Following with the notes/reviews from IPExpert CCIE R&S Blended Learning Solutions Video-on-Demand, we´re today presented with WCCP! :)
WCCP is used between Routers, Layer3 Switches and Web-Caches. It´s used to optimize resource utilization, and lower response times, when a user make a web request, for example, that´s the kind of traffic you want to redirect to the Web-Cache, hopefully you (better, your Web-Cache) have some information cached locally and that will decrease the response time.
As far as the exam is concearned, there´s no real Web-Cache on the LAB. Well... at least for now there isn´t! The "goal" would be setup the routers to talk with it, and that´s pretty much what we can be asked to do!
We´ll have no other way to test it than just a few show commands.
To enable your router (or layer 3 device) to talk to the Web-Cache, you need to enable WCCP with the global configuration command:
- ip wccp web-cache
After that, we need to choose the traffic to send to the Web-Cache, it can be either the outside interface where requests goes out:
- ip wccp web-cache redirect out
OR, the incoming interface as requests comes in:
- ip wccp web-cache redirect in
Choose one (not both) that fits the best what was requested in your lab!
Just a few commands to do that, right?! Not too bad! But... which interface is supposed to be configured as "redirect in" and which interface is "redirect out" ?!
It´ll be easier to undesrtand checking the diagram bellow:
If you want to send the traffic coming from users connected in SW1 to the Web-Cache, you need to configure the interface F0/0 as ip wccp web-cache redirect in.
Now, if you want to send the traffic going out S0/0 to the internet, you need to configure the S0/0 as ip wccp web-cache redirect out. Don´t use both (redirect in and redirect out) choose the one that best fits the task requirements.
Remember, the redirect perspective is "router centric", so traffic coming from your network are IN and traffic going out to the internet from your network are OUT, just keeping this in mind, you´ll never have problems to figure which type of redirect to use when configuring WCCP.
Now, if for example, both user traffic to be sent to the Web-Cache, and the Web-Cache itself are connected to the same router interface (for example F0/0) we need to use the command: ip route-cache same-interface, this will "hairpin" the traffic coming from users in this interface to the Web-Cache. Off course, this solution is not the most efficient and it consumes the most resources (CPU, Interface bandwidth, etc), but, keep in mind that CCIE Lab is not graded on performance, it´s graded on achieving the results that the task is asking for!
Again, checking our diagram, if you want to send traffic from users either in F0/0 and F0/1 to the Web-Cache, we can do a ip wccp web-cache redirect in at F0/0 and F0/1 OR we can configure ip wccp web-cache redirect out at S0/0, both will attend the request! Select the best option, and use it!
Also you can apply a "Redirect Filter" (an access-list) filtering just the traffic you want, that is done with some optional parameters in the global configuration command ip wccp web-cache:
- ip wccp web-cache redirect-list <ACL#> --> used to select which user traffic to send / not to send to the Web-Cache;
- ip wccp web-cache group-list <ACL#> --> used to select which Web-Cache to use;
- ip wccp web-cache password <password> --> used to configure a password to authenticate with the Web-Cache.
UDP port 2048 is the port used between the Router and the Web-Cache to communicate, and GRE is the tunnel method used. There´s nothing more to do at the routers than to say YES, I want to talk with the Web-Cache, and HOW to do the redirections, all other configurations goes in the Web-Cache itself.
As far as the CCIE Lab Exam will not include any real Web-Cache, we can only use the command show ip wccp web-cache detail to check some generic information and also if WCCP is enable and which interfaces are participating in the WCCP process!
Some examples:
| access-list 10 permit host 10.1.1.1 |
This will "notify" the router that only IP Addresses 10.1.1.1 and 10.1.1.2 are valid Web-Caches to register with!
Another one:
| access-list 110 deny ip any host 200.207.108.2 |
This example will configure the router to redirect web-related packets received via interface fastethernet 0/0, destined to any host except 200.207.108.2 to the Web-Cache.
And many others included in the IPExpert Video-on-Demand! You can also check Cisco´s DocCD to find some useful information and examples.
WCCP can be located at Cisco IOS IP Application Services Configuration Guide, Release 12.4
Posts
4 comments:
Great post Caue...we have not found out stuffs talking about WCCP,is it a kind of proxy server where we can active on layer 3 switches, isnt´t it ? switches...
Cheers,
Fernando Y
Hey buddy!
Hmmm... not exactly like that, WCCP is just the protocol used to redirect the interesting traffic (no better example than Web Traffic) in one interface to the Web-Cache.
You can check those two links at Cisco´s Website that will give you a better idea of what WCCP and Web-Cache is:
http://www.cisco.com/en/US/products/sw/conntsw/ps547/products_user_guide_chapter09186a0080080ecc.html
http://www.cisco.com/en/US/products/sw/conntsw/ps547/products_configuration_guide_chapter09186a008007f7eb.html
Hope that helps!
Cheers buddy!
Nice! Question regarding the cache engine in the same interface as the clients. Once web traffic is redirected to the cache engine, what stops the traffic from the cache engine going out to origin content servers from being redirected back to the cache?
What if you've configured wccp redirection on a vlan at the centre of the network (core) and you want your layer 2 access network (sw1 and sw2) to be directed to the wccp enabled proxy on the uplinked vlan. Is that possible?
Post a Comment