ASK THE EXPERT - WIDE AREA APPLICATION SERVICES (WAAS)

Unanswered Question
Dec 12th, 2008

Welcome to the Cisco Networking Professionals Ask the Expert conversation. This is an opportunity to get an update for how to deploy and troubleshoot Cisco WAAS v4.1.1 with Cisco expert Robert Pethick. Robert is a consulting systems engineer in the channels data center - east organization. His primary responsibilities are the training and enablement of Cisco partners for the application network service product portfolio. Prior to joining the data center - east team, he was a systems engineer a large enterprise financial customer in New York, NY, supporting routing and switching network design and deployment projects. Robert has been Cisco for nearly 4 years. Prior to joining Cisco he owned his own business centered on network and application performance. With nearly 20 years of networking experience, he holds a degree in electrical engineering from the University of New Haven and is currently pursuing CCIE R&S certification.

Remember to use the rating system to let Robert know if you have received an adequate response.

Robert might not be able to answer each question due to the volume expected during this event. Our moderators will post many of the unanswered questions in other discussion forums shortly after the event. This event lasts through December 24, 2008. Visit this forum often to view responses to your questions and the questions of other community members.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
ropethic Fri, 12/12/2008 - 14:45

It depends on what version of 4.0 you are running.

I personally upgraded my lab and ran into problems. I tried upgrading from 4.0.7 to 4.1.1b unsuccesfully. This is due to the disk structure between the two version.

I upgraded to 4.0.15 and just to be safe to 4.0.19 then to 4.1.1b. Worked fine.

Upgrade is completed by using the WAAS recovery CD on each WAE or by specifying a location on teh WAAS Central manager and upgrading WAEs via device group or individually.

The important thing to keep in mind is to upgade the central manager first. This is opposite of the recommendation when upgrading 4.0 versions

Please go to the following link for upgrade procecedures:

http://www.cisco.com/en/US/docs/app_ntwk_services/waas/waas/v411/configuration/guide/maint.html#wp1100839

b-beavers Fri, 12/12/2008 - 15:08

WAAS managment. Beside the new 4.1 CM enhancements and NetQos integration are there any other management or reporting tools that help with showing the performance and optimization benefits of WAAS? Do you have a dashboard or reporting format that you like to use to deliver status of WAAS with?

ropethic Fri, 12/12/2008 - 15:38

Cisco WAAS 4.1 CM provides enhanced reporting capabilities over previous versions.

There are predefined reports toinclude connection and peer device reporting, tcp connections, application response and more.

To view some of thre graphical reporting features please see the following URL:

http://www.cisco.com/en/US/docs/app_ntwk_services/waas/waas/v411/configuration/guide/monitor.html

During proof of concepts and any demo of WAAS, the application traffic volume and application reduction graphs show immediate benefits to customers that are easy to decipher.

I also will ask customers to check utilization of the links before and after waas deployment if BW is the concern. If app performance is the goal then the appliaction optimizer detailed reports are very useful in showing response time improvement

jkeeffe Mon, 12/15/2008 - 08:08

I have a WAE-7341-K9 I plan on connecting between our two 6509 Distribution Layer routers. (See diagram) I was advised to configure the 7341 to connect to the two 6506s at layer two, and to have both 7341 interfaces in a different subnet. And finally to apply these two commands to the 7341:

wccp tcp-promiscuous router-list-num 1 l2-redirect l2-return mask-assign

egress-method nefotiated-return intercept-method wccp

I'm a little confused about the advise to have the 7341 connect to the 6506s at layer 2, yet have both 7341 interfaces in a different subnet. Does this just mean to have an SVI configured on each 6506 and assign the port to that vlan, as opposed to configuring the 6506 ports as L3 router ports? I have a sample IP config in the diagram.

ropethic Mon, 12/15/2008 - 13:24

WCCP by default will bind to one interface on the WAE. If your goal is to ensure all traffic is redirected from both distribution switches, then typically either two WAEs are deployed for each switch, or redirected to one WAE on either switch based on redirect applied to all interfaces.

That said, will your design work. You can check by creating a wccp router-list to include both vlan interfaces in your design. They appear to be on different subnets based on the /30 as well. Different subnets are not a requirement.

Also what are you tryign to accomplish? make sure traffic is redirected from both swicthes? redundancy?

I will try and setup a 512 appliance in my lab later in the week to test as well.

I am attaching a WAAS DC design guide for your reference.

Attachment: 
jorjes1984 Thu, 12/18/2008 - 08:17

Hello

I wanna ask you what is the best recommended way to minimize the "OTHER TRAFFIC" that shows in the reports?

ropethic Thu, 12/18/2008 - 17:58

if you go to manage devices and select a WAE, Under monitoring there is a connection subheading.

Scroll through your connections and identify the client destination TCP port number for the connections that are not part of the default application policy.

You will need to configure a new policy and classifier for the other traffic identified in the connection list.

ropethic Thu, 12/18/2008 - 18:14

Depends on a number of factors.

Inline is the simpliest deployment method requiring no router configuration, IOS requirements, or harware restrictions (other than 10M half duplex). The inline adapter is equipped with a 2 x 2 port GE group, allowing for connectiosn to single or redundant routed paths. It also has a mechanical fail to wire should the WAE be powered off and such. Some organizations are not comfortable with a WAE inline at the core site seeding all the WAN/MAN connections.

WCCP is the recommended solution for the core location due to its scalabilty, fault detection of client ans servers in a group and load balancing capabilities. However minumum platform and IOS revisions need to be adhered to.

The recommendation is to go inline at the branch and wccp for core DC and larger regional offices.

Where possible, you can also utilize the WAE-NME for Intergrated service routers (ISR) 28 and 3800. The NME uses WCCP between module and router.

Other considerations would be who manages the routers. Some orgs have carrier managed services and cant configure their routers so inline is the least resistant choice for the core location as well.

Lungelo Ngqumetyana Thu, 12/18/2008 - 22:37

I have a small question which concerns me though. Why do you get so many WAFS connection showing under Optimized connections and on the router the WAN link is running at 80% due to over utilization. What causes this?

ropethic Fri, 12/19/2008 - 02:58

Really not enough information to ascertain exactly what is happening.

Check to see if you ae getting many unoptimized connections that may be rasing utilization. Also check to see if the WAE is placed directly behind WAN entry making sure some other client vlans are not accessing the WAN physically bypassing wae. There could be a number of reasons this is occurring. You will need to dig a bit deeper.

Also, I believe if a circuit is running a 70-80% utilizaion without experiencing any queue delay or dropped packets, then wan is being used pretty efficiently.

benjamin2009 Sat, 12/20/2008 - 16:23

Dear Rob Pethick

I have been testing 2610 and 2611 routers (The only connection is through console port and ethernet to the TFTP server). The routers recognize all the Ethernet and WAN interfaces. The ethernet LED is OK but the WAN cards LED are off as there are unconnected.I have configured the interfaces of these WAN cards(A BRI port and SERIAL port) with IP address, when i use the command Show interface i can see all the interfaces are UP and line protocol is UP. Is this enough to testify that the WAN cards are GOOD or is there any other technical way to test these modules. Does it need to connect all these WAN cards and PING them or is there a command which will be enough to prove that the WAN cards are all GOOD and not FAULTY. Excuse me as this question might not concern your current topic please i need your help.

Best Regards

Alamein Amour

email: [email protected]

benjamin2009 Sat, 12/20/2008 - 16:24

Dear Sir

I have been testing 2610 and 2611 routers (The only connection is through console port and ethernet to the TFTP server). The routers recognize all the Ethernet and WAN interfaces. The ethernet LED is OK but the WAN cards LED are off as there are unconnected.I have configured the interfaces of these WAN cards(A BRI port and SERIAL port) with IP address, when i use the command Show interface i can see all the interfaces are UP and line protocol is UP. Is this enough to testify that the WAN cards are GOOD or is there any other technical way to test these modules. Does it need to connect all these WAN cards and PING them or is there a command which will be enough to prove that the WAN cards are all GOOD and not FAULTY. Excuse me as this question might not concern your current topic please i need your help.

Best Regards

ropethic Sun, 12/21/2008 - 04:35

Yes,

You can perform a loopback diagnostic test ont he serial interfaces, looping transmit to receive on the T1 controller

loopback (T1 controller)

To set the loopback method for testing the T1 interface, enter the loopback controller configuration command. Use the no form of this command to restore the default value.

loopback {diagnostic | local {payload | line} | remote {iboc | esf {payload | line}}

no loopback

Syntax Description

diagnostic

Loops the outgoing transmit signal back to the receive signal

line

Places the interface into external loopback mode at the line.

local

Places the interface into local loopback mode.

payload

Places the interface into external loopback mode at the payload level.

remote

Keeps the local end of the connection in remote loopback mode.

iboc

Sends an in-band bit-oriented code to the far-end to cause it to go into line loopback.

esf

Specifies extended super frame as the T1 or E1 frame type.

Usage Guidelines

You can use a loopback test on lines to detect and distinguish equipment malfunctions caused either by line and Channel Service Unit/Digital Service Unit (CSU/DSU) or by the interface. If correct data transmission is not possible when an interface is in loopback mode, the interface is the source of the problem.

Example

The following example shows how to set the diagnostic loopback method on controller T1 0/0:

Router(config)# controller t1 0/0

loopback diagnostic

benjamin2009 Sun, 12/21/2008 - 10:52

Hello Rob Pethick

Thanks for the reply and advice. i will let you know the results as soon as i get back home from travel.

I am working at the company where i do some testing of the suspected faulty routers and switches but unfortunately sometimes there are no serial cables or other specific cables to connect these routers and switches configure the interfaces and ports and later ping between them.I was always looking for an alternative way to diagnose these interfaces and ports.If i can use loopback diagnostic to all types of routers and switches then it will be very very helpful.

and it will save me time.

Best Regards

Alamein Amour

benjamin2009 Sun, 12/21/2008 - 10:56

Hello Rob Pethick

I write to you again asking if i can use loopback diagnostic to all the WAN modules?

for example ISDN (BRI interfaces) ASDL interfaces and etc.

Best Regards

Alamein Amour

ropethic Mon, 12/22/2008 - 03:19

Please post additional requests in the network infrastructure forum.

DARYLE DIANIS Sun, 12/21/2008 - 09:37

I have an OC-3 link between 2 7204's and also have WAE-7341-K9 on each end. How should I configure the Acceleration TCP Settings to maximize throughput? Should I follow the formula calculating BDP?

thanks,

ropethic Sun, 12/21/2008 - 15:28

If you are using version 4.1 there is no need to tune the TCP buffer settings. WAAS 4.1 utilizes adaptive buffering to dynamically vary the size of the send and receive buffers to increase performance and more efficiently use the available network bandwidth.

Earlier versions recommeded 2 x the BDP. If you have very few TCP connections (< 10) then 4 x BDP. Need to be careful the larger the actual buffer size, the fewer the number of TCP connections that can be accommodated.

amitsingh799 Mon, 12/22/2008 - 00:02

Hi,

Want to know for e.g. we we take 1841 router with normal chasis having two Fastethernet routed ports. We terminate EoSDH link on one of the Fastethernet port as a WAN Connectivity and the other towards the LAN Intergartion. My Question to you is the bandwidth of Fastethernet is 100Mbps but how much we can configure the bandwidth on the Fastethernet for WAN Connectivity----Do they depend upon the backup plane and memory for the same or some other facts it depends.

Thanks

ropethic Mon, 12/22/2008 - 03:18

The 2 x 1000 HWIC will perform at line rate.

See attached, also please go to cisco.com and download the data sheet.

This Q&A is related to WAAS 4.1 Deployment and Troubleshooting. If you need more inofrmation please post in the Network Infrastructure forum.

francisco.sanches Tue, 12/23/2008 - 07:13

Hi Robert,

We are having some problems putting WAAS (4.1.1b) with wccp to work on our network.

I am going to try to describe our network:

Two client networks, A and B.

Router_A (2801) is the gateway of network A.

Router_B (2811 w/ NME-WAE) is the gateway of network B.

WAE-612_CM is CM.

WAE-612_A is connected to Router A.

NME-WAE_B is installed in Router_B

Communication between network A and network B has been confirmed.

Communication between WAE-612_CM and both WAE-612_A and NME-WAE_B has been confirmed.

Router_A configuration:

version 12.4

ip wccp 61

ip wccp 62

interface FastEthernet0/0.45

description Ligacao WAN

encapsulation dot1Q 45

ip address 192.168.45.1 255.255.255.0

ip wccp 62 redirect in

!

interface FastEthernet0/0.49

description Ligacao LAN

encapsulation dot1Q 49

ip address 192.168.49.254 255.255.255.0

ip wccp 61 redirect in

!

interface FastEthernet0/0.50

description WAE-612_CM

encapsulation dot1Q 50

ip address 192.168.50.254 255.255.255.0

Router_B configuration:

version 12.4

ip wccp 61

ip wccp 62

interface FastEthernet0/0

description Ligacao WAN

ip address 192.168.45.254 255.255.255.0

ip wccp 62 redirect in

duplex auto

speed auto

!

interface FastEthernet0/1

description Ligacao LAN

ip address 192.168.240.254 255.255.255.0

ip wccp 61 redirect in

duplex auto

speed auto

!

interface Integrated-Service-Engine1/0

ip address 10.10.10.1 255.255.255.0

service-module ip address 10.10.10.2 255.255.255.0

service-module ip default-gateway 10.10.10.1

no keepalive

NME-WAE_B configuration:

! WAAS version 4.1.1b (build b15 Oct 10 2008)

!

device mode application-accelerator

!

wccp router-list 8 10.10.10.1

wccp tcp-promiscuous router-list-num 8

!

central-manager address 192.168.50.11

cms enable

!

WAE-612_A configuration:

! WAAS version 4.1.1b (build b15 Oct 10 2008)

!

device mode application-accelerator

!

interface GigabitEthernet 1/0

ip address 192.168.50.1 255.255.255.0

exit

!

wccp router-list 8 192.168.50.254

wccp tcp-promiscuous router-list-num 8

wccp version 2

!

central-manager address 192.168.50.11

cms enable

!

With this configurations we see some traffic going to WAE but never being optimized.

We have default optimization policies applied (TCP and application level).

Questions:

• Have we configured wccp correctly? The objective is to optimize traffic form network A to network B.

• Are we missing any other configuration?

Thanks in advance,

Francisco Sanches

ropethic Tue, 12/23/2008 - 07:42

configuration looks good, but not sure I understand the WAN connection setup on router A. There are two subinterfaces being redirected, how does this conenction connect phsyically using one wire?

francisco.sanches Tue, 12/23/2008 - 07:52

interface FastEthernet0/0

description Trunk

no ip address

duplex auto

speed auto

!

The physical interface is in trunk mode to the switch (cat6500). Each sub-interface belongs to its own VLAN.

ropethic Tue, 12/23/2008 - 08:14

please forward me a diagram, also i notice all interface speeds are set to auto. make sure all interfaces show 100M full duplex and not runnign in half duplex.

Also to make sure the traffic is not being looped place ip wccp redirect exclude in on the wae interface.

ropethic Tue, 12/23/2008 - 09:50

I dont see the wae appliance interface configured on the router. I see WAN, LAN, CM but no wae.

Also,

On the WAE , perform show wccp router to see if the routers are showing up.

On router show ip wccp to see if you are actually seeing connections being redirected.

ropethic Tue, 12/23/2008 - 09:59

also make sure you are running at minimum IOS requirements

12.4(10), 12.4(9)T1, 12.4(11)T3, 12.4(15)T5, 12.4(20)T

Koiser_Nicholas Fri, 11/20/2009 - 07:50

Please help,

I am doing a demo for WAAS for a client,

The problem is waas is olny  optimising inbound branch connections,nothing happens to outbound traffic from the branch as per the attached..

As such the branch users are unable to get the benefit of an optimised WAN.

I have done everything based on the deployment guide.

Problem is,this has previously worked and WAAS worked successfully.

Am using inline method of interception.

Please help,am so devastated-someone please help so i can have WAAS do both inbound and outbound optimisation.

panmehta Wed, 02/24/2010 - 12:27

I am trying deploy WAAS in our lab. Setup in the lab is following:

Wan Router - ASA - 3560 switch - server(s)

172 network terminates on the wan router. All the server(s) terminate on the lan side.

If I deploy WAAS (with in-line module) between ASA and switch, How will it work for non compress traffic coming from other destinations?

Also, traffic going out from server only need to be compress for ingress compress traffic. Some destinations might not have a WAAS to decompress the traffic.

Thanks!

-Pankesh Mehta

392.2095

cabbage Mon, 07/30/2012 - 22:50

Hi WAAS Expert,

     We've been having this issue in our managed customer's network where WAEs' SNMP parameters are being changed sporadically. After thorough investigation, it was found out that this 'automatic' change in WAE's SNMP parameters are due to the wrong device group settings in the Central Manager. If the correct device group setting is not chose manually (according to Cisco TAC), CMS will choose the device group setting (usually the default profile) of a WAE sporadically. Hence, the parameters that are supposed to be loaded to a WAE with respect to its correct device group setting is changed. So, I tried to choose the correct device group setting for one WAE 'manually' and the changes took effect immediately. All this while, I thought this workaround is a temporary solution after a few months of  monitoring, the SNMP parameters of this same WAE was changed again. What could be the cause of this change in WAE's configuration when its device group setting is manually selected? Does it have something to do with an instance of any change made via CLI of CMS?

Actions

This Discussion