Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1093
Views
0
Helpful
7
Replies

WAAS strange behavior

cminard
Level 1
Level 1

‎05-07-2009 06:58 AM

Hi

I have a very strange problem on the network since I put WAAS.

The architecture is as following :

Central site with access to remote sites else via MPLS operator network (provinding its routers) else via IPSec VPN with firewall.

Recently it was decided to try the WAAS solution to enhance performance on a particular remote site.

So I have one WAVE274 as manager on the central site, one WAVE474 (inline) between the network and the operator router leading to approximatively 100 remote sites, a WAVE474 on one remote site only (inline too).

All was properly functionning : Optimization and so on between the 2 WAVE474, no action for other remote sites (of course).

My problem is that access to one particular URL (really needed) from all the remote sites passing through the central WAAS box is not available anymore !!! Access to that URL is OK from all remote VPN sites and from the central site.

When putting off the WAVE474 of the central site, the URL access is regained.

I can't understand. I thought that only the traffic between 2 WAAS peers was optimized (modified) and that trafic passing through only one WAAS box was not modified (the central WAVE acting in that case as a wire).

Any idea ?

0 Helpful
7 Replies 7

cminard
Level 1
Level 1

‎05-11-2009 07:16 AM

Could anyone confirm me that traffic going through only one WAAS box should not be disrupted, please ...

0 Helpful

ropethic
Level 4
Level 4
In response to cminard

‎05-14-2009 11:31 AM

Correct, non- waas installed sites will not try and get optimized. This is because WAAS uses auto-discovery inserting an option in the TCP options field. If waas is not installed on the remote sites there should be no tcp options.

I would check to make sure you have no access-lists configured on the WAVE.

Post you configuration for others to take a look at.

Also what version are you running? Do you have VBs enabled?

0 Helpful

cminard
Level 1
Level 1
In response to ropethic

‎06-02-2009 02:18 AM

Hi

Sorry for the delay, I was not available till now.

The version used is 4.1.1.d and the configuration is the default one for inline use. I have just IP parameters for the management and I plugged the 2 inline ports without any additional config, just to see the improvement between the central site and one particular remote site.

Unfortunalely, it seems affecting all the remote sites, even those without WAAS box ...

0 Helpful

cminard
Level 1
Level 1
In response to cminard

‎07-16-2009 01:21 AM

Hi

I have some new information, but the problem is still there ...

I tested again the problematic web site when getting through only one WAVE :

1/ My PC -> central WAVE -> LAN -> FW -> Internet

--> OK

2/ Remote Site -> ISP remote router -> ISP backbone -> ISP central router -> central WAVE -> LAN -> FW -> Internet

--> Not OK no access to the web site

3/ Remote Site -> Remote WAVE -> ISP remote router -> ISP backbone -> ISP central router -> LAN -> FW -> Internet

--> OK

I upgraded the 3 WAVE (central manager, remote + central) to version 4.1.3.55, but it was not better.

Any new idea ?

Could anyone with WAAS test the access to this web site, please ?

The URL is :

http://www.net-entreprises.fr

If this particular site has problem with TCP options, could we configure the WAVE not to put option just for that destination, assuming that access to other sites is OK ?

Thanks in advance

0 Helpful

cminard
Level 1
Level 1
In response to ropethic

‎07-28-2009 07:39 AM

Hi

My problem is still there.

I upgraded to the last version, as explained in my previous post but nothing better.

I created a policy to pass-through traffic to the particular site, and sometimes it works, sometimes, it doesn't.

I'd like to exempt traffic from having the TCP option set in the SYN packet because I noticed it worked only in that case, but I don't know why sometimes the wave puts it and sometimes no.

Also, could anyone test the problematic web site (with waas) to see if it works.

www.net-entreprises.fr

Thanks

Caroline

0 Helpful

cminard
Level 1
Level 1
In response to cminard

‎12-03-2009 06:39 AM

Hi

Just for others who could have the same problem :

I finally modified the traffic policies in order to pass-through http traffic to the particular website and it worked.

I think there is a firewall blocking TCP options somewhere on the path.

When capturing traffic, we can see that when the TCP option is present, the connection is KO, when option is not, the connection is OK.

I'm just still wondering why WAAS puts the options every other time ...

0 Helpful

Zach Seils
Level 7
Level 7
In response to cminard

‎12-03-2009 06:50 AM

WAAS uses a custom TCP option to automatically discovery peer WAAS devices to optimize the connection with.  When a policy specifies that a certain type of traffic should be handled as pass-through, we don't insert the auto-discovery option.

Regards,

Zach

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents