08-27-2010 09:56 AM
Hi all,
I'm working with WAAS and I found some curious things:
1) Can I export the SSL certificates of the CM? I want to optimize the traffic to the CM from a remote location and use WAAS for this, but I couldn't found where or how to export the CM certificate to configure SSL Acceleration in the central WAE. Is this possible?
2) I configure some reports to generate daily and I found some traffic that is not being accelerated, I'm attaching and example:
Application Original Optimized Pass- Redu Effective Reduc Effect
Remote-Desktop 11.334 MB 11.922 MB 0 Bytes 0.0 1.0 X 0.0 1.0 X
Replication 3.228 MB 4.032MB 0 Bytes 0.0 1.0 X 0.0 1.0 X
OtherTraffic 4.996 MB 7.552 MB 1.192 MB 0.0 1.0 X 0.0 1.0 X
Is there some operational reason to this happen?, why I can't accelerate RDP for example? this repeats across all my WAEs statistics.
3) Where I can found information about the fields in the reports generated and their meaning? For example, what are Other Traffic components?
Thanks for your help,
Guzmán
Solved! Go to Solution.
09-01-2010 11:14 AM
Hi Guzman,
Answers:
About question #2: I was reading about and I found that in RDP and Replication, for example, WAAS only apply TFO (not LZ or DRE) for some services. What can I do to make this more efficient?, can I apply LZ/DRE to this kind of connections?, is this possible?
Ans: for RDP and replication, you can certainly change the default p[olicy but we do not recommend to do it as that is the most efficient we found during our initial testing. Changing the default policy from TFO and adding LZ/DRE may cause the performance otherwise. So, in other words, yes you can do it and try but I will not suggest it.
In question #3, I don't want to modify the classify of applications. I just want to learn about the meaning of the charts and fields in the WAAS reports. Is there a site (another different from de Users Guide) where I can find information about this?
Ans: Well, you may find other sites if you "google" around on web but to get more precise meaning of terms and interpretation, you probably want to stick with Cisco Manuals.
08-27-2010 11:01 AM
Hi Guzman,
Answers for you:
1) Can I export the SSL certificates of the CM? I want to optimize the traffic to the CM from a remote location and use WAAS for this, but I couldn't found where or how to export the CM certificate to configure SSL Acceleration in the central WAE. Is this possible?
Ans: No. This is not possible because CM uses certificate supplied by Cisco Systems and further it does not supply the ownership information and you will not have the root certificate to decrypt the traffic. Before you configure SSL acceleration, you should know the following information:
•The services that you want to be accelerated on the SSL traffic
•The server IP address and port information
•The public key infrastructure (PKI) certificate and private key information, including the certificate common name and certificate authority signing information
•The cipher suites supported
•The SSL versions supported
2) I configure some reports to generate daily and I found some traffic that is not being accelerated, I'm attaching and example:
Application Original Optimized Pass- Redu Effective Reduc Effect
Remote-Desktop 11.334 MB 11.922 MB 0 Bytes 0.0 1.0 X 0.0 1.0 X
Replication 3.228 MB 4.032MB 0 Bytes 0.0 1.0 X 0.0 1.0 X
OtherTraffic 4.996 MB 7.552 MB 1.192 MB 0.0 1.0 X 0.0 1.0 X
Is there some operational reason to this happen?, why I can't accelerate RDP for example? this repeats across all my WAEs statistics.
Ans: It depends upon your traffic pattern the the DRE usage plus how much cache is in the DRE. From the numbers above, it looks like your WAN traffic is higher than the LAN traffic / original traffic. There are number of reasons why you may see this. One of the major reason is GRE fragmentation. If this WAE is in inline mode, try to reduce MSS and MTU and see if that helps. If you are using WCCP with GRE, again apply the same solution on router and see if that helps.
3) Where I can found information about the fields in the reports generated and their meaning? For example, what are Other Traffic components?
Ans: Unclassified and unmonitored applications with less than 2 percent of the total traffic are grouped together into a category named Other Traffic.If you want to classify certain traffic or If no classifier exists for the connection, the last column under My WAN --> Devices --> Edit Device --> Monitor --> Connection Statistics contains a Create New button. Click the button to display a Classifier Settings form below the table where you can create a classifier that matches the source and destination IP addresses and ports of the connection. Enter a name in the Classifier Name field, check the Match All check box to match all traffic, or make selections from the Source IP, Source Port, Destination IP, and Destination Port drop-down lists. Then click the Create Classifier button to create the classifier.
Note If the WAE is inheriting policies from a device group, the Create New button is not shown, to prevent a user from unknowingly overriding device group policies. To create a classifier, you must first override the device group policy page and then return to the Connection Statistics report.
Hope this helps.
Regards.
PS: If this answers your question, please mark it as Answered.
09-01-2010 10:35 AM
Hi Bhavin,
Thanks for your answers, they are very usefull.
About question #2: I was reading about and I found that in RDP and Replication, for example, WAAS only apply TFO (not LZ or DRE) for some services. What can I do to make this more efficient?, can I apply LZ/DRE to this kind of connections?, is this possible?
In question #3, I don't want to modify the classify of applications. I just want to learn about the meaning of the charts and fields in the WAAS reports. Is there a site (another different from de Users Guide) where I can find information about this?
Thanks for your help,
Guzmán
09-01-2010 11:14 AM
Hi Guzman,
Answers:
About question #2: I was reading about and I found that in RDP and Replication, for example, WAAS only apply TFO (not LZ or DRE) for some services. What can I do to make this more efficient?, can I apply LZ/DRE to this kind of connections?, is this possible?
Ans: for RDP and replication, you can certainly change the default p[olicy but we do not recommend to do it as that is the most efficient we found during our initial testing. Changing the default policy from TFO and adding LZ/DRE may cause the performance otherwise. So, in other words, yes you can do it and try but I will not suggest it.
In question #3, I don't want to modify the classify of applications. I just want to learn about the meaning of the charts and fields in the WAAS reports. Is there a site (another different from de Users Guide) where I can find information about this?
Ans: Well, you may find other sites if you "google" around on web but to get more precise meaning of terms and interpretation, you probably want to stick with Cisco Manuals.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: