The WAAS system consists of a set of devices called wide area application engines (WAEs) that work together to optimise TCP traffic over your network. If one WAE fails or experiences issues this reflects in overall system performance. Data replication applications are dependent on the IP network infrastructure for their performance. Wide Area Networks (WAN) introduce latency, packet loss, congestion and bandwidth limitations that impact data replication performance.
TCPReplay is a tool designed to capture TCP based network traffic to a file. It is also designed to replay TCP traffic flow found within a previously-generated capture file between two nodes by acting on behalf of the nodes exchanging data in the capture file. For instance, a packet capture can be taken from a client running a specific application when accessing a specific server. This capture file can then be replayed between two network nodes using TCPReplay - one node will emulate the client and the other will emulate the server without having the client or server software installed on either host. In this way, the conversation will be "replayed", and if done with Cisco WAAS in the path between the communicating node, this will show with a fair degree of certainty the effectiveness of Cisco WAAS on that particular application.
TCPReplay relies on PCAP, an application programming interface (API) for packet capturing. The implementation of PCAP for Unixlike systems is known as libpcap, while the Windows port of libpcap is called WinPcap. With TCPReplay, traffic from a production application on a production network can be captured and replayed offline in a non-production environment using a different client and server. This helps to isolate the performance validation of Cisco WAAS from the production network while still providing accurate results. One does not need to reconstruct the application infrastructure in the captured network, as the two nodes replaying the network traffic will be simulating the client and server message exchanges.
WinPcap library 3.1 or later.
How To Install
To install TCPReplay follow these steps:
Step 1. Install WinPcap libraries (provided with the package) on both machines that will be involved in the replay. Make sure
to install them while logged on with an account with sufficient privileges. Note that WinPcap is commonly installed
when installing applications such as Wireshark or Ethereal for packet capturing.
Step 2. Copy the tcpreplay.exe file to a directory in the system path, such as C:WINDOWS or C:WINDOWS\SYSTEM32.
This needs to be done on both machines involved in the replay.
Steps for Executing TCPReplay
Follow these steps for analyzing traffic by running TCPReplay:
Step 1. Get the TCP dumps from the production network.
Step 2. Make sure that the TCP dumps contain the complete TCP Handshake.
Step 3. Get the Server and Client IP for which the complete TCP Handshake is captured.
Step 4. Also get the details of the applications / ports the client was connecting to server on.
Step 5. Download the TCPREPLAY.exe and place it in a folder under C;
Step 6. Make sure that the client PC and the Server has WinPCAP installed.
Step 7. Place the TCP dump from the customer in to the folder where TCPREPLAY.exe is placed.
Step 8. Make sure to clear the DRE and CIFS cache and statistics from both the branch and DC WAEs.
Step 9. Make sure that WCCP or the Inline interception is properly configured so that the traffic traverses both side WAEs.
-l is the local IP address in the trace (this should be client IP in the trace when run on the Branch end)
-r is the remote IP address in the trace to replay (this should be the server IP in the trace when run on Branch end)
-h is to mention the IP Address of the actual server in lab where the TCPREPLAY is listening on the emulated server port.
Once the TCPREPLAY process starts running on both sides, the client PC uses the input trace file and establishes connections with server using the same packet size and content as contained in the input trace file. The connection stats and the corresponding optimization can be checked on the WAEs and on CM as well.
To replay a capture file called "capture.cap".
1. Copy the "capture.cap" file to both client and server.
2. Start the server first:
./tcpreplay -r -i capture.cap -l -r
3. Start the client next:
./tcpreplay -r -i capture.cap -l -r -h
Important points to avoid errors
a). Make sure that the TCPREPLAY is bind to the proper IP Address on the server, else connection from client will fail.
b). The server natively should not have any ports open that are mentioned in the input trace file for the server else they will clash and will fail.
c). The input trace file should contain the complete TCP handshake else connection wouldn't get established through WAEs.
hello,is there anyway from the GUI to find physical interfaces that belong to a specific description?something equal to: #show interface description | i dc or a command on the leaf? Best regardsEzzedine
Hi,I'm trying to see if there's a way to SPAN a port on Nexus 9300 to a destination port on Catalyst 3750X. I think I've reached a road block in that the Catalyst supports only RSPAN VLAN, while it seems that the Nexus only supports ERSPAN and...
Folks, I'm desperate...Have been beating the head against the wall and still at nowhere.Need to simulate vPC between two NX-OS switches. Using a virtual appliance of Nexus 9000v, namely nexus9300v.9.3.4.Used it on ESXi and even EVE-NG simulator. The ...
Hello! My customer recently run a vulnerability test on his Nexus 7000 and 5000 aquipment. The test shows the following vulnerability "Deprecated SSH Cryptographic Settings" within SSH configuration with the following impact "A man-in...