I think I might know the answer but wanted a sanity check. I am running WAAS Express at several locations and there are times they hit the 250 connection limit. I am about to purchase hardware for a new location and am thinking of getting an appliance with the router instead of WAAS express on the router. I would then use this new hardware at one of the larger locations that is hitting the limit and relocate the WAAS Express to a smaller location. My sanity check is this. Since the WAAS sizing is based upon TCP connections, there is no difference between the platforms as a TCP connection is a TCP connection. To upgrade, I need to look at an applinace that has more than 250 connections otherwise I am in the same spot in regards to the connection limit. The 474 would be an upgrade to the WAAS Express due to the higher TCP count where the 274 would actually be a down grade as it has a 200 TCP limit. Right?
Is there a way to look on the existing platform and see what is not being optimized to make sure say a 474 would be the right size?
That is a good question, there are things we need to check before getting the real number of connections that are overloading your current device.
First as best practice we need to review if the tcp connections that are getting optimazed are legimit, for example I have seen networks where QoS attack is getting the WAAS devices to optimaze traffic that should not be optimazed.
Then we need real numbers, for example what's the number of TCP optimazed connections seen when is less network usage compare to when more users come to the office? or is your device always hitting the 250 limit?
Then as you might be aware when the WAAS device reach the limit it will send the traffic as PT ( pass through ) depending on your WAAS software you will be able to filter the amoung of traffic label as PT by doing WAE#sh statistics connection pass-through try the command several times and keep record, time and date of each output and you will average the amoung of connections not being optimazed, how often.. etc...
that should give us some numbers to guess with, yes I know guessing is not nice at this point but right now I can't think on any other process to get closer to a real number of TCP connections not being optimized on your network.
Within you will find a section detailing TFO overload conditions. Perform a show statistics tfo detail and determine if connection limits are being reached. Pass-through traffic doesnt count towards optimized TCP connections. Best practice states number of users x 10 = needed TCP optimized connections. If you are getting overload conditions you either have to upgrade or create policies to limit types of traffic to be optimized.
One other note of caution will add is to make sure you set a CPU threshold on the WAAS express router if you are experiencing WAAS overload conditions. If both WAAS load and CPU are high, the router will throttle all connection which can cause slowdowns.
The WAAS express is primarily used for very small branch offices with a small number of users, up to 50 on a 39xx. Also with added memory (8G) the 294 will handle upwards to 400 TCP optimized connections.
SRE specs below, bandwidth top row, connections below
This document will provide screenshots to outline the steps to setup
TACACS+ configuration to ACI and also the configuration required on
Cisco ACS server. Please find the official Cisco guide for configuring
TACACS+ Authentication to ACI:
Is it supported or NOT supported? It's a frequently asked question.
Before APIC, release 2.3(1f), transit routing was not supported within a
single L3Out profile. In APIC, release 2.3(1f) and later, you can
configure transit routing with a single L3Out pr...
Cisco Documents are usually accurate, but when it came to the document
on Cisco APIC Signature-Based Transactions it was slightly off the mark.
This document is for those novices to API like me who cant seem to
figure out how to go about performing signat...