best Regards
Finn Poulsen
02-04-2013 07:54 PM
Virtualization Support for WCCPv2
"WCCP redirection occurs within a VRF. You must configure the WCCP cache engine so that the forward and return traffic to and from the cache engine occurs from interfaces that are a part of the same VRF."
One may be able to other technologies to work around this limitation. You touched on inline, you may also look at vPath/vWaas in virtualized environments.
Thank You,
Dan Laden
Cisco PDI Data Center
Want to know more about how PDI can assist you?
http://www.youtube.com/watch?v=4BebSCuxcQU&list=PL88EB353557455BD7
02-05-2013 09:16 AM
What if you create a separate VRF for the WAE, and configure VRF leaking to inject the routes?
Sent from Cisco Technical Support Android App
02-05-2013 09:25 AM
I will have to concede i do not have expert knowledge of VRF. I will have to allow someone else to step in to discuss VRF route leaks interacting with WAAS.
If we can get the WCCP redirected packet to the WAE and the return packet back into the proper VRF, it may work. Docs state its not supported, one may have an issue getting support from TAC on this config.
Thank You,
Dan Laden
Cisco PDI Data Center
Want to know more about how PDI can assist you?
http://www.youtube.com/watch?v=4BebSCuxcQU&list=PL88EB353557455BD7
02-05-2013 10:51 AM
Okay but please share us the result, I wonder if my idea works in this case. :)
Sent from Cisco Technical Support Android App
02-07-2013 04:55 PM
hi Andras, everyone,
I think this can help: http://www.cisco.com/en/US/prod/collateral/contnetw/ps5680/ps6870/white_paper_C11-560131.pdf
look at the sample configuration for route leaking.
"With the static route defined, the VRF routes can be injected into the global routing table. The loopback address,
which is used as the router ID for WCCP, is then announced to the VRF instance at the location where the Cisco
WAE is connected. The Cisco WAE can then establish a WCCP session with the router, and the address of the Cisco
WAE is announced to the global routing table"
never tried that config myself so let me know how it goes if you ever deploy it!
cheers
Felix,
02-10-2013 02:42 PM
Hi Felix,
Can we do this same with SRE, on the same router?
02-11-2013 09:07 AM
hi Marcin,
yes you can, " If a Cisco WAAS NME-WAE network module or Cisco WAE appliance is used at a branch location and the service provider cannot strip off the labels, WCCP can be used with a route-leaking option as long as there are no
overlapping IP addresses "
same source as link above:http://www.cisco.com/en/US/prod/collateral/contnetw/ps5680/ps6870/white_paper_C11-560131.pdf
good luck,
Felix
02-11-2013 02:08 PM
Hi Felix,
I have VRF-lite in the same router and WAE (SRE CARD). is this the same case?
Marcin
02-11-2013 04:04 PM
Hello Martin,
Overlapped IP addresses are allowed in different VPNs when using VRF-lite and the Cisco document I share clearly mention that the workaround (route-leaking) can do the job if there are non-overlapping addresses... still I'm not the best guy to answer this. Please address these questions to your Cisco partner or cisco account manager.
Regards,
Felix
02-11-2013 04:15 PM
Hi Felix,
I don't have overlaping addresses . But when I leak routes between all vrf's , they will be useless from my point of view.
Official info from local Cisco is thet MultiVRF won't work in that kind environment.
Marcin
02-11-2013 07:18 PM
Hi,
Ideally yes when you leak routes the purpose of VRF is defeated. However if you cannot dedicate a WAE per VRF and want to use the same WAE for all VRFs then you got to perform route leaks to allow the communication between the WAE and the Router IDs in different VRFs or into Global depending on whether the WAE is in a separate VRF or in Global.
Again it has to be made sure that there are no-overlapping IP Address across VRFs.
Kiran
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide