cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1319
Views
5
Helpful
8
Replies

WAAS wccp configuration on 6500 switches

p.stavrinou
Level 1
Level 1

Hi all,

I've been trying to set up a test lab for a client involving a WAAS remote site connected to the data centre via a p2p link.

For the purpose of the lab, and on lacking an additional switch there, I have created two vlans on the 6500 data centre switch(vlan 500 for WAE and 600 for Users) and connected them via a trunk port to the remote WAN router since the ISR is lacking an extra interface for dedicated lan access to the Edge WAE. A p2p link on interface g2/6 is connecting the 6500 data centre switch to the remote WAN router.

WCCP redirection has been configured on vlans 30 and 40 where the data centre servers are attached. Vlan50 is hosting the Core WAE and CM machines. The path to the remote site to the data centre appears to be ok and both Core and Edge WAE have been registered to the CM successfully with all default policies applied. However, I cannot see any optimized flows during file transferring.

Attached are the configuration files of all the relevant equipment. I have noticed that on the Core WAE when you check the wccp routers configured, I'm getting a router ID different than the ip address in which the WAE is senting traffic(i.e svi or gateway address). This address appears to be the loopback 0 on the 6500 switch. What is the role of this Router ID there? I have found no reference about it in any config guides from Cisco.

Any ideas?

Panos

1 Accepted Solution

Accepted Solutions

Zach Seils
Level 7
Level 7

Panos,

Did you exclude the ATP configuration from the output you posted on purpose? Please provide the output from the CLI command 'sh pol stat' on both WAEs.

What is the file transfer protocol you are using?

For optimal performance, you should change the WCCP configuration on the core WAE to the following:

wccp router-list 1 10.76.136.73

wccp tcp-promiscuous router-list-num 1 l2-redirect mask-assign

wccp version 2

In addition, please remove the 'ip wccp redirect exclude in' command from the 6500 configuration. This can have a negative impact on performance, and isn't required when only using inbound redirection.

Lastly, please upgrade to the latest 4.0.13 WAAS release on CCO.

Thanks,

Zach

View solution in original post

8 Replies 8

Zach Seils
Level 7
Level 7

Panos,

Did you exclude the ATP configuration from the output you posted on purpose? Please provide the output from the CLI command 'sh pol stat' on both WAEs.

What is the file transfer protocol you are using?

For optimal performance, you should change the WCCP configuration on the core WAE to the following:

wccp router-list 1 10.76.136.73

wccp tcp-promiscuous router-list-num 1 l2-redirect mask-assign

wccp version 2

In addition, please remove the 'ip wccp redirect exclude in' command from the 6500 configuration. This can have a negative impact on performance, and isn't required when only using inbound redirection.

Lastly, please upgrade to the latest 4.0.13 WAAS release on CCO.

Thanks,

Zach

Zach,

Thanks for the prompt reply.

Attached are the WAE configs with the 'sh pol stat'command issued.

What i was trying is an initial file transfer from a file server on the data center.

I should note that i have not enabled File Services yet, just a preliminary check without and with wccp enabled.

However, in previous configs i have done(with versions 4.0.7) i should be getting at least some acceleration no?

I have tried setting the command 'wccp tcp-promiscuous router-list-num 1 l2-redirect mask-assign' on the Core WAE as you noted and

disabled redirection on 6500 WAE vlan 'ip wccp redirect exclude in' . None of them seemed to be helping out.

I'm currently in the process of upgrading to 4.0.13 version. One concern though...some ISRs with WAAS NM modules

have been shipped to some customer branch locations running 4.0.9.b.10 as well. These will be registered on the manager after the WAN links will come live, not now.

I've read that if i am to have interoperation between different versions i should keep the WAAS CM to the lowest version of them all right?

Will they be able to register to the CM without any problems?

So, do i have to upgrade the CM now, or just the two endpoint devices(Core and Edge) which are part of the optimization process?

Will be keeping you informed of the progress after the upgrading of the WAEs. Thanks again for your support

Panos

Panos,

The output looks as expected.

Any change in behavior since the upgrade? DO you see the connections in the output of 'sh tfo conn summ' when the file transfer is active?

Zach

Zach,

It seems like the optimization is working. I can see tfo connections being optimized according to the policies set. The scenario has changed a bit. We now have added an ACE into the configuration with the File and TS servers sitting behind the ACE module, accessed via an ACE VIP address to perform load balancing on the servers.

We are really interested in optimizing the MS terminal services through the WAAS so we disabled native compression/encyption on both server and client sites. So i have a couple of questions:

1. What is the exact change i need to do on the policies to gain full optimization from the WAAS engines? I changed policies from TFO only to Full Optimization already, on the AllDeviceGroup which includes both Core and Edge devices so that the policy in uniformly distributed on both the Core cluster and all Edge devices which are members of this group. Am i right on this?

2. Apart from choosing the Action(Full optimization) for a policy, there's a field called Accelerate which has 3 options to choose from: Do not set, MS port mapper and CIFS Accelerator. What is the difference between them?

Thanks.

Panos

Panos,

1. This is correct.

2. The 'Accelerate' option is used to pass traffic to one of the application adapters. The available adapters in the current version are:

Do not set: N/A

MS port mapper: Classification engine for MS-RPC traffic

CIFS Accelerator: Wide Area File Services (SMB traffic)

In the future, additional adapter will be added.

Zach

Zach, thanks again for all the help.

The problem has been resolved. Applied default policies from baseline group, disabled MS native optimizations and tuned rdp for full optimization. Got some pretty good results.

Got another question now: The client has requested printing features for some of his remote services so from what i've read i have to add the devices into the AD to comply with the domain policy since users will be logging on the domain. How do i do that? The devices will be added by NETBIOS name simply as computers or we have to create any other object groups etc ?

Panos

Panos,

The steps for configuring Windows Authentication are available here:

http://cisco.com/en/US/partner/docs/app_ntwk_services/waas/waas/v4013/configuration/guide/admin.html#wp1042876

The print services feature in and of itself does not require Windows authentication to be configured, but there are some cases where the AD policies requires the WAE to be a member of AD before it will allow a client to download print drivers from it (for Microsoft Point N' Print feature). Is this the case with your deployment?

Zach

Zach,

Printing seems to be working ok now. Although the printer drivers were correctly distibuted to the WAE Print servers, I was getting some error msg that "Access is denied" when the end user tried to connect to the printer. I missed the initialization part that has to be done for each driver separately at the print server.

Thanks again for all the help.

Panos.

Review Cisco Networking for a $25 gift card