L2 Redirect and Redirect Lists

Answered Question
Sep 22nd, 2010
User Badges:

Recently we changed  how we did redirection from out branches to our datacenter


Before we did GRE-GRE Hash at the head end and the Same GRE -GRE and the branch end. We controlled what traffic was allowed to be rediretced by redirect list that pointed back to ACLs.


Now we have our Head end WAEs doing L2/L2 Mask with our 6509 instead of GRE-GRE. I looked at my ACLS today a realized that they are no longer getting any "hits" which make sense IP ACLs are layer 3 and L2 redirection is L2. How do i control which traffic will be redirected?


Reason im asking is we ahve stood up a New Host Agg section and i wanted the throw a WAAS in there but i fear is there will be servers from Old Server Farm talking to Hosts in new HostAgg and the traffic will be redirected which i dont want since the WAAS has a 2 G connection(port channel ) and all my connections to alot of servers and between host agg and core are all 10G plus....


How do i control which traffic will be redirected?

Correct Answer by Zach Seils about 6 years 10 months ago

The redirect list is still being applied.  The issue on the 6500 platform is the Assignment Method used with WCCP.  Hash Assignment is handled (partially) in software, while Mask Assignment is handled in hardware.  The redirect list ACL counters are only going to show hits for packets that are redirected in software.  When all of the redirection is occuring in hardware, the counters won't increment.  In fact, on the 6500, you don't want to see the counters increment, since that indicates sub-optimal redirection performance.


To see if redirection is occuring on the 6500, you can use the command:


show tcam interface acl in ip


where is one of the interfaces where you have WCCP redirection applied.


Regards,

Zach

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
Zach Seils Wed, 09/22/2010 - 10:54
User Badges:
  • Cisco Employee,

The redirect list is still being applied.  The issue on the 6500 platform is the Assignment Method used with WCCP.  Hash Assignment is handled (partially) in software, while Mask Assignment is handled in hardware.  The redirect list ACL counters are only going to show hits for packets that are redirected in software.  When all of the redirection is occuring in hardware, the counters won't increment.  In fact, on the 6500, you don't want to see the counters increment, since that indicates sub-optimal redirection performance.


To see if redirection is occuring on the 6500, you can use the command:


show tcam interface acl in ip


where is one of the interfaces where you have WCCP redirection applied.


Regards,

Zach

wrobbin Wed, 09/22/2010 - 11:01
User Badges:

Thank you Zach your are correct i see the " policy-route tcp "..BTW just started  reading your book...so far been really helpful

Actions

This Discussion