Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
577
Views
0
Helpful
7
Replies

Cache Engine 510

antonios
Level 1
Level 1

‎06-10-2003 11:28 PM

Hi ,

We have purchased a cache engine 510 and are going to be deploying it in a transparent caching scenario. Where is the optimal place to put the cache engine, on the inside network behind firewall or on outside. If placed on the outside of the firewall what conduits/access lists need to be put in place for the solution to work.

I have been trying to find a good document on how the WCCP protocol works with regards to how the source/destination addresses change when a router redirects traffic to a cache engine to better understand what rules need to be changed on the firewall. Any pointers to a good reference URL will be greatly appreciated.

Labels:
0 Helpful
7 Replies 7

Gilles Dufour
Cisco Employee
Cisco Employee

‎06-11-2003 07:30 AM

WCCP will not work accross a firewall.

Redirecting packets would not be a problem.

But WCCP discovery will fail.

So, the Cache needs to be on the same subnet as the router.

Anyway the best place to put the Cache is the closest to the clients.

Gilles.

0 Helpful

antonios
Level 1
Level 1
In response to Gilles Dufour

‎06-11-2003 09:42 PM

Hi Gilles,

In our scenario we have a firewall between the router connecting out to the internet and the clients on the inside. In this case where will be the optimum place to position the cache engine ( inside or outside ).

Many thanks

0 Helpful

antonios
Level 1
Level 1
In response to antonios

‎06-11-2003 11:37 PM

One other question:

How can I view the cached objects on a cache engine 510 ?

Secondly:

If I display this log file on the cache engine what does the DIRECT mean in this line:

#type local1/logs/celog_196.33.48.199_20030612_060000.txt

1055397627.699 2659 196.26.83.132 TCP_MISS/302 786 GET http://www.msn.co.za/ - D

IRECT/www.msn.co.za -

Many thanks

0 Helpful

Gilles Dufour
Cisco Employee
Cisco Employee
In response to antonios

‎06-11-2003 11:55 PM

to understand the log message, please look into :

http://www.cisco.com/en/US/products/hw/contnetw/ps546/products_tech_note09186a00800a5fe1.shtml

If you have only one router, you don't have the choice of the location.

Put your Cache in the same subnet as the router and the firewall.

Finally, you can't view object that were cached.

Gilles.

0 Helpful

antonios
Level 1
Level 1
In response to Gilles Dufour

‎06-12-2003 12:03 AM

I would just like to clarify what you are saying:

Should the cache engine be on the outside of the firewall. If so does this not make the cache engine vulnerable.

Thank you

0 Helpful

Gilles Dufour
Cisco Employee
Cisco Employee
In response to antonios

‎06-13-2003 01:04 AM

the best would be on the inside.

However, I understand you have only 1 router and it is located on the outside.

So, you don't have the choice unles you buy another router or use the cache engine as a proxy.

If you use the cach as a proxy you don't need WCCP anymore and so, you can place the Cache wherever you want.

But this is not transparent caching anymore.

Gilles

0 Helpful

antonios
Level 1
Level 1
In response to Gilles Dufour

‎06-13-2003 01:40 AM

Thanks for the info

0 Helpful
Customers Also Viewed These Support Documents