Submit Search
Upload
Wccp introduction final2
•
Download as PPTX, PDF
•
2 likes
•
1,570 views
bui thequan
Follow
Wccp introduction final2
Read less
Read more
Technology
Report
Share
Report
Share
1 of 48
Download now
Recommended
01- intro to firewall concepts
01- intro to firewall concepts
Mostafa El Lathy
Virtual LAN
Virtual LAN
Darshan Dalwadi
VPLS Fundamental
VPLS Fundamental
Reza Farahani
Vxlan deep dive session rev0.5 final
Vxlan deep dive session rev0.5 final
KwonSun Bae
CCNA 200-301 Chapter 3-Fundamentals of WANs and IP Routing.pptx
CCNA 200-301 Chapter 3-Fundamentals of WANs and IP Routing.pptx
BabarYunus1
OpenNebulaConf2018 - Scalable L2 overlay networks with routed VXLAN / BGP EVP...
OpenNebulaConf2018 - Scalable L2 overlay networks with routed VXLAN / BGP EVP...
OpenNebula Project
MP BGP-EVPN 실전기술-1편(개념잡기)
MP BGP-EVPN 실전기술-1편(개념잡기)
JuHwan Lee
BRKSEC-3771 - WSA with wccp.pdf
BRKSEC-3771 - WSA with wccp.pdf
MenakaDevi14
Recommended
01- intro to firewall concepts
01- intro to firewall concepts
Mostafa El Lathy
Virtual LAN
Virtual LAN
Darshan Dalwadi
VPLS Fundamental
VPLS Fundamental
Reza Farahani
Vxlan deep dive session rev0.5 final
Vxlan deep dive session rev0.5 final
KwonSun Bae
CCNA 200-301 Chapter 3-Fundamentals of WANs and IP Routing.pptx
CCNA 200-301 Chapter 3-Fundamentals of WANs and IP Routing.pptx
BabarYunus1
OpenNebulaConf2018 - Scalable L2 overlay networks with routed VXLAN / BGP EVP...
OpenNebulaConf2018 - Scalable L2 overlay networks with routed VXLAN / BGP EVP...
OpenNebula Project
MP BGP-EVPN 실전기술-1편(개념잡기)
MP BGP-EVPN 실전기술-1편(개념잡기)
JuHwan Lee
BRKSEC-3771 - WSA with wccp.pdf
BRKSEC-3771 - WSA with wccp.pdf
MenakaDevi14
VTP
VTP
Haidar-Mohammed
HSRP (hot standby router protocol)
HSRP (hot standby router protocol)
Netwax Lab
VXLAN Practice Guide
VXLAN Practice Guide
Prasenjit Sarkar
Virtual Local Area Network (VLAN)
Virtual Local Area Network (VLAN)
Mohammad Javad Abdolmaleki
CCNAv5 - S2: Chapter3 Vlans
CCNAv5 - S2: Chapter3 Vlans
Vuz Dở Hơi
Large scale, distributed access management deployment with aruba clear pass
Large scale, distributed access management deployment with aruba clear pass
Aruba, a Hewlett Packard Enterprise company
MikroTik & RouterOS
MikroTik & RouterOS
Faelix Ltd
20 palo alto site to site
20 palo alto site to site
Mostafa El Lathy
SwOS (MikroTik Switch OS) Administration Guide
SwOS (MikroTik Switch OS) Administration Guide
Tũi Wichets
PIW ISE best practices
PIW ISE best practices
Sergey Kucherenko
Access Network Evolution
Access Network Evolution
Cisco Canada
Introduction to Apache Kafka
Introduction to Apache Kafka
Jeff Holoman
Introducción al Direccionamiento IPv6
Introducción al Direccionamiento IPv6
Educática
OSMC 2022 | VictoriaMetrics: scaling to 100 million metrics per second by Ali...
OSMC 2022 | VictoriaMetrics: scaling to 100 million metrics per second by Ali...
NETWAYS
Useful cli commands v1
Useful cli commands v1
Aruba, a Hewlett Packard Enterprise company
How to configure cisco 6500 vss
How to configure cisco 6500 vss
IT Tech
Chassis Cluster Configuration
Chassis Cluster Configuration
Kashif Latif
Introduction to vxlan
Introduction to vxlan
Mohammed Umair
6 pan-os software update & downgrade instruction
6 pan-os software update & downgrade instruction
Mostafa El Lathy
Vlans
Vlans
dannyvelasco
Brksec 2101 deploying web security
Brksec 2101 deploying web security
Alfredo Boiero Sanders
MTCNA Show.pptx
MTCNA Show.pptx
ahmedraed19
More Related Content
What's hot
VTP
VTP
Haidar-Mohammed
HSRP (hot standby router protocol)
HSRP (hot standby router protocol)
Netwax Lab
VXLAN Practice Guide
VXLAN Practice Guide
Prasenjit Sarkar
Virtual Local Area Network (VLAN)
Virtual Local Area Network (VLAN)
Mohammad Javad Abdolmaleki
CCNAv5 - S2: Chapter3 Vlans
CCNAv5 - S2: Chapter3 Vlans
Vuz Dở Hơi
Large scale, distributed access management deployment with aruba clear pass
Large scale, distributed access management deployment with aruba clear pass
Aruba, a Hewlett Packard Enterprise company
MikroTik & RouterOS
MikroTik & RouterOS
Faelix Ltd
20 palo alto site to site
20 palo alto site to site
Mostafa El Lathy
SwOS (MikroTik Switch OS) Administration Guide
SwOS (MikroTik Switch OS) Administration Guide
Tũi Wichets
PIW ISE best practices
PIW ISE best practices
Sergey Kucherenko
Access Network Evolution
Access Network Evolution
Cisco Canada
Introduction to Apache Kafka
Introduction to Apache Kafka
Jeff Holoman
Introducción al Direccionamiento IPv6
Introducción al Direccionamiento IPv6
Educática
OSMC 2022 | VictoriaMetrics: scaling to 100 million metrics per second by Ali...
OSMC 2022 | VictoriaMetrics: scaling to 100 million metrics per second by Ali...
NETWAYS
Useful cli commands v1
Useful cli commands v1
Aruba, a Hewlett Packard Enterprise company
How to configure cisco 6500 vss
How to configure cisco 6500 vss
IT Tech
Chassis Cluster Configuration
Chassis Cluster Configuration
Kashif Latif
Introduction to vxlan
Introduction to vxlan
Mohammed Umair
6 pan-os software update & downgrade instruction
6 pan-os software update & downgrade instruction
Mostafa El Lathy
Vlans
Vlans
dannyvelasco
What's hot
(20)
VTP
VTP
HSRP (hot standby router protocol)
HSRP (hot standby router protocol)
VXLAN Practice Guide
VXLAN Practice Guide
Virtual Local Area Network (VLAN)
Virtual Local Area Network (VLAN)
CCNAv5 - S2: Chapter3 Vlans
CCNAv5 - S2: Chapter3 Vlans
Large scale, distributed access management deployment with aruba clear pass
Large scale, distributed access management deployment with aruba clear pass
MikroTik & RouterOS
MikroTik & RouterOS
20 palo alto site to site
20 palo alto site to site
SwOS (MikroTik Switch OS) Administration Guide
SwOS (MikroTik Switch OS) Administration Guide
PIW ISE best practices
PIW ISE best practices
Access Network Evolution
Access Network Evolution
Introduction to Apache Kafka
Introduction to Apache Kafka
Introducción al Direccionamiento IPv6
Introducción al Direccionamiento IPv6
OSMC 2022 | VictoriaMetrics: scaling to 100 million metrics per second by Ali...
OSMC 2022 | VictoriaMetrics: scaling to 100 million metrics per second by Ali...
Useful cli commands v1
Useful cli commands v1
How to configure cisco 6500 vss
How to configure cisco 6500 vss
Chassis Cluster Configuration
Chassis Cluster Configuration
Introduction to vxlan
Introduction to vxlan
6 pan-os software update & downgrade instruction
6 pan-os software update & downgrade instruction
Vlans
Vlans
Similar to Wccp introduction final2
Brksec 2101 deploying web security
Brksec 2101 deploying web security
Alfredo Boiero Sanders
MTCNA Show.pptx
MTCNA Show.pptx
ahmedraed19
Microservices With Istio Service Mesh
Microservices With Istio Service Mesh
Natanael Fonseca
Sky x technology
Sky x technology
maulik610
Open Source Networking Days- Service Mesh
Open Source Networking Days- Service Mesh
CloudOps2005
[Retired] routing on the host an introduction – cumulus networks® knowledge ...
[Retired] routing on the host an introduction – cumulus networks® knowledge ...
doudadouda
Securing management, control & data plane
Securing management, control & data plane
NetProtocol Xpert
Quality of Servise
Quality of Servise
Raza_Abidi
Web Security Deployment
Web Security Deployment
Cisco Canada
KrakenD API Gateway
KrakenD API Gateway
Albert Lombarte
Quality of service
Quality of service
Yasser El Harbili
Sky x Technology (Pranav)
Sky x Technology (Pranav)
प्रणव भारती
Istio Triangle Kubernetes Meetup Aug 2019
Istio Triangle Kubernetes Meetup Aug 2019
Ram Vennam
Spy x tchnology
Spy x tchnology
Akhil Kumar
Cohesive Networks Support Docs: Welcome to VNS3 3.5
Cohesive Networks Support Docs: Welcome to VNS3 3.5
Cohesive Networks
sky-xpranav-140418121657-phpapp01.pptx
sky-xpranav-140418121657-phpapp01.pptx
PrasannaKumarpanda2
sky x ppt ankur
sky x ppt ankur
Ankur Yogi
Tutorial mikrotik step by step anung muhandanu
Tutorial mikrotik step by step anung muhandanu
Alessandro De Suoodh
ProxySQL High Avalability and Configuration Management Overview
ProxySQL High Avalability and Configuration Management Overview
René Cannaò
093049ov5.pptx
093049ov5.pptx
NguyenNM
Similar to Wccp introduction final2
(20)
Brksec 2101 deploying web security
Brksec 2101 deploying web security
MTCNA Show.pptx
MTCNA Show.pptx
Microservices With Istio Service Mesh
Microservices With Istio Service Mesh
Sky x technology
Sky x technology
Open Source Networking Days- Service Mesh
Open Source Networking Days- Service Mesh
[Retired] routing on the host an introduction – cumulus networks® knowledge ...
[Retired] routing on the host an introduction – cumulus networks® knowledge ...
Securing management, control & data plane
Securing management, control & data plane
Quality of Servise
Quality of Servise
Web Security Deployment
Web Security Deployment
KrakenD API Gateway
KrakenD API Gateway
Quality of service
Quality of service
Sky x Technology (Pranav)
Sky x Technology (Pranav)
Istio Triangle Kubernetes Meetup Aug 2019
Istio Triangle Kubernetes Meetup Aug 2019
Spy x tchnology
Spy x tchnology
Cohesive Networks Support Docs: Welcome to VNS3 3.5
Cohesive Networks Support Docs: Welcome to VNS3 3.5
sky-xpranav-140418121657-phpapp01.pptx
sky-xpranav-140418121657-phpapp01.pptx
sky x ppt ankur
sky x ppt ankur
Tutorial mikrotik step by step anung muhandanu
Tutorial mikrotik step by step anung muhandanu
ProxySQL High Avalability and Configuration Management Overview
ProxySQL High Avalability and Configuration Management Overview
093049ov5.pptx
093049ov5.pptx
More from bui thequan
InfiniBand in the Enterprise Data Center.pdf
InfiniBand in the Enterprise Data Center.pdf
bui thequan
OCP liquid direct to chip temperature guideline.pdf
OCP liquid direct to chip temperature guideline.pdf
bui thequan
2.01_Nvidia_NVswitch_HotChips2018_DGX2NVS_Final.pdf
2.01_Nvidia_NVswitch_HotChips2018_DGX2NVS_Final.pdf
bui thequan
Coolinside DTC Liquid Cooling Solution.pdf
Coolinside DTC Liquid Cooling Solution.pdf
bui thequan
(268) Total Thermal Solution - heat sink.pdf
(268) Total Thermal Solution - heat sink.pdf
bui thequan
6 - Oracle.pdf
6 - Oracle.pdf
bui thequan
an-advanced-liquid-cooling-design-for-data-center-final-v3-1-pdf.pdf
an-advanced-liquid-cooling-design-for-data-center-final-v3-1-pdf.pdf
bui thequan
dclc-r134a-968 detail.pdf
dclc-r134a-968 detail.pdf
bui thequan
ajeep_04a_energy_eficient_chiller - Mitsu.pdf
ajeep_04a_energy_eficient_chiller - Mitsu.pdf
bui thequan
Performance Gain for Multiple Stage Centrifugal Compressor by usi.pdf
Performance Gain for Multiple Stage Centrifugal Compressor by usi.pdf
bui thequan
Trane design chiller.pdf
Trane design chiller.pdf
bui thequan
chilled-water-system-presentation.pdf
chilled-water-system-presentation.pdf
bui thequan
multiple-chiller-system-design-and-control-trane-applications-engineering-man...
multiple-chiller-system-design-and-control-trane-applications-engineering-man...
bui thequan
399TGp_medical_light_ani.potx
399TGp_medical_light_ani.potx
bui thequan
29422920 overview-of-ng-sdh
29422920 overview-of-ng-sdh
bui thequan
20407473 ospf
20407473 ospf
bui thequan
194 adss cable-installationguide
194 adss cable-installationguide
bui thequan
Cisco me4600 ont_rgw_user_manual_v3_2-4
Cisco me4600 ont_rgw_user_manual_v3_2-4
bui thequan
Qwilt transparent caching-6keyfactors
Qwilt transparent caching-6keyfactors
bui thequan
Guide otn ang
Guide otn ang
bui thequan
More from bui thequan
(20)
InfiniBand in the Enterprise Data Center.pdf
InfiniBand in the Enterprise Data Center.pdf
OCP liquid direct to chip temperature guideline.pdf
OCP liquid direct to chip temperature guideline.pdf
2.01_Nvidia_NVswitch_HotChips2018_DGX2NVS_Final.pdf
2.01_Nvidia_NVswitch_HotChips2018_DGX2NVS_Final.pdf
Coolinside DTC Liquid Cooling Solution.pdf
Coolinside DTC Liquid Cooling Solution.pdf
(268) Total Thermal Solution - heat sink.pdf
(268) Total Thermal Solution - heat sink.pdf
6 - Oracle.pdf
6 - Oracle.pdf
an-advanced-liquid-cooling-design-for-data-center-final-v3-1-pdf.pdf
an-advanced-liquid-cooling-design-for-data-center-final-v3-1-pdf.pdf
dclc-r134a-968 detail.pdf
dclc-r134a-968 detail.pdf
ajeep_04a_energy_eficient_chiller - Mitsu.pdf
ajeep_04a_energy_eficient_chiller - Mitsu.pdf
Performance Gain for Multiple Stage Centrifugal Compressor by usi.pdf
Performance Gain for Multiple Stage Centrifugal Compressor by usi.pdf
Trane design chiller.pdf
Trane design chiller.pdf
chilled-water-system-presentation.pdf
chilled-water-system-presentation.pdf
multiple-chiller-system-design-and-control-trane-applications-engineering-man...
multiple-chiller-system-design-and-control-trane-applications-engineering-man...
399TGp_medical_light_ani.potx
399TGp_medical_light_ani.potx
29422920 overview-of-ng-sdh
29422920 overview-of-ng-sdh
20407473 ospf
20407473 ospf
194 adss cable-installationguide
194 adss cable-installationguide
Cisco me4600 ont_rgw_user_manual_v3_2-4
Cisco me4600 ont_rgw_user_manual_v3_2-4
Qwilt transparent caching-6keyfactors
Qwilt transparent caching-6keyfactors
Guide otn ang
Guide otn ang
Recently uploaded
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
rafiqahmad00786416
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Juan lago vázquez
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
MadyBayot
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Orbitshub
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
Dropbox
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
Khushali Kathiriya
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
The Digital Insurer
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
apidays
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
Remote DBA Services
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
Christopher Logan Kennedy
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
Architecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
DianaGray10
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
Remote DBA Services
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
danishmna97
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
apidays
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
apidays
Recently uploaded
(20)
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Architecting Cloud Native Applications
Architecting Cloud Native Applications
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
Wccp introduction final2
1.
1Copyright © 2013
Blue Coat Systems Inc. All Rights Reserved. WEB CACHE COMMUNICATION PROTOCOL (WCCP) INTRODUCTION Almas Raza Product Support Specialist
2.
2Copyright © 2013
Blue Coat Systems Inc. All Rights Reserved. TOPICS OF DISCUSSION Why WCCP? WCCP Background WCCP Protocol Process WCCP Redirection Process WCCP Configuration WCCP Debugging References
3.
3Copyright © 2013
Blue Coat Systems Inc. All Rights Reserved. WHY WCCP Today’s networks require proxy services in order to secure inbound an outbound communications. Communications need to be intercepted by the proxy services in order to apply a secure policy and utilize the caching capabilities. Proxy services can be deployed in two modes: Transparent mode Explicit mode
4.
4Copyright © 2013
Blue Coat Systems Inc. All Rights Reserved. WHY WCCP In Transparent mode, Requests are transparently intercepted. User’s browser does not require modification in terms of configuration. In Explicit mode, a user’s browser requires modification via setting the hostname of the ProxySG or via Proxy Autoconfig Client (PAC) files.
5.
5Copyright © 2013
Blue Coat Systems Inc. All Rights Reserved. WHY WCCP Transparent mode can be deployed in two ways Inline Virtually inline
6.
6Copyright © 2013
Blue Coat Systems Inc. All Rights Reserved. WHY WCCP When the ProxySG appliance is not in the physical path of clients and servers, it must rely on an external device— either a Layer 4 switch (Load Balancer) or a WCCP-capable router—to redirect packets to it for transparent proxy services. This type of deployment is known as a virtually in- path deployment. Traffic can be redirected to Proxy via Policy base routing in layer 3 switches OR WCCP from Cisco layer3 switches and routers.
7.
7Copyright © 2013
Blue Coat Systems Inc. All Rights Reserved. USING WCCP WITH THE PROXYSG WCCP is the recommended virtually in-path deployment because it provides the following advantages: Scalability and Load Balancing — Traffic can be automatically distributed to up to 32 ProxySG: appliances. If one ProxySG goes down, traffic is automatically redistributed across the other ProxySG appliances in the group. Security — You can password-protect the WCCP service group so that only authorized appliances can join. Additionally, you can configure access control lists (ACLs) on the router to restrict access to specific ProxySG appliances only. Failover — In the event that there are no ProxySG appliances available for traffic redirection, the router forwards the traffic to the original destination address. Flexibility — You control exactly what traffic to redirect and how to redirect it. You can redirect all traffic entering or exiting a router interface; you can filter traffic using ACLs; or, you can define specific protocol and ports to redirect.
8.
8Copyright © 2013
Blue Coat Systems Inc. All Rights Reserved. 8Copyright © 2013 Blue Coat Systems Inc. All Rights Reserved. 8 WCCP BACKGROUND
9.
9Copyright © 2013
Blue Coat Systems Inc. All Rights Reserved. BACKGROUND
10.
10Copyright © 2013
Blue Coat Systems Inc. All Rights Reserved. RESTRICTIONS FOR WCCP General The following limitations apply to WCCPv1 and WCCPv2: • WCCP works only with IPv4 networks. • Routers and cache engines communicate to each other via a control channel based on UDP port 2048 WCCPv1 The following limitation apply to WCCPv1 • Only a single router services a cluster of systems • Supports HTTP (TCP port 80) traffic flows only • Provides generic routing encapsulation (GRE) to prevent packet modification WCCPv2 Following enhancement was done to WCCPv2: • Allows for use across up to 32 routers (WCCP servers) • Supports up to 32 engines/accelerators (WCCP clients) • Supports any IP protocol including any TCP or UDP • Supports up to 256 service groups (0-255) • Adds MD5 shared secret security • Multicast addresses must be from 224.0.0.0 to 239.255.255.255.
11.
11Copyright © 2013
Blue Coat Systems Inc. All Rights Reserved. BACKGROUND
12.
12Copyright © 2013
Blue Coat Systems Inc. All Rights Reserved. CISCO ROUTER / SWITCH COMMANDS Showing version of Cisco IOS router# show version CompNet-RT7206-5#show version Cisco IOS Software, 7200 Software (C7200-ADVIPSERVICESK9-M), Version 12.4(22)T5, RELEASE SOFTWARE (fc3) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2010 by Cisco Systems, Inc. Compiled Wed 28-Apr-10 13:31 by prod_rel_team ROM: System Bootstrap, Version 12.0(19990210:195103) [12.0XE 105], DEVELOPMENT SOFTWARE BOOTLDR: 7200 Software (C7200-BOOT-M), Version 12.0(9)S, EARLY DEPLOYMENT RELEASE SOFTWARE (fc1) CompNet-RT7206-5 uptime is 1 hour, 20 minutes System returned to ROM by reload at 13:43:21 PST Tue Nov 1 2011 . . . Cisco 7206VXR (NPE300) processor (revision B) with 229376K/65536K bytes of memory. Processor board ID 16071755 R7000 CPU at 262MHz, Implementation 39, Rev 1.0, 256KB L2 Cache 6 slot VXR midplane, Version 2.0
13.
13Copyright © 2013
Blue Coat Systems Inc. All Rights Reserved. WCCP PLATFORM SUPPORT (KB FAQ305)
14.
14Copyright © 2013
Blue Coat Systems Inc. All Rights Reserved. BACKGROUND
15.
15Copyright © 2013
Blue Coat Systems Inc. All Rights Reserved. PRIMARY WCCP FUNCTIONS Registration: ProxySG is a WCCP client Registers WCCP services (0-255) with “Here I Am” if application is operational Registration announces WCCP client on service group, provides availability notification, requests interesting traffic Transmits “Here I Am” every 10 seconds Lead WCCP client (lowest IP address) instructs routers on protocol/port, assignment, forwarding, and return methods Router is a WCCP server Accepts service group registration (0-255) Acknowledges “Here I Am” with “I See You” Waits 30 (3x10) seconds before declaring ProxySG failed Announce ProxySGs to other ProxySGs Router id is highest interface IP or highest loopback IP if one exists Redirects traffic to ProxySG Assignment: Selects an ProxySG in the cluster Hash 256 buckets Mask 64 buckets represented by 6 bit mask of the source or destination IP/Port
16.
16Copyright © 2013
Blue Coat Systems Inc. All Rights Reserved. WCCP CONTROL PLANE AND RE-DIRECTION WCCP handles two different types of traffic • Control traffic – – Via control traffic WCCP Protocol, negotiation the setup between router and proxy for a Service Group. – Heartbeat is also exchange via control traffic every 10 sec. • Redirection – – Data packet Redirection between Proxy and Router
17.
17Copyright © 2013
Blue Coat Systems Inc. All Rights Reserved. WCCP SERVICE GROUPS
18.
18Copyright © 2013
Blue Coat Systems Inc. All Rights Reserved. WCCP CONTROL PLANE MESSAGES Control Plane messages exchange over UPD 2048 Four different type of control messages • Here I Am (HIA) • I See You (ISU) • Redirect Assign (RA) • Removal Query (RQ) Traffic from Router to Proxy can be sent via L2 or GRE Proxy can send back traffic to Router via L2, GRE or routed Router could distribute traffic to Proxy by Hash or Mask base assignment
19.
19Copyright © 2013
Blue Coat Systems Inc. All Rights Reserved. DIFFERENCE BETWEEN GRE AND L2 • GRE forwarding and return type GRE is used when router and proxy are few hops away. GRE is also used in the mash router envirenment. Need more CPU cycle since every packet needs to be encapsulated. • L2 forwarding and return type Router and proxy needs to be directly connected for L2 to work. Less CPU intensive. No encapsulation needed to send the traffic out.
20.
© Blue Coat
Systems, Inc. 2008. All Rights Reserved.20 Understanding L2 forwarding / GRE packet return (cont.) L2 forwarding / GRE forwarding packets Ethernet IP TCP Inbound L2 Redirected Packet Ethernet IP GRE IP TCP Outbound GRE Return Packet
21.
21Copyright © 2013
Blue Coat Systems Inc. All Rights Reserved. WCCP SERVICE GROUPS A service group unites one or more routers/switches with one or more caching devices (ProxySG appliances in this case) in a transparent redirection scheme governed by a common set of rules. The service group members agree on these rules initially by announcing their specific capabilities and configurations to each other in WCCP protocol packets as follows: 1. The ProxySG appliance sends out a “Here I Am” (WCCP2_HERE_I_AM) message to the routers in the group. These messages include a description of the service group that the ProxySG wants to join, including the protocol, ports to redirect, method to use to forward and return packets to each other, and load balancing instructions. 2. The routers respond with an “I See You” (WCCP2_I_SEE_YOU) message that includes a Receive ID as well as a list of WCCP capabilities—such as forwarding/return methods or load balancing schemes — that the router supports.
22.
22Copyright © 2013
Blue Coat Systems Inc. All Rights Reserved. WCCP SERVICE GROUPS 3. The ProxySG appliance responds with another “Here I Am” message in which it reflects the Receive ID that was sent in the “I See You” message from the router. In addition, the ProxySG examines the capabilities advertised by the router and, if its configuration specifies a capability that has not been advertised, it will abandon its attempt to join the service group. If the capabilities it is configured to use are advertised, it will select the capabilities it wants to use and will send them back to the router in another “Here I Am” message. 4. The router inspects the capabilities that the ProxySG selected and, if the capabilities are supported, the router accepts the ProxySG as compatible and adds it to the service group. The router responds to all ProxySG appliances that it has accepted with “I See You” messages that include a listing of all ProxySG appliances in the service group (called the router view). 5. Each ProxySG in the group periodically sends out “Here I Am” messages to the routers in the group to maintain its service group membership. If a router doesn’t receive a “Here I Am” message from a ProxySG in the group within the designated time-out interval, it removes the ProxySG from the service group and sends out an “I See You” with an updated router view.
23.
23Copyright © 2013
Blue Coat Systems Inc. All Rights Reserved.Copyright © 2013 Blue Coat Systems Inc. All Rights Reserved. 23 WCCP REDIRECTION PROCESS
24.
24Copyright © 2013
Blue Coat Systems Inc. All Rights Reserved. WCCP REDIRECTION
25.
25Copyright © 2013
Blue Coat Systems Inc. All Rights Reserved. SIMPLE PROXYSG WCCP EXCHANGE PROCESS The process works as follows: 1. The client sends a packet addressed for the OCS. 2. The WCCP-enabled router redirects the packet to the ProxySG. 3. The ProxySG determines what to do with it based on the transparent proxy services that have been configured for the traffic type. If it cannot service the request locally (for example by returning a page from its local cache), it sends a request to the specified OCS on behalf of the client. 4. The OCS response is routed (or redirected depending on the configuration) back to the ProxySG. 5. The ProxySG then forwards the response back to the client. Figure 1-1 A Simple ProxySG WCCP Exchange
26.
26Copyright © 2013
Blue Coat Systems Inc. All Rights Reserved. REDIRECT IN OR OUT
27.
27Copyright © 2013
Blue Coat Systems Inc. All Rights Reserved. WCCP REDIRECTION/RETURN PROCESS WITH REFLECT CLIENT IP DISABLED Router ID: 1.2.3.4 ProxySG IP = 1.1.1.99 Reflect Client IP (Disabled) WAN 1Client PC IP = 1.1.1.10 OCS IP = 2.2.2.10Intf: 0/0 WCCP SG 10: Intf: 2/0 2 3 4 5 6 7 Src IP 1.1.1.10 Dst IP 2.2.2.10 Scr TCP 1964 Dst TCP 80 Payload Src IP 2.2.2.10 Dst IP 1.1.1.99 Scr TCP 80 Dst TCP 62763 Payload Src IP 2.2.2.10 Dst IP 1.1.1.99 Scr TCP 80 Dst TCP 62763 Payload Src IP 2.2.2.10 Dst IP 1.1.1.10 Scr TCP 80 Dst TCP 1964 Payload Src IP 1.1.1.99 Dst IP 2.2.2.10 Scr TCP 62763 Dst TCP 80 Payload GRE Src IP 1.2.3.4 Dst IP 1.1.1.99 Scr TCP 1964 Dst TCP 80 Payload Scr IP 1.1.1.10 Dst IP 2.2.2.10
28.
28Copyright © 2013
Blue Coat Systems Inc. All Rights Reserved. 28Copyright © 2013 Blue Coat Systems Inc. All Rights Reserved. WCCP CONFIGURATION
29.
29Copyright © 2013
Blue Coat Systems Inc. All Rights Reserved. WCCP NETWORK DIAGRAM
30.
30Copyright © 2013
Blue Coat Systems Inc. All Rights Reserved. ROUTER WCCP CONFIGURATION Router#: show running ! ip wccp 20 ! interface FastEthernet0/0 description WAN UPLINK ip address 10.78.56.98 255.255.255.240 duplex full ! interface FastEthernet2/0 description LAN - CLIENT NETWORK ip address 10.78.56.209 255.255.255.248 ip wccp 20 redirect in duplex full
31.
31Copyright © 2013
Blue Coat Systems Inc. All Rights Reserved. PROXYSG WCCP CONFIGURATION
32.
32Copyright © 2013
Blue Coat Systems Inc. All Rights Reserved. PROXYSG WCCP CONFIGURATION
33.
33Copyright © 2013
Blue Coat Systems Inc. All Rights Reserved. 33Copyright © 2013 Blue Coat Systems Inc. All Rights Reserved. WCCP DEBUGGING
34.
34Copyright © 2013
Blue Coat Systems Inc. All Rights Reserved. ROUTER WCCP COMMANDS CompNet-RT7206-5#sh ip wccp Global WCCP information: Router information: Router Identifier: 10.78.56.209 Protocol Version: 2.0 Service Identifier: 20 Number of Service Group Clients: 1 Number of Service Group Routers: 1 Total Packets s/w Redirected: 0 Process: 0 CEF: 0 Service mode: Open Service Access-list: -none- Total Packets Dropped Closed: 0 Redirect Access-list: -none- Total Packets Denied Redirect: 0 Total Packets Unassigned: 0 Group Access-list: -none- Total Messages Denied to Group: 0 Total Authentication failures: 0 Total Bypassed Packets Received: 0
35.
35Copyright © 2013
Blue Coat Systems Inc. All Rights Reserved. ROUTER WCCP COMMANDS CompNet-RT7206-5#show ip wccp 20 detail WCCP Client information: WCCP Client ID: 10.78.56.164 Protocol Version: 2.0 State: Usable Redirection: GRE Packet Return: GRE Assignment: HASH Initial Hash Info: 00000000000000000000000000000000 00000000000000000000000000000000 Assigned Hash Info: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF Hash Allotment: 256 (100.00%) Packets s/w Redirected: 0 Connect Time: 00:08:02 Bypassed Packets Process: 0 CEF: 0 Errors: 0
36.
36Copyright © 2013
Blue Coat Systems Inc. All Rights Reserved. ROUTER WCCP COMMANDS 3560G-Switch-2#sh ip wccp 10 detail WCCP Client information: WCCP Client ID: 10.78.57.214 Protocol Version: 2.0 State: Usable Redirection: L2 Packet Return: GRE Packets Redirected: 0 Connect Time: 00:13:47 Assignment: MASK Value SrcAddr DstAddr SrcPort DstPort CE-IP ----- ------- ------- ------- ------- ----- 0042: 0x00000000 0x0000002A 0x0000 0x0000 0x0A4E39D6 (10.78.57.214) 0043: 0x00000000 0x0000002B 0x0000 0x0000 0x0A4E39D6 (10.78.57.214) ........ 0062: 0x00000000 0x0000003E 0x0000 0x0000 0x0A4E39D6 (10.78.57.214) 0063: 0x00000000 0x0000003F 0x0000 0x0000 0x0A4E39D6 (10.78.57.214) WCCP Client ID: 10.78.57.212 Protocol Version: 2.0 State: Usable Redirection: L2 Packet Return: GRE Packets Redirected: 0 Connect Time: 00:05:58 Assignment: MASK Value SrcAddr DstAddr SrcPort DstPort CE-IP ----- ------- ------- ------- ------- ----- 0000: 0x00000000 0x00000000 0x0000 0x0000 0x0A4E39D4 (10.78.57.212) 0001: 0x00000000 0x00000001 0x0000 0x0000 0x0A4E39D4 (10.78.57.212) .........
37.
37Copyright © 2013
Blue Coat Systems Inc. All Rights Reserved. ROUTER WCCP COMMANDS WCCP Client ID: 10.78.57.213 Protocol Version: 2.0 State: Usable Redirection: L2 Packet Return: GRE Packets Redirected: 0 Connect Time: 00:03:09 Assignment: MASK Mask SrcAddr DstAddr SrcPort DstPort ---- ------- ------- ------- ------- 0000: 0x00000000 0x0000003F 0x0000 0x0000 Value SrcAddr DstAddr SrcPort DstPort CE-IP ----- ------- ------- ------- ------- ----- 0021: 0x00000000 0x00000015 0x0000 0x0000 0x0A4E39D5 (10.78.57.213) 0022: 0x00000000 0x00000016 0x0000 0x0000 0x0A4E39D5 (10.78.57.213) 0023: 0x00000000 0x00000017 0x0000 0x0000 0x0A4E39D5 (10.78.57.213) ........ 0040: 0x00000000 0x00000028 0x0000 0x0000 0x0A4E39D5 (10.78.57.213) 0041: 0x00000000 0x00000029 0x0000 0x0000 0x0A4E39D5 (10.78.57.213)
38.
38Copyright © 2013
Blue Coat Systems Inc. All Rights Reserved. PROXYSG WCCP
39.
39Copyright © 2013
Blue Coat Systems Inc. All Rights Reserved. PROXYSG WCCP DEBUG / LOG COMMANDS Router# debug ip wccp packets Router# term mon WCCP packet info debugging is on CompNet-RT7206-5# *Nov 2 23:21:27.665: WCCP-PKT:D20: Sending I_See_You packet to 10.78.56.164 w/ rcv_id 00000026 *Nov 2 23:21:37.665: WCCP-PKT:D20: Sending I_See_You packet to 10.78.56.164 w/ rcv_id 00000027 Router# show log *Nov 2 15:15:27 PST: %WCCP-5-SERVICEFOUND: Service 20 acquired on WCCP client 10.78.56.164
40.
40Copyright © 2013
Blue Coat Systems Inc. All Rights Reserved. PROXYSG WCCP STATISTICS https://10.78.56.164:8082/WCCP/Statistics
41.
41Copyright © 2013
Blue Coat Systems Inc. All Rights Reserved. PROXYSG PCAP
42.
42Copyright © 2013
Blue Coat Systems Inc. All Rights Reserved. PROXYSG WCCP DEBUG https://10.78.56.164:8082/WCCP/debug
43.
43Copyright © 2013
Blue Coat Systems Inc. All Rights Reserved. 43Copyright © 2013 Blue Coat Systems Inc. All Rights Reserved. REFERENCES
44.
44Copyright © 2013
Blue Coat Systems Inc. All Rights Reserved.
45.
45Copyright © 2013
Blue Coat Systems Inc. All Rights Reserved. WCCP CLIENT LOSS
46.
46Copyright © 2013
Blue Coat Systems Inc. All Rights Reserved.Blue Coat Confidential – Internal Use Only THANK YOU FOR JOINING TODAY! Please provide feedback on this webcast and suggestions for future webcasts to: supportnewsletter@bluecoat.com Webcast replay and slide deck found here: https://bto.bluecoat.com/training/custom er-support-technical-webcasts (requires BTO login)
47.
47Copyright © 2013
Blue Coat Systems Inc. All Rights Reserved.Blue Coat Confidential – Internal Use Only BLUE COAT CUSTOMER FORUMS New Blue Coat Customer Forums now available Community where you can learn from and share your valuable knowledge and experience with other Blue Coat customers Research, post and reply to topics relevant to you at your own convenience Blue Coat Moderator Team ready to offer guidance, answer questions, and help get you on the right track Access at forums.bluecoat.com and register for an account today!
48.
48Copyright © 2013
Blue Coat Systems Inc. All Rights Reserved.
Download now