Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
708
Views
0
Helpful
1
Replies

WSA deployment strategy when deploying multiple devices in transparent mode

sadik.sener1
Level 1
Level 1

‎06-19-2017 10:41 AM

Hi all,

I have a pair of S390. We want to deploy them in transparent mode.  Our target is to redirect the web traffic using WCCP.

I found this article and read the answer already.

https://supportforums.cisco.com/discussion/11753771/wsa-redundancy-and-wccp-questions

The answer is satisfactory for me. I would like to use both boxes active, to achieve better performance.

My concern is about the load balancing and the TCP states etc. The answer on the link says : "they're all in the WCCP cluster, with the router doing the load balancing beween the detected proxies" 

Can someone confirm that if this statement is still valid? If wccp handles this distribution smoothly , i'll use it. If not, i'll use the load balancer as a distribution point.

Kind regards.

Sadik

Labels:
0 Helpful
1 Reply 1

Ken Stieers
VIP
VIP

‎06-19-2017 11:00 AM

Yes, that's how WCCP works.

How the data gets spread is based on what you choose, mask or hash, and what hash you use.

https://notalwaysthenetwork.com/2015/02/05/deep-dive-into-load-balancing-with-wccp/

The other thing to note is you want to make sure the acl you use on the firewall has denies for the 2 WSA's.  Otherwise you can end up with loops.

access-list WCCP_Redirect extended deny ip any object-group our-Internal
!WSA1

access-list WCCP_Redirect extended deny ip host 172.16.15.10 any  

!WSA2

access-list WCCP_Redirect extended deny ip host 172.16.15.27 any
access-list WCCP_Redirect extended permit ip object-group our-Internal any

wccp 90 redirect-list WCCP_Redirect password *****
wccp interface inside 90 redirect in

0 Helpful
Customers Also Viewed These Support Documents