WAAS wccp configuration on 6500 switches

Answered Question
Nov 15th, 2007
User Badges:

Hi all,


I've been trying to set up a test lab for a client involving a WAAS remote site connected to the data centre via a p2p link.


For the purpose of the lab, and on lacking an additional switch there, I have created two vlans on the 6500 data centre switch(vlan 500 for WAE and 600 for Users) and connected them via a trunk port to the remote WAN router since the ISR is lacking an extra interface for dedicated lan access to the Edge WAE. A p2p link on interface g2/6 is connecting the 6500 data centre switch to the remote WAN router.


WCCP redirection has been configured on vlans 30 and 40 where the data centre servers are attached. Vlan50 is hosting the Core WAE and CM machines. The path to the remote site to the data centre appears to be ok and both Core and Edge WAE have been registered to the CM successfully with all default policies applied. However, I cannot see any optimized flows during file transferring.


Attached are the configuration files of all the relevant equipment. I have noticed that on the Core WAE when you check the wccp routers configured, I'm getting a router ID different than the ip address in which the WAE is senting traffic(i.e svi or gateway address). This address appears to be the loopback 0 on the 6500 switch. What is the role of this Router ID there? I have found no reference about it in any config guides from Cisco.


Any ideas?


Panos







Correct Answer by Zach Seils about 9 years 7 months ago

Panos,


Did you exclude the ATP configuration from the output you posted on purpose? Please provide the output from the CLI command 'sh pol stat' on both WAEs.


What is the file transfer protocol you are using?


For optimal performance, you should change the WCCP configuration on the core WAE to the following:


wccp router-list 1 10.76.136.73

wccp tcp-promiscuous router-list-num 1 l2-redirect mask-assign

wccp version 2


In addition, please remove the 'ip wccp redirect exclude in' command from the 6500 configuration. This can have a negative impact on performance, and isn't required when only using inbound redirection.


Lastly, please upgrade to the latest 4.0.13 WAAS release on CCO.


Thanks,

Zach



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Correct Answer
Zach Seils Thu, 11/15/2007 - 06:29
User Badges:
  • Cisco Employee,

Panos,


Did you exclude the ATP configuration from the output you posted on purpose? Please provide the output from the CLI command 'sh pol stat' on both WAEs.


What is the file transfer protocol you are using?


For optimal performance, you should change the WCCP configuration on the core WAE to the following:


wccp router-list 1 10.76.136.73

wccp tcp-promiscuous router-list-num 1 l2-redirect mask-assign

wccp version 2


In addition, please remove the 'ip wccp redirect exclude in' command from the 6500 configuration. This can have a negative impact on performance, and isn't required when only using inbound redirection.


Lastly, please upgrade to the latest 4.0.13 WAAS release on CCO.


Thanks,

Zach



p.stavrinou Fri, 11/16/2007 - 05:36
User Badges:

Zach,



Thanks for the prompt reply.


Attached are the WAE configs with the 'sh pol stat'command issued.

What i was trying is an initial file transfer from a file server on the data center.

I should note that i have not enabled File Services yet, just a preliminary check without and with wccp enabled.

However, in previous configs i have done(with versions 4.0.7) i should be getting at least some acceleration no?


I have tried setting the command 'wccp tcp-promiscuous router-list-num 1 l2-redirect mask-assign' on the Core WAE as you noted and

disabled redirection on 6500 WAE vlan 'ip wccp redirect exclude in' . None of them seemed to be helping out.


I'm currently in the process of upgrading to 4.0.13 version. One concern though...some ISRs with WAAS NM modules

have been shipped to some customer branch locations running 4.0.9.b.10 as well. These will be registered on the manager after the WAN links will come live, not now.

I've read that if i am to have interoperation between different versions i should keep the WAAS CM to the lowest version of them all right?

Will they be able to register to the CM without any problems?


So, do i have to upgrade the CM now, or just the two endpoint devices(Core and Edge) which are part of the optimization process?


Will be keeping you informed of the progress after the upgrading of the WAEs. Thanks again for your support


Panos








Attachment: 
Zach Seils Mon, 12/03/2007 - 06:11
User Badges:
  • Cisco Employee,

Panos,


The output looks as expected.


Any change in behavior since the upgrade? DO you see the connections in the output of 'sh tfo conn summ' when the file transfer is active?


Zach



p.stavrinou Fri, 12/07/2007 - 00:41
User Badges:

Zach,


It seems like the optimization is working. I can see tfo connections being optimized according to the policies set. The scenario has changed a bit. We now have added an ACE into the configuration with the File and TS servers sitting behind the ACE module, accessed via an ACE VIP address to perform load balancing on the servers.


We are really interested in optimizing the MS terminal services through the WAAS so we disabled native compression/encyption on both server and client sites. So i have a couple of questions:


1. What is the exact change i need to do on the policies to gain full optimization from the WAAS engines? I changed policies from TFO only to Full Optimization already, on the AllDeviceGroup which includes both Core and Edge devices so that the policy in uniformly distributed on both the Core cluster and all Edge devices which are members of this group. Am i right on this?


2. Apart from choosing the Action(Full optimization) for a policy, there's a field called Accelerate which has 3 options to choose from: Do not set, MS port mapper and CIFS Accelerator. What is the difference between them?


Thanks.


Panos

Zach Seils Fri, 12/07/2007 - 05:58
User Badges:
  • Cisco Employee,

Panos,


1. This is correct.


2. The 'Accelerate' option is used to pass traffic to one of the application adapters. The available adapters in the current version are:


Do not set: N/A

MS port mapper: Classification engine for MS-RPC traffic

CIFS Accelerator: Wide Area File Services (SMB traffic)


In the future, additional adapter will be added.


Zach



p.stavrinou Thu, 12/13/2007 - 10:23
User Badges:

Zach, thanks again for all the help.


The problem has been resolved. Applied default policies from baseline group, disabled MS native optimizations and tuned rdp for full optimization. Got some pretty good results.


Got another question now: The client has requested printing features for some of his remote services so from what i've read i have to add the devices into the AD to comply with the domain policy since users will be logging on the domain. How do i do that? The devices will be added by NETBIOS name simply as computers or we have to create any other object groups etc ?


Panos



Zach Seils Fri, 12/14/2007 - 07:12
User Badges:
  • Cisco Employee,

Panos,


The steps for configuring Windows Authentication are available here:


http://cisco.com/en/US/partner/docs/app_ntwk_services/waas/waas/v4013/configuration/guide/admin.html#wp1042876


The print services feature in and of itself does not require Windows authentication to be configured, but there are some cases where the AD policies requires the WAE to be a member of AD before it will allow a client to download print drivers from it (for Microsoft Point N' Print feature). Is this the case with your deployment?


Zach



p.stavrinou Mon, 12/17/2007 - 06:08
User Badges:

Zach,


Printing seems to be working ok now. Although the printer drivers were correctly distibuted to the WAE Print servers, I was getting some error msg that "Access is denied" when the end user tried to connect to the printer. I missed the initialization part that has to be done for each driver separately at the print server.


Thanks again for all the help.


Panos.

Actions

This Discussion