Solved: Re: WCCP redirected packets

zebula · ‎04-26-2011

Need some help determining what dictates how the packets are redirected (process or cef).

I have a router with 2 ethernet interfaces. CEF is running on both of them. On one of the interfaces most of the packets are Processed redirected and another interface the packets are CEF redirected. Wondering why they are different.

Any info would be appreciated.

Below is the WCCP and CEF info.

Global WCCP information:
    Router information:
        Router Identifier:                   x.x.x.x
        Protocol Version:                    2.0

    Service Identifier: 61
        Number of Service Group Clients:     2
        Number of Service Group Routers:     1
        Total Packets s/w Redirected:            2436488786
          Process:                                        249998
          CEF:                                              2436238788
        Service mode:                        Open
        Service Access-list:                 -none-
        Total Packets Dropped Closed:        0
        Redirect Access-list:                OPTEMAN-BYPASS-WAE
        Total Packets Denied Redirect:       293564010
        Total Packets Unassigned:            80064
        Group Access-list:                   -none-
        Total Messages Denied to Group:      0
        Total Authentication failures:       0
        Total Bypassed Packets Received:     349

    Service Identifier: 62
        Number of Service Group Clients:     2
        Number of Service Group Routers:     1
        Total Packets s/w Redirected:        1874932512
          Process:                                     1871359851
          CEF:                                         3572661
        Service mode:                        Open
        Service Access-list:                 -none-
        Total Packets Dropped Closed:        0
        Redirect Access-list:                OPTEMAN-BYPASS-WAE
        Total Packets Denied Redirect:       404546425
        Total Packets Unassigned:            113696
        Group Access-list:                   -none-
        Total Messages Denied to Group:      0
        Total Authentication failures:       0
        Total Bypassed Packets Received:     18

sho ip cef gi0/1 det
IPv4 CEF is enabled and running
VRF Default:
1611 prefixes (1611/0 fwd/non-fwd)
Default network 0.0.0.0/0
Table id 0
Database epoch: 0 (1611 entries at this epoch)

>sho ip cef gi0/2 det
IPv4 CEF is enabled and running
VRF Default:
1611 prefixes (1611/0 fwd/non-fwd)
Default network 0.0.0.0/0
Table id 0
Database epoch: 0 (1611 entries at this epoch)

Daniel Arrondo Ostiz · ‎04-27-2011

Hi

As we were suspecting, the configuration of these two interfaces is different. Gi0/2 is using a crypto map.

If a packet follows the software path to apply the crypto operations (either because your router doesn't support hardware crypto acceleration or something else), then it would make sense that the WCCP redirection is also done in software.

Most likely, if you tried to remove the crypto configuration from the interface, you would immediately see WCCP traffic being processed by CEF

Regards

Daniel

View solution in original post

Daniel Arrondo Ostiz · ‎04-27-2011

Good afternoon,

The way WCCP traffic is processed depends on what is configured on the interface.

My guess is that these two interfaces are using different features, one of them forcing the WCCP processing to be process-switched. If you paste the interface configuration I can have a deeper look.

Regards

Daniel

zebula · ‎04-27-2011

Daniel,

Here are the configs

interface GigabitEthernet0/1
description LAN connection

ip address z.z.z.z

ip access-group ICMP in
no ip redirects
no ip proxy-arp
ip wccp 62 redirect in
ip flow ingress
ip flow egress
ip tcp adjust-mss 1360
duplex auto
speed auto
media-type rj45
negotiation auto
!
interface GigabitEthernet0/2
description MAN connection

ip address x.x.x.x

ip wccp 61 redirect in
ip flow ingress
ip flow egress
load-interval 30
duplex full
speed 1000
media-type sfp
no negotiation auto
crypto map y

Daniel Arrondo Ostiz · ‎04-27-2011

Hi

As we were suspecting, the configuration of these two interfaces is different. Gi0/2 is using a crypto map.

If a packet follows the software path to apply the crypto operations (either because your router doesn't support hardware crypto acceleration or something else), then it would make sense that the WCCP redirection is also done in software.

Most likely, if you tried to remove the crypto configuration from the interface, you would immediately see WCCP traffic being processed by CEF

Regards

Daniel

zebula · ‎04-27-2011

Daniel,

Since the crypto map (which is needed) is forcing the need for the redirected packets being process addressed and not cef, I will not be able to cef all the packets. Which is fine since I now know the answer.

Thanks for your help.

zebula · ‎04-27-2011

Daniel,

I was just looking at a site that I have a 3845 set up pretty much the same way, except I have a DS3 on the WAN side.

When I look at the WCCP on the 3845, they are all handled via cef.

Any ideas on that?

Here is the wccp info and interface configs on the 3845

#sho ip wccp
Global WCCP information:
    Router information:
        Router Identifier:                   X.X.X.X
        Protocol Version:                    2.0

    Service Identifier: 61
        Number of Service Group Clients:     1
        Number of Service Group Routers:     1
        Total Packets s/w Redirected:        557409875
          Process:                           0
          CEF:                               557409875
        Service mode:                        Open
        Service Access-list:                 -none-
        Total Packets Dropped Closed:        0
        Redirect Access-list:                -none-
        Total Packets Denied Redirect:       0
        Total Packets Unassigned:            672
        Group Access-list:                   -none-
        Total Messages Denied to Group:      0
        Total Authentication failures:       0
        Total Bypassed Packets Received:     85

    Service Identifier: 62
        Number of Service Group Clients:     1
        Number of Service Group Routers:     1
        Total Packets s/w Redirected:        546427512
          Process:                           4
          CEF:                               546427508
        Service mode:                        Open
        Service Access-list:                 -none-
        Total Packets Dropped Closed:        0
        Redirect Access-list:                -none-
        Total Packets Denied Redirect:       0
        Total Packets Unassigned:            0
        Group Access-list:                   -none-
        Total Messages Denied to Group:      0
        Total Authentication failures:       0
        Total Bypassed Packets Received:     10

interface GigabitEthernet0/0
description LAN
ip address
ip wccp 61 redirect in
ip flow ingress
ip flow egress
ip tcp adjust-mss 1360
duplex full
speed 100
media-type rj45

interface Serial2/0
description WAN
bandwidth 45000
ip address
ip wccp 62 redirect in
ip nbar protocol-discovery
load-interval 30
dsu bandwidth 44210
scramble
crypto map ZZZ