WCCP was initially designed as a component of Cisco IOS Software whose purpose was to intercept HTTP traffic traversing a router and redirect that traffic to a local cache with the aim of reducing access times to websites and conserving wide area link upstream bandwidth. With the introduction of WCCPv2, the scope of the protocol widened to include traffic types other than HTTP, allowing the protocol to be used as a more general interception mechanism. In WCCPv2 clients specify the nature of the traffic to be intercepted and forwarded to external devices, which are then in a position to provide services, based upon the traffic type, such as WAN optimization and application acceleration.
WCCP v2 protocol
WCCP v2 specifies interactions between one or more WCCP servers and one or more WCCP clients. The WCCP server role can be performed by some intelligent router device; the WCCP client could be a content caching engine or some other service delivering appliance. The purpose of the interaction is to establish and maintain the transparent redirection of selected types of traffic flowing through a router or group of routers. The selected traffic is redirected to a cache engine or group of caches with the aim of providing some kind of service such as optimizing network resource usage, lowering response times, improving security and so on. WCCP transparently redirects a variety of traffic types, specified by protocol (TCP or User Datagram Protocol [UDP]) and port. End users do not know that the page came from the cache engine rather than from the originally requested web server.
WCCP best practices for WAAS deployment
Use WCCP GRE encapsulation when working with routers because most routers do not support L2 redirection. Use WCCP L2 Redirection as the packet forwarding method when working with switches or Cisco 7600 series routers, because redirection can be performed in hardware. This approach minimizes the CPU workload on the Cisco WAE and the switch, and can improve overall performance.
Do not use the default mask when using Mask Assignment.
Branch Mask Value: In a branch office, source IP addresses are typically assigned sequentially by DHCP. This results in addresses that vary only in the least significant bits. Mask distribution can be maximized here by specifying a WCCP mask in the range of 0x1 thru 0x7F depending on the number of WAAS devices.
Data Center Mask Value: In a large enterprise network address allocation scheme, these subnets vary in the third tuple of the IP address quadruple (/24 address mask) so the WCCP mask can be specified between 0xF00 thru 0x7F00.For a large Data Center with /16 address mask for branch locations, use WCCP masks in the range of 0xF0000 and 0x7F0000.
For topologies, where Path Affinity needs to be maintained between the WCCP router/switch and WAAS, use WCCP GRE Return or Generic GRE as the WAAS Egress Method.
For Catalyst 6500/7600 platforms which does GRE in the hardware, use Generic GRE as the Egress Method for Path Affinity requirement, instead of using WCCP GRE Return
Incase if WCCP weight factors are used, to guarantee complete WCCP failover coverage, use weight factors for individual devices that are greater than 100.
Avoid specifying tcp ports as part of an ACL for WCCP Redirect List. This can cause severe issues if the network configuration results in any packet fragmentation.
Instead of using Static Bypass Feature of WAAS, apply WCCPv2 redirect list ACLs on the router/switch wherever possible to prevent unnecessary processing and packet routing on the router/switch.
While configuring WCCP on the Router, it is always recommended to enable IP CEF on the router.
The following best practices should be followed for implementing WCCP on a hardware-based platform: L2 Forwarding;Mask Assignment; Inbound Interception; No "ip wccp redirect exclude in"; WAAS Egress Method: IP Forwarding, Generic GRE (Cat6k PFC-based systems only)
Before placing any "ip wccp redirect out" CLI command on a router interface, always check to make sure you have already placed an "ip wccp exclude in" on the interface through which the WAAS WAEs will return traffic to the router. Failure to do this may result in total loss of connectivity with the router.
This may be the wrong place to post this question but I'm having a weird issue accessing the APIC GUI from my home internet. When on my ISPs service, I cannot access the GUI of any of my companies APICs. I can only ping the APIC IP with a max MTU size of ...
Hello Team,We are having ACI Fabric with 2 Spine switches and 4 leaf switches connected to 3 APIC. Now out of 4 leaf switches, 1 chassis has hardware issue and want to replace the same. I am looking for the steps to replace the leaf switch in the ACI Fabr...
Hi,We are installing two differents fabric (integration and production) and to avoid any configuration mistakes, we would like to customize the header background image for the Front Page of APIC.One idea that comes to my mind is to modify css file from in...
Hi Guys,I'm trying to figure out how to redirect specific BD to a specific l3out. Let's try to be more clear through an exemple :I have 2 L3out :- L3out_core (where the default route is currently pointing to) - L3out_firewall All traffic is...
Managing a 10.4.2 DCNM server with radius/tacac user authentication enabled, so no local accounts. I have a user whenever he logs in his profile seems corrupt, GUI interface shows garbled text and topology is not functioning correctly. All oth...