WCCP Issue between 3750 and Bluecoat

Answered Question
Dec 15th, 2008
User Badges:

Hi,


Currently trying to establish connectivity using WCCP between a 3750 switch and a Bluecoat SG510. I believe I have all the right configuration in place on both devices, but can not get them to establish connectivity. When I debug WCCP on the switch, I receive the following output:


Dec 15 16:20:11.015: WCCP-EVNT:wccp_update_assignment_status: enter

Dec 15 16:20:11.015: WCCP-EVNT:wccp_update_assignment_status: exit

Dec 15 16:20:11.015: WCCP-EVNT:D06: Here_I_Am packet from 172.22.64.41 w/bad assign method 00000001, was offered 00000002

Dec 15 16:20:11.015: WCCP-EVNT:D06: Here_I_Am packet from 172.22.64.41 with incompatible capabilites

Dec 15 16:20:11.015: WCCP-PKT:D06: Sending I_See_You packet to 172.22.64.41 w/ rcv_id 0000007B


Connectivity is setup as follows:

3750 switch has SVI, and connects to Bluecoat via an access port. Bluecoat is using the SVI address as the home-router. I'm using L2 as the forwarding method.

Correct Answer by dstolt about 8 years 6 months ago

The 3750 should be configured with the follow general wccp configs.


L2 Redirect

L2 Return

Mask Assign

Redirect-in on the interfaces only (no redirect-out)


Also, I recommend that you use a fairly new version of IOS for WCCP, something 12.2(37)SE or later (I have been using 12.2(46)SE lately).


See if your configs match that.


Let me know if that helps,

Dan

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4.3 (3 ratings)
Loading.
dstolt Mon, 12/15/2008 - 09:22
User Badges:
  • Cisco Employee,

Daniel,


The 3750 series switches need to have the SDM template set to prefer routing. You can see if you have this set by the following command.


sh sdm prefer


If you don't have SDM set to prefer routing, the use the following command.


sdm prefer routing


Thanks,

Dan

Daniel Anderson Mon, 12/15/2008 - 09:47
User Badges:

Dan,


Thanks for your response. I believe the switch to be running the 'sdm prefer routing' template


sh sdm prefer routing

"desktop routing" template:

The selected template optimizes the resources in

the switch to support this level of features for

8 routed interfaces and 1024 VLANs.


number of unicast mac addresses: 3K

number of IPv4 IGMP groups + multicast routes: 1K

number of IPv4 unicast routes: 11K

number of directly-connected IPv4 hosts: 3K

number of indirect IPv4 routes: 8K

number of IPv4 policy based routing aces: 0.5K

number of IPv4/MAC qos aces: 0.5K

number of IPv4/MAC security aces: 1K


I've applied the sdm prefer routing command and rebooted the switch to be 100% confident that side of things are correct. I'm still seeing the same errors when debugging wccp though.


The only other thing I've noticed, is that when capturing traffic between the 2 devices, the 3750 on its 'I see you' response, only allows L2 on the Forwarding and Assignment methods, but for the Return Method, both GRE and L2 are supported. I'm not sure if this is an issue or normal operation.


TIA

Correct Answer
dstolt Mon, 12/15/2008 - 12:16
User Badges:
  • Cisco Employee,

The 3750 should be configured with the follow general wccp configs.


L2 Redirect

L2 Return

Mask Assign

Redirect-in on the interfaces only (no redirect-out)


Also, I recommend that you use a fairly new version of IOS for WCCP, something 12.2(37)SE or later (I have been using 12.2(46)SE lately).


See if your configs match that.


Let me know if that helps,

Dan

Daniel Anderson Tue, 12/16/2008 - 01:34
User Badges:

Thanks. Redirect is applied on the client vlans. I'm not 100% sure on how to apply the L2 Redirect/Return and Mask Assign commands, do you have some detail on those.


I'm currently running 12.2(46)SE Adv IP on the switch.


Thanks


Dan

dstolt Tue, 12/16/2008 - 04:55
User Badges:
  • Cisco Employee,

Dan,


Those commands are applied to the wccp client configs, the 3750 only need the wccp services, interface and SDM configs. Bluecoat doco should give you the details on how to configure wccp on their boxes, and if they support those configurations.


Hope that helps,

Dan

chbarret Wed, 12/17/2008 - 14:52
User Badges:
  • Cisco Employee,

I do not think Bluecoat supports L2 return - only IP Forwarding.

Daniel Anderson Fri, 12/19/2008 - 04:59
User Badges:

Issue resolved.


I rolled the code on the 3750 switch back to 12.2(37) Adv IP Serv and was able to establish WCCP connectivity.


There may be some incompatibility between 12.2(46) and the SG 5.2.3.3


Many Thanks for the feedback!

Actions

This Discussion