Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Waas Setup Clarification

I am new to Waas and I would like some clarification on my setup

I have 3 * 574 devices and a CM (see diagram)

One device is remote and inline- Site 3

I have a Management device and an application accelerator at site 1

I have a an application accelerator at site 2

The devices at Site 1 and 2 are all on the same Mgmt LAN using their Gig 1/0 interfaces (10.10.10.1,2 and 3).

Sites 1 and 2 are separate sites but the core switches are linked over a wan

The two Cisco 3925 routers are conencted to two different  MPLS circuits

Site 1 & 2 Cisco 3925 routers are using a tertiary interface to connect to the 574 on a private LAN

I tried going live at the weekend with this set up using GRE tunnels and experienced loss of connectivity to devices behind the router

I shutdown the gig 0/1 interface and everything was restored to normal

The 3925 router configurations are as follows (same at both sites)

!

configure terminal

ip wccp 61

ip wccp 62

!

interface GigabitEthernet0/0

!   Updates the LAN interface

ip wccp 61 redirect in

!

interface GigabitEthernet0/2

!   Updates the WAN interface

ip wccp 62 redirect in

!

default interface gigabitEthernet 0/1

interface gig 0/1

ip address 172.30.10.1 255.255.255.252

description P2P WAAS

ip wccp redirect exclude in

no shut

exit

I have router lists configured to point at the 3925 for both WAAS devices.

When I look at the default gateway for the 172.30 interfaces it is pointing at the other LAN (the management) 10.10.10.x. Will this matter if I have a router list configured?

Should I be using WCCP Layer 2 as my router/WAE are directly connected. Can 3925 routers handle this?

Also I have just realized that the primary interface is set to gig 1/0, would it need to be set to gig 2/0 on the devcies connected to the routers

Any help much appreciated

Everyone's tags (2)
1 ACCEPTED SOLUTION

Accepted Solutions
Bronze

Re: Waas Setup Clarification

Hi,

primary interface is the interface which it uses to communicate to CM. i don't understand why there is break in communication between CM and WAE when you change the gateway on WAE, i saw you said their IP address are 10.10.10.0/24 segment, so they are L2 neighbor.

regarding your second option, that is good option of changing redircet method to L2 and default IP forwarding, with gateway directly to redirecting router. A simple and widely deployed WAAS setup.

6 REPLIES
Bronze

Waas Setup Clarification

can u share the config of your WAE site-1 also. From router config everything is good except "ip wccp redirect exclude in" on gi0/1. this command is not required in your setup.

Your setup is correct, but network outage is because of redirection loop, probably because of wrong route in wae or something. will discuss once get a config...

New Member

Re: Waas Setup Clarification

Thanks for responding to my questions.

I have edited out the domain name and NTP information. The configuration is the one from the weekend. I have not updated the primary interface or changed the method for redirection  i.e. to WCCP Layer 2

The 172.30.1.x subnet is not being routed

Thanks for your help in advance

Site1WAAS#show running-config

! waas-universal-k9 version 4.4.5a (build b3 Apr  4 2012)
!
device mode application-accelerator
!
!
hostname Site1WAAS
!

ip domain-name xxxx.com
!

primary-interface GigabitEthernet 1/0
!
bridge 1 protocol ieee
!
interface GigabitEthernet 1/0
ip address 10.10.10.1 255.255.255.0
exit
interface GigabitEthernet 2/0
ip address 172.30.10.2 255.255.255.252

exit
!
interface InlineGroup 1/1
inline vlan all
shutdown
exit
!
ip default-gateway 10.10.10.10
!
no auto-register enable
!
! ip path-mtu-discovery is disabled in WAAS by default
!
ip name-server x.x.x.x
!
!
ntp server x.x.x.x
!
!
!
wccp router-list 7 172.30.10.1
wccp tcp-promiscuous service-pair 61 62 failure-detection 30

wccp tcp-promiscuous service-pair 61 62 router-list-num 7
wccp version 2
!
!
username admin password 1 $1$uHY0pyao$y/RjK1O.Nv8QLX20omEQD.
username admin privilege 15
!
!
authentication login local enable primary
authentication configuration local enable primary
!
!
tfo tcp optimized-send-buffer 2048
tfo tcp optimized-receive-buffer 2048
!
!
virtual-blade enable
virtual-blade 1
description NAM Virtual Blade
device cpu qemu64

device nic e1000
device disk IDE
device keyboard en-us
memory 1024
disk 40
interface 1 bridge-group 1 mac-address 00:26:55:AE:95:64
cpu-list 1
boot cd-image disk /local1/vbs/appHelper.iso
boot from disk
no autostart
exit
!
policy-engine application
   set-dscp copy
   name Authentication
   name Backup
   name CAD
   name Call-Management
   name Conferencing
   name Console
   name Content-Management
   name Directory-Services

   name Email-and-Messaging
   name Enterprise-Applications
   name File-System
   name File-Transfer
   name Instant-Messaging
   name Name-Services
   name P2P
   name Printing
   name Remote-Desktop
   name Replication
   name SQL
   name SSH
   name SSL
   name Storage
   name Streaming
   name Systems-Management
   name VPN
   name Version-Management
   name WAFS
   name Web
   name Other
   classifier AOL

      match dst port range 5190 5193
   exit
   classifier Altiris-CarbonCopy
      match dst port eq 1680
   exit
   classifier Amanda
      match dst port eq 10080
   exit
   classifier Apple-iChat
      match dst port range 5297 5298
   exit
   classifier BFTP
      match dst port eq 152
   exit
   classifier BGP
      match dst port eq 179
   exit
   classifier BMC-Patrol
      match dst port range 6161 6162
      match dst port range 6767 6768
      match dst port range 8160 8161
      match dst port eq 10128

   exit
   classifier Basic-TCP-services
      match dst port range 1 19
   exit
   classifier BitTorrent
      match dst port range 6881 6889
      match dst port eq 6969
   exit
   classifier CIFS
      match dst port eq 139
      match dst port eq 445
   exit
   classifier Cisco-CallManager
      match dst port eq 2443
      match dst port eq 2748
   exit
   classifier Clearcase
      match dst port eq 371
   exit
   classifier CommVault
      match dst port range 8400 8403
   exit

   classifier ControlIT
      match dst port eq 799
   exit
   classifier DNS
      match dst port eq 53
   exit
   classifier Danware-NetOp
      match dst port eq 6502
   exit
   classifier Double-Take
      match dst port eq 1100
      match dst port eq 1105
   exit
   classifier EMC-Celerra-Replicator
      match dst port eq 8888
   exit
   classifier EMC-SRDFA-IP
      match dst port eq 1748
   exit
   classifier FCIP
      match dst port eq 3225
   exit

   classifier FTPS
      match src port eq 989
   exit
   classifier Filenet
      match dst port range 32768 32774
   exit
   classifier Gnutella
      match dst port range 6346 6349
      match dst port eq 5634
      match dst port eq 6355
   exit
   classifier Grouper
      match dst port eq 8038
   exit
   classifier HP-OpenView
      match dst port range 7426 7431
      match dst port eq 7501
      match dst port eq 7510
   exit
   classifier HTTP
      match dst port eq 80
      match dst port eq 3128

      match dst port eq 8000
      match dst port eq 8080
      match dst port eq 8088
   exit
   classifier HTTPS
      match dst port eq 443
   exit
   classifier HotLine
      match dst port range 5500 5503
   exit
   classifier IBM-DB2
      match dst port eq 523
   exit
   classifier IBM-TSM
      match dst port range 1500 1502
   exit
   classifier IPP
      match dst port eq 631
   exit
   classifier Kazaa
      match dst port eq 1214
   exit

   classifier Kerberos
      match dst port eq 88
      match dst port eq 888
      match dst port eq 2053
   exit
   classifier L2TP
      match dst port eq 1701
   exit
   classifier LANDesk
      match dst port range 9593 9595
      match dst port eq 9535
   exit
   classifier LDAP
      match dst port eq 389
      match dst port eq 8404
   exit
   classifier Laplink-ShareDirect
      match dst port eq 2705
   exit
   classifier Laplink-surfup-HTTPS
      match dst port eq 1184
   exit

   classifier Legato-NetWorker
      match dst port range 7937 7939
   exit
   classifier Legato-RepliStor
      match dst port range 7144 7145
   exit
   classifier Liquid-Audio
      match dst port eq 18888
   exit
   classifier MDaemon
      match dst port range 3000 3001
   exit
   classifier MS-GROOVE
      match dst port eq 2492
   exit
   classifier MS-NetMeeting
      match dst port eq 522
      match dst port eq 1503
      match dst port eq 1731
   exit
   classifier MySQL
      match dst port eq 3306

   exit
   classifier NFS
      match dst port eq 2049
   exit
   classifier NNTP
      match dst port eq 119
   exit
   classifier NTP
      match dst port eq 123
   exit
   classifier Napster
      match dst port eq 6666
      match dst port eq 6677
      match dst port eq 6688
      match dst port eq 6700
      match dst port eq 7777
      match dst port eq 8875
   exit
   classifier NetIQ
      match dst port range 10113 10116
      match dst port eq 2220
      match dst port eq 2735

   exit
   classifier Netopia-netOctopus
      match dst port eq 1917
      match dst port eq 1921
   exit
   classifier OpenVPN
      match dst port eq 1194
   exit
   classifier Oracle
      match dst port eq 66
   exit
   classifier Other-Secure
      match dst port eq 261
      match dst port eq 448
      match dst port eq 695
      match dst port eq 2252
      match dst port range 2478 2479
      match dst port eq 2482
      match dst port eq 2484
      match dst port eq 2679
      match dst port eq 2762
      match dst port eq 2998

      match dst port range 3077 3078
      match dst port eq 3183
      match dst port eq 3191
      match dst port eq 3220
      match dst port eq 3410
      match dst port eq 3424
      match dst port eq 3471
      match dst port eq 3496
      match dst port eq 3509
      match dst port eq 3529
      match dst port eq 3539
      match dst port range 3660 3661
      match dst port eq 3747
      match dst port eq 3864
      match dst port eq 3885
      match dst port range 3896 3897
      match dst port eq 3995
      match dst port eq 4031
      match dst port eq 5007
      match dst port eq 7674
      match dst port eq 9802
      match dst port eq 12109

   exit
   classifier PDMWorks
      match dst port eq 30000
      match dst port eq 40000
   exit
   classifier PPTP
      match dst port eq 1723
   exit
   classifier PSOM-MTLS
      match dst port eq 8057
   exit
   classifier Pervasive-SQL
      match dst port eq 1583
   exit
   classifier PostgreSQL
      match dst port eq 5432
   exit
   classifier QMTP
      match dst port eq 209
   exit
   classifier Qnext
      match dst port eq 44

      match dst port eq 5555
   exit
   classifier RTSP
      match dst port eq 554
      match dst port eq 8554
   exit
   classifier Remote-Anything
      match dst port range 3999 4000
   exit
   classifier Rsync
      match dst port eq 873
   exit
   classifier SAP
      match dst port range 3200 3204
      match dst port range 3206 3219
      match dst port range 3221 3224
      match dst port range 3226 3259
      match dst port range 3261 3263
      match dst port range 3265 3267
      match dst port range 3270 3282
      match dst port range 3284 3305
      match dst port range 3307 3351

      match dst port range 3353 3388
      match dst port range 3390 3399
      match dst port range 3600 3658
      match dst port range 3662 3699
   exit
   classifier SSH
      match dst port eq 22
   exit
   classifier Siebel
      match dst port range 2320 2321
      match dst port eq 8448
   exit
   classifier SoulSeek
      match dst port eq 2234
      match dst port eq 5534
   exit
   classifier TACACS
      match dst port eq 49
   exit
   classifier TFTP
      match dst port eq 69
   exit

   classifier TFTPS
      match dst port eq 3713
   exit
   classifier Telnet
      match dst port eq 23
      match dst port eq 107
   exit
   classifier Telnets
      match dst port eq 992
   exit
   classifier UniSQL
      match dst port range 1978 1979
   exit
   classifier VNC
      match dst port range 5800 5809
      match dst port range 5900 5909
   exit
   classifier Veritas-BackupExec
      match dst port eq 1125
      match dst port eq 3527
      match dst port range 6101 6102
      match dst port eq 6106

   exit
   classifier Veritas-NetBackup
      match dst port range 13720 13721
      match dst port eq 13782
      match dst port eq 13785
   exit
   classifier Vmware-VMConsole
      match dst port eq 902
   exit
   classifier VoIP-Control
      match dst port range 1718 1719
      match dst port range 11000 11999
   exit
   classifier VocalTec
      match dst port eq 1490
      match dst port eq 6670
      match dst port eq 22555
      match dst port eq 25793
   exit
   classifier WASTE
      match dst port eq 1337
   exit

   classifier WBEM
      match dst port range 5987 5990
   exit
   classifier WINS
      match dst port eq 1512
   exit
   classifier WinMX
      match dst port eq 6699
   exit
   classifier Yahoo-Messenger
      match dst port range 5000 5001
      match dst port eq 5050
      match dst port eq 5100
   exit
   classifier afpovertcp
      match dst port eq 548
   exit
   classifier afs3
      match dst port range 7000 7009
   exit
   classifier apple-sasl
      match dst port eq 3659

   exit
   classifier auth
      match dst port eq 113
   exit
   classifier backup-express
      match dst port eq 6123
   exit
   classifier ccmail
      match dst port eq 3264
   exit
   classifier cisco-q931-backhaul
      match dst port eq 2428
   exit
   classifier cisco-sccp
      match dst port range 2000 2002
   exit
   classifier citrixadmin
      match dst port eq 2513
   exit
   classifier citrixima
      match dst port eq 2512
   exit

   classifier citriximaclient
      match dst port eq 2598
   exit
   classifier cmd
      match dst port eq 514
   exit
   classifier connected
      match dst port eq 16384
   exit
   classifier corba-iiop-ssl
      match dst port eq 684
   exit
   classifier cuseeme
      match dst port eq 7640
      match dst port eq 7642
      match dst port range 7648 7649
   exit
   classifier cvspserver
      match dst port eq 2401
   exit
   classifier dmdocbroker
      match dst port eq 1489

   exit
   classifier eDonkey
      match dst port range 4661 4662
   exit
   classifier eTrust-policy-Compliance
      match dst port eq 1267
   exit
   classifier epmap
      match dst port eq 135
   exit
   classifier exec
      match dst port eq 512
   exit
   classifier ezMeeting
      match dst port range 10101 10103
      match dst port range 26260 26261
   exit
   classifier flowmonitor
      match dst port eq 7878
   exit
   classifier ftp
      match dst port eq 21

   exit
   classifier ftps
      match dst port eq 990
   exit
   classifier ftps-data
      match src port eq 20
   exit
   classifier gds_db
      match dst port eq 3050
   exit
   classifier groupwise
      match dst port eq 1677
      match dst port eq 2800
      match dst port eq 3800
      match dst port range 7100 7101
      match dst port range 7180 7181
      match dst port eq 7205
      match dst port eq 9850
   exit
   classifier h323hostcall
      match dst port eq 1720
   exit

   classifier h323hostcallsc
      match dst port eq 1300
   exit
   classifier hp-pdl-datastr
      match dst port eq 9100
   exit
   classifier iFCP
      match dst port eq 3420
   exit
   classifier ica
      match dst port eq 1494
   exit
   classifier imap
      match dst port eq 143
   exit
   classifier imap3
      match dst port eq 220
   exit
   classifier imaps
      match dst port eq 993
   exit
   classifier intersys-cache

      match dst port eq 1972
   exit
   classifier ircs
      match dst port eq 994
   exit
   classifier ircu
      match dst port range 6660 6665
      match dst port range 6667 6669
      match dst port eq 531
   exit
   classifier iscsi
      match dst port eq 3260
   exit
   classifier isns
      match dst port eq 3205
   exit
   classifier iso-tsap
      match dst port eq 102
   exit
   classifier kerberos-adm
      match dst port eq 749
   exit

   classifier klogin
      match dst port eq 543
   exit
   classifier kpasswd
      match dst port eq 464
   exit
   classifier kshell
      match dst port eq 544
   exit
   classifier laplink
      match dst port eq 1547
   exit
   classifier ldaps
      match dst port eq 636
   exit
   classifier login
      match dst port eq 513
   exit
   classifier lotusnote
      match dst port eq 1352
   exit
   classifier mgcp-callagent

      match dst port eq 2727
   exit
   classifier mgcp-gateway
      match dst port eq 2427
   exit
   classifier ms-content-repl-srv
      match dst port eq 507
      match dst port eq 560
   exit
   classifier ms-olap4
      match dst port eq 2383
   exit
   classifier ms-sql-m
      match dst port eq 1434
   exit
   classifier ms-sql-s
      match dst port eq 1433
   exit
   classifier ms-streaming
      match dst port eq 1755
   exit
   classifier ms-wbt-server

      match dst port eq 3389
   exit
   classifier msft-gc
      match dst port eq 3268
   exit
   classifier msft-gc-ssl
      match dst port eq 3269
   exit
   classifier msmq
      match dst port eq 1801
      match dst port eq 2101
      match dst port eq 2103
      match dst port eq 2105
   exit
   classifier msnp
      match dst port range 6891 6900
      match dst port eq 1863
   exit
   classifier nameserver
      match dst port eq 42
   exit
   classifier ncp

      match dst port eq 524
   exit
   classifier net-assistant
      match dst port eq 3283
   exit
   classifier netapp-snapmirror
      match dst port range 10565 10569
   exit
   classifier netbios
      match dst port eq 137
   exit
   classifier netrjs-3
      match dst port eq 73
   exit
   classifier netviewdm
      match dst port range 729 731
   exit
   classifier nntps
      match dst port eq 563
   exit
   classifier novadigm
      match dst port range 3460 3461

      match dst port eq 3464
   exit
   classifier novell-zen
      match dst port range 1761 1763
      match dst port eq 2037
      match dst port eq 2544
      match dst port eq 8039
   exit
   classifier objcall
      match dst port eq 94
      match dst port eq 627
      match dst port range 1580 1581
      match dst port eq 1965
   exit
   classifier openmail
      match dst port eq 5729
      match dst port eq 5755
      match dst port eq 5757
      match dst port range 5766 5768
   exit
   classifier orasrv
      match dst port eq 1521

      match dst port eq 1525
   exit
   classifier pcanywheredata
      match dst port range 5631 5632
      match dst port eq 65301
   exit
   classifier pcmail-srv
      match dst port eq 158
   exit
   classifier pcsync-http
      match dst port eq 8444
   exit
   classifier pcsync-https
      match dst port eq 8443
   exit
   classifier pop3
      match dst port eq 110
   exit
   classifier pop3s
      match dst port eq 995
   exit
   classifier print-srv

      match dst port eq 170
   exit
   classifier printer
      match dst port eq 515
   exit
   classifier proshare
      match dst port range 5713 5717
   exit
   classifier radmin-port
      match dst port eq 4899
   exit
   classifier rrac
      match dst port eq 5678
   exit
   classifier sametime
      match dst port eq 1533
   exit
   classifier sftp
      match dst port eq 115
   exit
   classifier sip
      match dst port eq 5060

   exit
   classifier sip-tls
      match dst port eq 5061
   exit
   classifier smtp
      match dst port eq 25
   exit
   classifier smtps
      match dst port eq 465
   exit
   classifier soap-http
      match dst port eq 7627
   exit
   classifier sql-net
      match dst port eq 150
   exit
   classifier sqlexec
      match dst port range 9088 9089
   exit
   classifier sqlserv
      match dst port eq 118
   exit

   classifier sqlsrv
      match dst port eq 156
   exit
   classifier ssc-agent
      match dst port range 2847 2848
      match dst port range 2967 2968
      match dst port eq 38037
      match dst port eq 38292
   exit
   classifier sshell
      match dst port eq 614
   exit
   classifier ssql
      match dst port eq 3352
   exit
   classifier sunrpc
      match dst port eq 111
   exit
   classifier svrloc
      match dst port eq 427
   exit
   classifier sybase-sqlany

      match dst port eq 1498
      match dst port eq 2439
      match dst port eq 2638
      match dst port eq 3968
   exit
   classifier talk
      match dst port eq 517
   exit
   classifier tell
      match dst port eq 754
   exit
   classifier timbuktu
      match dst port eq 407
   exit
   classifier timbuktu-srv
      match dst port range 1417 1420
   exit
   classifier x11
      match dst port range 6000 6063
   exit
   classifier xmpp-client
      match dst port eq 5222

   exit
   classifier xmpp-server
      match dst port eq 5269
   exit
   classifier xprint-server
      match dst port eq 8100
   exit
   map basic
      name Instant-Messaging classifier AOL action pass-through
      name Remote-Desktop classifier Altiris-CarbonCopy action pass-through
      name Backup classifier Amanda action optimize DRE no compression none
      name Instant-Messaging classifier Apple-iChat action pass-through
      name File-Transfer classifier BFTP action optimize full
      name Other classifier BGP action pass-through
      name Systems-Management classifier BMC-Patrol action pass-through
      name Other classifier Basic-TCP-services action pass-through
      name P2P classifier BitTorrent action pass-through
      name WAFS classifier CIFS action optimize full accelerate cifs
      name Call-Management classifier Cisco-CallManager action pass-through
      name Version-Management classifier Clearcase action optimize full
      name Backup classifier CommVault action optimize DRE no compression none
      name Remote-Desktop classifier ControlIT action optimize DRE no compressio

n none
      name Name-Services classifier DNS action pass-through
      name Remote-Desktop classifier Danware-NetOp action optimize DRE no compre
ssion none
      name Replication classifier Double-Take action optimize full
      name Replication classifier EMC-Celerra-Replicator action optimize full
      name Storage classifier EMC-SRDFA-IP action optimize full
      name Storage classifier FCIP action optimize DRE no compression LZ
      name File-Transfer classifier FTPS action pass-through
      name Content-Management classifier Filenet action optimize full
      name P2P classifier Gnutella action pass-through
      name P2P classifier Grouper action pass-through
      name Systems-Management classifier HP-OpenView action pass-through
      name Web classifier HTTP action optimize full accelerate http
      name SSL classifier HTTPS action optimize DRE no compression none
      name P2P classifier HotLine action pass-through
      name SQL classifier IBM-DB2 action optimize full
      name Backup classifier IBM-TSM action optimize full
      name Printing classifier IPP action optimize full
      name P2P classifier Kazaa action pass-through
      name Authentication classifier Kerberos action pass-through
      name VPN classifier L2TP action optimize DRE no compression none

      name Systems-Management classifier LANDesk action optimize full
      name Directory-Services classifier LDAP action optimize full
      name P2P classifier Laplink-ShareDirect action pass-through
      name Remote-Desktop classifier Laplink-surfup-HTTPS action optimize DRE no
compression none
      name Backup classifier Legato-NetWorker action optimize DRE no compression
none
      name Backup classifier Legato-RepliStor action optimize DRE no compression
none
      name Streaming classifier Liquid-Audio action optimize full
      name Email-and-Messaging classifier MDaemon action optimize full
      name Enterprise-Applications classifier MS-GROOVE action optimize DRE no c
ompression none
      name Conferencing classifier MS-NetMeeting action pass-through
      name SQL classifier MySQL action optimize full
      name File-System classifier NFS action optimize full accelerate nfs
      name Email-and-Messaging classifier NNTP action optimize full
      name Other classifier NTP action pass-through
      name P2P classifier Napster action pass-through
      name Systems-Management classifier NetIQ action pass-through
      name Systems-Management classifier Netopia-netOctopus action pass-through
      name VPN classifier OpenVPN action optimize DRE no compression none

      name SQL classifier Oracle action optimize full
      name Other classifier Other-Secure action pass-through
      name CAD classifier PDMWorks action optimize full
      name VPN classifier PPTP action optimize DRE no compression none
      name Conferencing classifier PSOM-MTLS action pass-through
      name SQL classifier Pervasive-SQL action optimize full
      name SQL classifier PostgreSQL action optimize full
      name Email-and-Messaging classifier QMTP action optimize full
      name P2P classifier Qnext action pass-through
      name Streaming classifier RTSP action optimize full accelerate video
      name Remote-Desktop classifier Remote-Anything action optimize DRE no comp
ression none
      name Replication classifier Rsync action optimize full
      name Enterprise-Applications classifier SAP action optimize full
      name SSH classifier SSH action optimize DRE no compression none
      name Enterprise-Applications classifier Siebel action optimize full
      name P2P classifier SoulSeek action pass-through
      name Authentication classifier TACACS action pass-through
      name File-Transfer classifier TFTP action optimize full
      name File-Transfer classifier TFTPS action optimize DRE no compression non
e
      name Console classifier Telnet action pass-through

      name Console classifier Telnets action pass-through
      name SQL classifier UniSQL action optimize full
      name Remote-Desktop classifier VNC action optimize DRE no compression none
      name Backup classifier Veritas-BackupExec action optimize DRE no compressi
on none
      name Backup classifier Veritas-NetBackup action optimize DRE no compressio
n none
      name Remote-Desktop classifier Vmware-VMConsole action optimize DRE no com
pression none
      name Call-Management classifier VoIP-Control action pass-through
      name Conferencing classifier VocalTec action pass-through
      name P2P classifier WASTE action pass-through
      name Systems-Management classifier WBEM action pass-through
      name Name-Services classifier WINS action pass-through
      name P2P classifier WinMX action pass-through
      name Instant-Messaging classifier Yahoo-Messenger action pass-through
      name File-System classifier afpovertcp action optimize full
      name File-System classifier afs3 action optimize full
      name Authentication classifier apple-sasl action pass-through
      name Authentication classifier auth action pass-through
      name Backup classifier backup-express action optimize DRE no compression n
one

      name Email-and-Messaging classifier ccmail action optimize full
      name Call-Management classifier cisco-q931-backhaul action pass-through
      name Call-Management classifier cisco-sccp action pass-through
      name Remote-Desktop classifier citrixadmin action optimize full
      name Remote-Desktop classifier citrixima action optimize full
      name Remote-Desktop classifier citriximaclient action optimize full
      name Console classifier cmd action pass-through
      name Backup classifier connected action optimize DRE no compression none
      name Other classifier corba-iiop-ssl action pass-through
      name Conferencing classifier cuseeme action pass-through
      name Version-Management classifier cvspserver action optimize full
      name Content-Management classifier dmdocbroker action optimize full
      name P2P classifier eDonkey action pass-through
      name Systems-Management classifier eTrust-policy-Compliance action optimiz
e DRE no compression none
      name Other classifier epmap action optimize DRE no compression none accele
rate MS-port-mapper
      name Console classifier exec action pass-through
      name Conferencing classifier ezMeeting action pass-through
      name Systems-Management classifier flowmonitor action optimize DRE no comp
ression LZ
      name File-Transfer classifier ftp action pass-through

      name File-Transfer classifier ftps action optimize DRE no compression none
      name File-Transfer classifier ftps-data action optimize full
      name SQL classifier gds_db action optimize full
      name Email-and-Messaging classifier groupwise action optimize full
      name Call-Management classifier h323hostcall action pass-through
      name Call-Management classifier h323hostcallsc action pass-through
      name Printing classifier hp-pdl-datastr action optimize full
      name Storage classifier iFCP action optimize full
      name Remote-Desktop classifier ica action optimize full
      name Email-and-Messaging classifier imap action optimize full
      name Email-and-Messaging classifier imap3 action optimize full
      name Email-and-Messaging classifier imaps action optimize DRE no compressi
on none
      name SQL classifier intersys-cache action optimize full
      name Instant-Messaging classifier ircs action pass-through
      name Storage classifier iscsi action optimize full
      name Name-Services classifier isns action pass-through
      name Email-and-Messaging classifier iso-tsap action optimize full
      name Authentication classifier kerberos-adm action pass-through
      name Authentication classifier klogin action pass-through
      name Authentication classifier kpasswd action pass-through
      name Authentication classifier kshell action pass-through

      name Remote-Desktop classifier laplink action optimize full
      name Directory-Services classifier ldaps action pass-through
      name Console classifier login action pass-through
      name Email-and-Messaging classifier lotusnote action optimize full
      name Call-Management classifier mgcp-callagent action pass-through
      name Call-Management classifier mgcp-gateway action pass-through
      name Replication classifier ms-content-repl-srv action optimize DRE no com
pression none
      name SQL classifier ms-olap4 action optimize DRE no compression none
      name SQL classifier ms-sql-m action optimize full
      name SQL classifier ms-sql-s action optimize full
      name Streaming classifier ms-streaming action optimize full
      name Remote-Desktop classifier ms-wbt-server action optimize DRE no compre
ssion none
      name Directory-Services classifier msft-gc action optimize full
      name Directory-Services classifier msft-gc-ssl action pass-through
      name Other classifier msmq action optimize full
      name Instant-Messaging classifier msnp action pass-through
      name Name-Services classifier nameserver action pass-through
      name File-System classifier ncp action optimize full
      name Remote-Desktop classifier net-assistant action pass-through
      name Replication classifier netapp-snapmirror action optimize full

      name Name-Services classifier netbios action pass-through
      name Remote-Desktop classifier netrjs-3 action optimize DRE no compression
none
      name Systems-Management classifier netviewdm action pass-through
      name Email-and-Messaging classifier nntps action optimize DRE no compressi
on none
      name Systems-Management classifier novadigm action optimize full
      name Systems-Management classifier novell-zen action optimize full
      name Systems-Management classifier objcall action optimize full
      name Email-and-Messaging classifier openmail action optimize full
      name SQL classifier orasrv action optimize full
      name Remote-Desktop classifier pcanywheredata action optimize DRE no compr
ession none
      name Email-and-Messaging classifier pcmail-srv action optimize full
      name Replication classifier pcsync-http action optimize full
      name Replication classifier pcsync-https action optimize DRE no compressio
n none
      name Email-and-Messaging classifier pop3 action optimize full
      name Email-and-Messaging classifier pop3s action optimize DRE no compressi
on none
      name Printing classifier print-srv action optimize full
      name Printing classifier printer action optimize full

      name Conferencing classifier proshare action pass-through
      name Remote-Desktop classifier radmin-port action optimize DRE no compress
ion none
      name Replication classifier rrac action optimize DRE no compression none
      name Instant-Messaging classifier sametime action pass-through
      name File-Transfer classifier sftp action optimize full
      name Call-Management classifier sip action pass-through
      name Call-Management classifier sip-tls action pass-through
      name Email-and-Messaging classifier smtp action optimize full
      name Email-and-Messaging classifier smtps action optimize DRE no compressi
on none
      name Web classifier soap-http action optimize full
      name SQL classifier sql-net action optimize full
      name SQL classifier sqlexec action optimize full
      name SQL classifier sqlserv action optimize full
      name SQL classifier sqlsrv action optimize full
      name Other classifier ssc-agent action optimize full
      name Console classifier sshell action pass-through
      name SQL classifier ssql action optimize full
      name File-System classifier sunrpc action pass-through
      name Name-Services classifier svrloc action pass-through
      name SQL classifier sybase-sqlany action optimize full

      name Authentication classifier tell action pass-through
      name Remote-Desktop classifier timbuktu action optimize DRE no compression
none
      name Remote-Desktop classifier timbuktu-srv action optimize DRE no compres
sion none
      name Remote-Desktop classifier x11 action optimize DRE no compression none
      name Instant-Messaging classifier xmpp-client action pass-through
      name Instant-Messaging classifier xmpp-server action pass-through
      name Printing classifier xprint-server action optimize full
      name Instant-Messaging classifier ircu action pass-through
      name Instant-Messaging classifier talk action pass-through
   exit
   map adaptor EPM 1544f5e0-613c-11d1-93df-00c04fd7bd09
      name Email-and-Messaging All action pass-through
   exit
   map adaptor EPM ms-sql-rpc
      name SQL All action optimize full
   exit
   map adaptor EPM mapi
      name Email-and-Messaging All action optimize full accelerate mapi
   exit
   map adaptor EPM ms-ad-replication

      name Replication All action optimize full
   exit
   map adaptor EPM ms-frs
      name Replication All action optimize full
   exit
   map adaptor EPM f5cc5a18-4264-101a-8c59-08002b2f8426
      name Email-and-Messaging All action pass-through
   exit
   map other optimize full
exit
!
central-manager address 10.10.10.28
cms enable
!

!
! End of WAAS configuration

Site1WAAS#                       

Bronze

Re: Waas Setup Clarification

see as per my understanding of the issue i will try to explain what might actually happened during outage.

See there are tow possibility of how WAE return the traffic (optimized or non optimized) back to network, its called egress method. first one which is default is IP forwarding where in WAE forward the traffic to its default gateway. Which in our case is 10.10.10.10. Now you have not mentioned what is this device but i beleive its some SVI on switch. So all the redirected traffic from router gig0/1 interface, reach WAE. But wae when transmit back to network it transmit it to 10.10.10.10. Now WAAS do not modify the packet headers (IP addresses). So 10.10.10.10 will treat this as normal IP packet with original clinet source and original server destination and will transmit the packet back to WAN router. Wan router seeing this packet coming back from LAN interface will redirect back to WAE. This caused a loop.

the second forwarding method is GRE (egress-method negotiated-return intercept-metod wccp), where WAE will encapsulate the return packet in GRE tunnel and send to WCCP redirecting router. So with this there will be no loop and router will get this packet via tunnel interface rather LAN interface.

Hope u got my point above and possible reason what went wrong that day.

This all happen because of a switch configured as default gateway in WAE. so either you change the forwarding method or chaging the default gateway in WAE will resolve the same.

New Member

Re: Waas Setup Clarification

Yes, I understand your description, its alot clearer than some of the documentation I have been reading.

Just to clarify, I do have a SVI on a switch. That is the gateway for the vlan where all of my WAAS management interfaces are connected to (gig 0/1).

I noticed the default gateway issue. I did change this, so that the gateway was 172.30.10.1. The problem is that this will then stop my access to the management IP address via Telnet. So the Gig 1/0 interface 10.10.10.1 uses the gateway of 172.30.10.1? I can still make changes from the CM to this end device, so I am assuming that they are still talking to each other. So I guess it doesn't matter???

So my options are either - change the gateway

Or I should use these settings under wccp

Should I also

set my primary interface to gig 2/0

As another option

Could I set the Redirect/Return method to WCCP L2 with Egress of IP forwarding and the 172.30.10.1 gateway? As my devices are directly connected. To avoid the extra lookups of GRE?

Bronze

Re: Waas Setup Clarification

Hi,

primary interface is the interface which it uses to communicate to CM. i don't understand why there is break in communication between CM and WAE when you change the gateway on WAE, i saw you said their IP address are 10.10.10.0/24 segment, so they are L2 neighbor.

regarding your second option, that is good option of changing redircet method to L2 and default IP forwarding, with gateway directly to redirecting router. A simple and widely deployed WAAS setup.

New Member

Waas Setup Clarification

Thanks for your assistance with this, it is very much appreciated.

Your description of the fault as correct - I used find match “Routing Loop” syslog.txt. I could see routing loop errors for the entire time period where I had the intterface up

I will be using option two

Finally, I lost connectivity to the devices from a remote location (I didn't mention this). This was obviously due to the routing loop.

969
Views
0
Helpful
6
Replies
CreatePlease to create content