cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1097
Views
0
Helpful
1
Replies

GLBP with wccp

talha_490
Level 1
Level 1

The first Qs is

Both the core switches will be acting as a default gateway for the user vlan 23. so half of the users will be sending the traffic to Core SW1 and other half to Core SW2. Since wccp is enabled on the the svi on both the switches so the traffic should be redirected to the WAAS by both the core switches.

Will the WAE be able to differentiate between both the swithches based on their mac addresses and will sent back the traffic to the same router that have sent that traffic. as both the routers are on my router-list.

The complete configuration is attached here.

Data Center Configuration

Configuring Core Switch for WAE CM

Vlan 10

Name Central_Mgr

!

interface Vlan10

ip address 10.10.1.1 255.255.255.0

!

Interface gigabit 1/36

Description Connected to Central Manager

Switchport mode access

Swicthport access vlan 10

!

Configuring Core Switch for Data Center WAE

Vlan 11

Name Data-Center-WAE

!

Interface vlan 11

Ip address 10.11.1.1 255.255.255.0

!

Interface gigabit 1/36

Description Connected to WAE

Switchport

Switchport mode access

Swicthport access vlan 11

!

Configuring Core Switch for WCCP

Ip wccp version 2

Ip wccp 61

Ip wccp 62

Ip cef

Enabling WCCP services on Server Vlan

interface Vlan6

ip address 10.6.1.1 255.255.255.0

ip wccp 61 redirect in

ip wccp 62 redirect out

WAE Configuration

Hostname DA-WAE

Ip default-gateway 10.11.1.1

Wccp router-list 1 10.11.1.1

Wccp tcp-promiscuous router-list 1 l2-redirect mask-assign

The Layer 2 redirect and mask assign option for hardware forwarding

Wccp version 2

FWSM configuration

FWSM version is 3.2(10) which supports the below command as per command reference guide

Conf t

Policy-map global_policy

Class inspection_default

Inspect waas

Exit

Branch configuration

Configuring Primary Core Switch for Branch WAE

Vlan 25

Name Branch-WAE

!

Interface vlan 25

Ip address 10.94.25.2 255.255.255.0

Standby 25 ip 10.94.25.1

Standby 25 priority 105

Standby 25 preempt

No shutdown

!

Interface gigabit 1/43

Description Connected to WAE

Switchport mode access

Swicthport access vlan 25

!

Configuring Secondary Core Switch for Branch WAE

Vlan 25

Name Branch-WAE

!

Interface vlan 25

Ip address 10.94.25.3 255.255.255.0

Standby 25 ip 10.94.25.1

Standby 25 preempt

Interface gigabit 1/43

Description Connected to WAE

Switchport mode access

Swicthport access vlan 25

!

Configuring User Vlan for WCCP on Primary Core-Switch

Interface vlan 23

description Data vlan for 23rd Floor

ip address 10.93.23.252 255.255.255.0

ip helper-address 10.96.1.5

glbp 123 ip 10.93.23.254

glbp 123 priority 115

glbp 123 preempt

ip wccp 61 redirect in

ip wccp 62 redirect out

Configuring User Vlan for WCCP on Secondary Core-Switch

Interface vlan 23

description Data vlan for 23rd Floor

ip address 10.93.23.253 255.255.255.0

glbp 123 ip 10.93.23.254

glbp 123 priority 115

glbp 123 preempt

ip wccp 61 redirect in

ip wccp 62 redirect out

no shutdown

WAE Configuration

Hostname DA-WAE

Ip default-gateway 10.94.25.1

Wccp router-list 1 10.94.25.2 10.94.25.3

Since Both the core Switches are running GLBP for user vlans and WAE is in a vlan 25 which is present on both the switches and they are running HSRP for WAE Vlan so both of them will be sending the traffic to the WAE so the WAE should have both the routers in the router-list as it is above which is apart from the gateway.

Wccp tcp-promiscuous router-list 1 l2-redirect mask-assign

The Layer 2 redirect and mask assign option for hardware forwarding

Wccp version 2

ASA Configuration

The current ASA version is 7.2(2) which does not supports then below command and this is required in order for WAAS to work.

Recommended upgrade: This command was introduced in 7.2(3). However the latest IOS release by Cisco is 8.0(4)

Policy-map global_policy

Class inspection_default

Inspect waas

Exit

1 Reply 1

g-hopkinson
Level 1
Level 1

Probably a little late for a reply.

With WCCP you have redirect (traffic from router or switch to WAE) and return traffic (WAE to router or switch).

So this s minefield of confusion and limitations. The return method is the egress method, and that can be seen on the way with show egress. The default egress method is ip forwarding, which means the WAE will use its configured default gateway, and hence have the issue you describe, which I think they call "network path affinity". If you use GRE return and forward the WAE will send it back to the switch/router who sent it. The best return method for a 6500 PFC3 is Generic GRE, which is done in hardware.

Hope this helps.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: