Solved: Thanks for taking time to

TCAM · ‎03-24-2014

I was doing a packet capture on waas, the pcap shows source & destination ip address as well as Bi-directional packet flow with no issue.

However, when I did the "show stat conn" on waas, i didn't see the traffic in question. Why?

Is that because the traffic is not matched by "optimization class-map' and "optimization polices"?

if this is the case, what does waas do? My initial thought was that waas will put it in PT (pass-through) mode but it doesn't look like it

Does anyone has anyone idea?

Thanks

Balakrishnan Rajvel · ‎03-25-2014

Hi ,

Most of the traffic which we use in the current world was already predefined by cisco. If traffic does not falls in any of the predefined class map then it should use the TCP generic optimization+ compression method - (TGDL/T/TG/TDL/PT In Progress or in wrost case you should see them in EXTERNAL CLIENT/PT Asymmetric/PT no peer).

Can you please let us know whether the traffic is TCP or UDP traffic ?

If you are seeing the traffic EXTERNAL CLIENT/PT Asymmetric/PT no peer then you need verify the packet flow routing path. If you are not seeing any one of the above mentioned class then you should check the WCCP/Inline configuration.

Regards,

Bala

View solution in original post

finn.poulsen · ‎03-26-2014

Hi Joe,

WAAS ignores (and bridges when in inline mode) UDP traffic, and you won't see it, unless you, as you tried, does a packet capture.

So it doesn't count anywhere, besides the interface statistics, because it never hits the applicastion policies.

Best regards

Finn Poulsen

View solution in original post

Balakrishnan Rajvel · ‎03-25-2014

Hi ,

Most of the traffic which we use in the current world was already predefined by cisco. If traffic does not falls in any of the predefined class map then it should use the TCP generic optimization+ compression method - (TGDL/T/TG/TDL/PT In Progress or in wrost case you should see them in EXTERNAL CLIENT/PT Asymmetric/PT no peer).

Can you please let us know whether the traffic is TCP or UDP traffic ?

If you are seeing the traffic EXTERNAL CLIENT/PT Asymmetric/PT no peer then you need verify the packet flow routing path. If you are not seeing any one of the above mentioned class then you should check the WCCP/Inline configuration.

Regards,

Bala

TCAM · ‎03-25-2014

Thanks for taking time to reply my question.

Traffic is UDP and the WAAS is in In-line mode. Traffic is not classified by class-map or policy.

I saw traffic using "packet-capture" command but I didn't see them on 'show stat conn" command at all (not in EXTERNAL CLIENT/PT Asymmetric/PT no peer). It just disappear, It is kind of strange? Is there any way or command I can use to see the traffic on WAAS?

Thanks

finn.poulsen · ‎03-26-2014

Hi Joe,

WAAS ignores (and bridges when in inline mode) UDP traffic, and you won't see it, unless you, as you tried, does a packet capture.

So it doesn't count anywhere, besides the interface statistics, because it never hits the applicastion policies.

Best regards

Finn Poulsen

TCAM · ‎03-26-2014

This makes sense and explain why it didn't show up on show stat conn command. Thanks!

TCAM · ‎03-26-2014

Hi Finn - just wanted to clairfy that are you saying if the traffic is UDP running in WCCP mode then we should see it using show stat conn command? or it just behaves like the In-line mode?

finn.poulsen · ‎03-26-2014

Hi Joe,

If you're running WCCP redirection, you will not see UDP traffic either ... but for another reason :

WCCP version 2 can redirect both TCP or UDP ...but not both within the same service group. And if you are using "tcp-promiscuous" (group 61 and 62) you're stuck to TCP.

Check this link : https://supportforums.cisco.com/discussion/11114986/wccp-web-cache-vs-service-numbers

So in a WCCP setup (with groups 61/62) you won't see UDP, because the router doesn't redirect it, and the UDP packet will follow the ordinary path through the router.

In an in-line setup, these packet will just get bridged through.

Best Regards

Finn Poulsen

TCAM · ‎03-26-2014

Hi Finn - good info, thanks for the link. How about PBR policy route setup? it should route tcp and udp traffic to waas. Since waas is not processing udp, it will be bridged in in-line mode and PT Asymmetric/PT no peer in pbr mode? am i making sense?

finn.poulsen · ‎03-27-2014

Hi Joe,

Using PBR is more or less the same.

Normally with PBR it would make sense to use specific ACL for redirecting traffic.And as such, I would suggest that you only permit TCP traffic, because there is no reason for redirecting UDP, since the WAE cannot process it.

If you were including UDP traffic, you'll end up in almost the same situation as with "inline" - you'll still not reach the policy engine and thus you cannot see the traffic as passthrough or anything other.Difference is the return traffic (optimized or not) will be "routed" back to the router and not bridged like in inline.

I would strongly suggest that you use PBR as a last resort, where you cannot use WCCP or INLINE.

But I'm wondering what you want to gain from this ? - if it's traffic visibility I would strongly suggest that you use AVC/Netflow on the router.

Best Regards

Finn

what does waas do, if there is no match on "optimization class-map' and "optimization polices"?