Deploying Cisco Wide Area Application Services (WAAS)
|
|
- Ellen Fleming
- 6 years ago
- Views:
Transcription
1 Deploying Cisco Wide Area Application Services (WAAS) BRKAPP
2 Agenda WAAS Overview WAAS Installation and Configuration Network Interception WAAS Application Optimiser (AO) Deployments WAAS Sizing Guidelines 2
3 WAAS Overview
4 WAAS Helps To Accelerate Top-of-mind CIO Initiatives VDI & BYOD Video Cloud App Rollouts WAN Refresh Single box solution addresses VoD, Live Streaming Solutions for Private and Public Cloud Industry leading app performance with NEW appliances 100% ISR G2s ship WAASready SRE provides flexible options 4
5 Application Delivery Challenges LAN Connectivity High bandwidth Round Trip Time ~ 0ms Low latency Reliability Client LAN Switch Server WAN Connectivity Latency Low bandwidth Round Trip Time ~ Many milliseconds Congestion Packet Loss Client LAN Switch WAN LAN switch Server 5
6 Cisco WAAS: WAN Optimisation Solution Virtual Private Cloud vwaas WAE Server VMs Branch Office WAAS Express Nexus 1000v vpath VMware ESXi Server Nexus 1000v VSM UCS /x86 Server Branch Office Branch Office WAAS Services Ready Engine WAAS Appliance WAN Data Centre or Private Cloud WAAS Appliances FC SAN Server VMs Regional Office WAAS Appliance WAAS CMs VMware ESXi vwaas Appliances 6
7 WAAS Product Portfolio vwaas vwaas-200 vwaas-750 vwaas-6000 vwaas WAAS Appliances WAVE-294 WAVE-594 WAVE-694 WAVE-7541 WAVE-7571 WAVE-8541 WAAS ISR Modules WAAS Express WAAS Mobile 890 WAAS Mobile SM-SRE-7X0 SM-SRE-9X0 1941/ xx 39xx Tele Worker Small Branch Medium Branch Large Branch Small-Medium Data Centre Data Centre & Campus 7
8 Next Generation WAVE Appliances Purpose built hardware Optional I/O modules including Optical and 10Gbps Ethernet Up to 2 Gbps optimised throughput Up to 8 Virtual Blades (WAVE-694) 8
9 WAAS Context Aware Cache Architecture App Aware Cache Manager Optimises cache behaviour based upon traffic directionality Per Peer Signatures- provides fault isolation, prevents branch starvation and enables lowest latency data store access Signatures (in memory) Peer 1 SIGNATURE SIGNATURE SIGNATURE SIGNATURE SIGNATURE Peer 2 SIGNATURE SIGNATURE SIGNATURE SIGNATURE SIGNATURE Peer n SIGNATURE SIGNATURE SIGNATURE SIGNATURE SIGNATURE Data Store (Disk) CIFS Object Cache Includes File Pre-positioning Ideal for High latency / Low BW links WAAS 4.4 Adaptive DRE Cache Unified Data Store- Single store for all peers App Policy Controlled: Uni-Directional Traffic- only written to destination cache. No cache consumption at source Bi-Directional Traffic- written to both caches 9
10 Citrix XenApp and XenDesktop Support Zero-touch deployment, auto-interoperability with ICA encryption & compression High Performance virtual desktops WAAS 4.5 No changes to clients No changes to servers WAN Transparent Handshake Branch Office Data Centre Cisco WAAS is jointly tested, validated, supported and verified as a Citrix Ready solution 10
11 Session and Transport Layer Optimisation Client Application Presentation Session Transport WAAS Application Policy defines: L4: basic optimisation L5-7: latency mitigation WAAS 1 Application Optimiser (AO) TFO WAAS 2 Application Optimiser (AO) TFO Host Application Presentation Session Transport Network Network Network Network Data Link Physical Data Link Physical Data Link Origin Optimised Origin Physical Data Link Physical WAN BRKAPP _05_2008_c1 11
12 TFO vs Regular TCP in the WAN Cisco TFO Provides Significant Throughput Improvements over Standard TCP Implementations cwnd TFO TCP Slow Start Congestion Avoidance Time (RTT) TFO is using RFC2018, RFC1323, RFC3390 and BIC-TCP 12
13 Advanced Compression Data Redundancy Elimination (DRE) Persistent LZ Compression Application-agnostic compression Up to 100:1 compression WAAS 4.4: Context Aware DRE Benefits Session-based Application-agnostic compression compression Up Up to to 10:1 100:1 compression compression Works WAAS even 4.4: during Context cold Aware DRE DRE cache LZ WAN LZ DRE Synchronised Compression History DRE 13
14 Application-Specific Acceleration Application/Protocol Awareness - Latency mitigation LAN-like Performance Application Optimisers (AOs) CIFS, NFS, MAPI, Video, HTTP, SSL, Windows Printing, Citrix ICA, E-MAPI Licensed, developed and validated with application vendors Remote Office WAN Data Centre LAN-like Performance Object Cache Verification Security and Control WAN Optimisation WAN Bandwidth Savings Server Safely Offloaded Fewer Servers Needed Power/Cooling Savings 14
15 Network Transparency A/24 WAN B/24 C/24 D/24 E/24 Packets between each network are routed as normal. WAAS auto-discovery will find WAVEs in path WAAS Network Transparency (same L3/L4 headers) allows application acceleration components to maintain compliance with existing network features Quality of Service (QoS), NBAR, NetFlow, monitoring, reporting Security functions (ACLs, firewall policies) 15
16 Auto Discovery - Two WAVE Configuration In-band signalling with TCP option 0x21 WAE B closest to client (A) and WAVE (C) closest to server (B) Connection optimised between WAVE (B) and (C) WAVE shifts optimised TCP SEQ number by 2 billion If a WAVE that was optimising fails: Hosts will see segments with SEQ/ACK numbers that are out of range Host will reset (RST) connection Client will re-establish a new TCP connection A B C D A:D SYN D:A SYN/ACK Origin Connection A:D SYN(OPT) D:A SYN/ACK(OPT) Optimised Connection A:D SYN(OPT) D:A SYN/ACK Origin Connection 16
17 Auto-Discovery Multi WAVE Configuration Optimised connection established between WAVE (B) and WAVE (D) Intermediate WAVE (C) sees TCP option in both directions and switches to Pass Through (PT) Each WAVE supports 10X optimised connection limit for Pass Through connections A B C D E A:E SYN A:E SYN(OPT) A:E SYN(OPT) A:E SYN(OPT) E:A SYN/ACK E:A SYN/ACK(OPT) E:A SYN/ACK(OPT) E:A SYN/ACK A:E ACK A:E ACK(OPT) A:E ACK(OPT) A:E ACK Optimised Origin Connection Connection Origin Connection 17
18 WAAS Sizing Guidelines
19 SRE-7X0-S SRE 7X0-M SRE-9X0-S SRE-9X0-M SRE-9X0-L 294-4G 294-8G 594-6G G G G WAVE - Platform Performance (4.5) WAN Bandwidth (Mbps) Optimised TCP Connections Optimised LAN Throughput (Mbps) k 60k 150k Total Disk Capacity (GB) DRE Disk Capacity (GB) CIFS Disk Capacity (GB) Maximum LAN Video Streams Virtual Blades Supported Total Virtual Blade Disk Capacity Peer Fan Out CM Managed Devices
20 vwaas-200 vwaas-750 vwaas-6000 vwaas vcm-100n vcm-2000n vwaas - Platform Performance (4.5) Number of vcpu Virtaul Memory (GB) Virtual Disk Datastore (GB) Target WAN Bandwidth (Mbps) Optimised TCP Connections Optimised LAN Throughput (Mbps) Peer Fan-out DRE Disk Capacity CIFS Disk Capacity Max LAN Video Streams CM Managed Devices
21 WAAS Deployment Installation and Configuration
22 WAAS Deployment Overview 1. Initial setup is done using Console CLI Setup Script recommended 2. License configuration is required 3. Always bring up the Central Manager (CM) first New WAAS devices are auto-registered to WAAS CM and become a member of AllWAASGroup When creating an AccelerationGroup make sure you apply the correct application policies (e.g. set default one) and auto-membership for this group is enabled 4. Next bring up all Application Accelerators 5. Configure traffic interception (inline, WCCP etc) Start traffic interception on Core or Central devices followed by Remote Devices 6. Further configuration should be done from within the CM 23
23 WAAS Setup Script Prompted on boot of factory default box to run setup script or execute setup Script prompts for configuration to communicate, network integrate, manage, and license the WAE WAVE default mode is Accelerator. Change to CM requires reboot Optional Proactive Diagnostics 24
24 Deploying WAAS Central Manager
25 Central Management System (CMS) CMS process runs on all WAVEs Bidirectional configuration synchronisation between CM and accelerators All management communication uses HTTPS (self signed device specific certificates and keys) Bidirectional config sync between CM and Accelerator Central Manager collects health and monitoring data to every 5 min by default CMS provides means to backup and restore configuration sre700#sho cms info Device registration information : Device ID=11506 Device registered as = WAAS Application Engine Current WAAS Central Manager = Registered with WAAS Central Manager = Status = Online Time of last config-sync = Thu Dec 29 17:56: CMS services information : Service cms_ce is running 26
26 CM Configuration Device located in Data Centre Setup script recommended Non-default configuration Device mode Hostname Primary-interface IP configuration Date/time configuration Configuration Management System (CMS) CMS must be enabled to access the CM GUI Reload required (role change) Optionally use standby interface to dualhome to two switches device mode central-manager hostname dc1-cm1 license add Enterprise primary-interface GigabitEthernet 1/0 interface GigabitEthernet 1/0 ip address exit ip default-gateway ip name-server clock timezone AEST 10 0 ntp server ntp.foo.com cms enable copy run start 27
27 WAAS CM Dashboard 28
28 Group Configuration Best Practices EdgeDevicesGroup Transaction logs Prepositioning Disk encryption Flow Agent AllWAASGroup DNS SNMP Date/Time > NTP Server Time Zone Login Access Control > SSH MoD Exec Timeout Authentication System Log Settings Storage > Disk Error Handling AccelerationGroup Application Policies (Optional) SSLDevicesGroup SSL Acceleration 29
29 WAAS Monitoring Dashboard Aggregate Statistics Optimisation Summary Connection Trending Application Acceleration HTTP, CIFS, NFS, MAPI, Video, SSL, Print, Citrix ICA, E-MAPI 30
30 Deploying Physical Appliance WAE/WAVE
31 Basic Configuration Accelerator Default configuration Hostname Primary-interface IP configuration CMS enable CMS required to register with CM Use of hostname for CM recommended Interface HA Modes Standby Interface PortChannel Interface hostname branch1-wave primary-interface GigabitEthernet 0/0 interface GigabitEthernet 0/0 ip address ! Optionally configure speed and duplex exit ip default-gateway ip name-server ! Implement DNS for CM mobility central-manager address cm1.foo.com cms enable copy run start 32
32 WAVE Port Allocation Onboard Ports GigabitEthernet 0/0 GigabitEthernet 0/1 I/O Modules GigabitEthernet1/0, 1/1 1/7 (Standalone mode) InlineGroup1/0, 1/1, 1/2, 1/3 (Inline mode) TenGigabitEthernet 1/0, 1/1 WAVE-INLN-GE-4T WAVE-INLN-GE-4SX WAVE-INLN-GE-8T WAVE-10GE-2SFP 33
33 Standby Interface Must be layer 2 path between the two WAVE ethernet ports MAC only on in-use interface Primary preempts Gratuitous ARPs on failover WAVE(config)#interface Standby 1 WAVE(config-if)#ip address WAVE(config-if)#exit WAVE(config)#interface GigabitEthernet 0/0 WAVE(config-if)#standby 1 primary WAVE(config-if)#exit WAVE(config)#interface GigabitEthernet 0/1 WAVE(config-if)#standby 1 WAVE(config-if)#exit WAVE(config)#primary-interface standby 1 Gi 0/0 Gi 0/1 WAVE#show interface standby 1 Interface Standby 1 (2 physical interface(s)): GigabitEthernet 0/0 (active)(primary)(in use) GigabitEthernet 0/1 (active) 34
34 PortChannel Interface IP Address defined on PortChannel interface Default Load Balance Method Source-Destination IP and Port LACP is not currently supported. Hard Code Speed/Duplex WAVE(config)# interface PortChannel 1 WAVE(config-if)#no shut WAVE(config-if)#ip address WAVE(config)# interface GigabitEthernet 0/0 WAVE(config-if)#speed 1000 WAVE(config-if)#duplex full WAVE(config-if)#no shutdown WAVE(config-if)#channel-group 1 WAVE(config)#interface GigabitEthernet 0/1 WAVE(config-if)#speed 1000 WAVE(config-if)#duplex full WAVE(config-if)#no shutdown WAVE(config-if)#channel-group 1 Gi 0/0 Gi 0/1 Gi 0/0 Gi 0/1 Interface Configs MUST MATCH 35
35 CM Management 36
36 Device Group Assignment New WAAS devices are automatically added to AllWAASGroup Add the new device to other (e.g. Edge, SSL etc) groups where necessary 37
37 Deploying Virtual Appliance vwaas
38 vwaas Overview Target Use Cases Private Cloud (Enterprise DC) Virtual Private Cloud Hybrid Cloud Interception Methods Supported Traditional methods such as WCCP Nexus 1000v w/ vpath Storage used by vwaas Direct Attached Storage (DAS) FibreChannel SAN iscsi SAN NAS not currently supported vwaas is a virtualised WAAS offering on top of ESX/ESXi running on UCS/x86 servers vwaas VMWare ESX/ESXi UCS /x86 Servers 39
39 vwaas Interception Options WAN vwaas vwaas vwaas VMWare ESX/ESXi WCCP Interception Multiple vwaas VMs can exist in same WCCP cluster Cat6K/N7K WCCP UCS /x86 Server vpath Interception Based on port-profile policy configured in Nexus 1000v Bidirectional Interception - (no IN/OUT configuration) Nexus 2K/5K Pass-through traffic automatic bypass Nexus 1000V /VN-Link vpath ESX/ESXi with N1000v UCS Compute/ Virtualised Servers UCS /x86 Server 40
40 vwaas Installation vwaas Virtual Appliance (OVF) preconfigured with disk, memory, CPU, NIC s and other VMWare configuration settings vwaas-200, 750, 6000, 12000, EVAL vcm-100n, 2000N System Requirements VMware vsphere 4.x/5.x ESXi Hypervisor VMware vcenter server & vsphere client 4.x/5.x Cisco UCS or other x86 Server w/ 64 bit CPU on VMware HCL Ensure Intel VT is enabled in the host s BIOS Thick provisioned storage vpath (optional) requires Nexus 1000v v4.2(1)sv1(4) or later 41
41 vwaas Installation 42
42 vwaas Installation 43
43 vwaas Installation 44
44 vwaas Installation 45
45 vwaas Configuration vwaas configuration is the same as for WAVE Connect to the Console through vcenter Use of Setup Script is recommended Some differences you will notice Interface virtual 1/0 Interception other (for vpath) 46
46 Network Interception Inline Mode
47 Inline Interception Overview Simple Plug-and-Play Deployment Physical in-path deployment between switch and router Mechanical fail-to-wire High Availability Two 2-port fail-to-wire groups with support for redundant network paths and asymmetric routing Serial in-path clustering with fail-over Seamless Transparent Integration Transparency and automatic discovery 802.1q VLAN trunking support Supported on all WAVE appliance models WAN WAVE-INLN-GE-4T WAVE-INLN-GE-8T WAVE-INLN-GE-4SX WAVE-10GE-2SFP 48
48 Serial Inline Cluster Simple High Availability Design for Small to Medium Data Centres HA supported by secondary WAVE Not intended for scaling, only HA Design requires 4 inline groups (8 ports) per WAVE Configure and manage via CM Auto peer configuration Location based reporting Interception Access List supported Bypass for non-relevant traffic WAN1 WAN2 HA WAVE-INLN-GE-4T WAVE-INLN-GE-8T WAVE-INLN-GE-4SX WAVE-10GE-2SFP 49
49 Inline Non-Redundant Branch Router Crossover cable from router to engine Fix speed and duplex settings for Fast Ethernet connections Ensure the router and switch have matching speed and duplex Switch Straight through cable from engine to switch Ensure the router and switch have matching speed and duplex Implement portfast for faster recovery WAVE One Inline port group Ports fail-to-wire upon hardware, software, or power failure Support for interception 802.1q trunks Use Gi0/0 primary interface WAN 50
50 Network Interception WCCP Mode
51 Transparent Off-path Interception WCCPv2 Interception Transparent network integration Active/active clustering supports up to 32 WAVEs and 32 routers with automatic load-balancing, load redistribution, fail-over, and fail-through operation Near-linear scalability and performance improvement when adding devices WCCP Cluster Policy-Based Routing (PBR) Interception Routing of flows to be optimised through a Cisco WAVE as a next-hop router Active/passive clustering provides high availability and failover using IP SLA as a tracking mechanism HA only, no load balancing WAN 52
52 WCCP Functions Intercept Assign Redirect WAVE Cluster Return/Egress Intercept takes place in both directions for WAAS INTERCEPT Identify packets for WCCP processing (in or out) ASSIGN Select the target WAVE REDIRECT Router/switch sends the packet to the WAVE RETURN For unprocessed traffic, WAVE returns the packet to the router EGRESS For processed/optimised traffic, WAVE egresses the packet back to the router 53
53 WCCP Redirect-List Matches traffic for interception Permit all applications but deny specific protocols Avoid redirection of management traffic with a universal ACL Apply bidirectional ACL to service groups 61 and 62 Create the redirect ACL before enabling WCCP service groups 61 and 62 Do not enable logging on WCCP redirect ACL (performance) Optionally permit specific IP subnets ip access-list extended waas-redirect remark WAAS WCCP Redirect List deny tcp any any eq telnet deny tcp any any eq 22 deny tcp any any eq 161 deny tcp any any eq 162 deny tcp any any eq 123 deny tcp any any eq bgp deny tcp any any eq tacacs deny tcp any any eq 2000! Reverse Direction deny tcp any eq telnet any deny tcp any eq 22 any deny tcp any eq 161 any deny tcp any eq 162 any deny tcp any eq 123 any deny tcp any eq bgp any deny tcp any eq tacacs any deny tcp any eq 2000 any! permit tcp any <<branch subnet>> permit tcp <<branch subnet>> any! Implicit DENY ALL Optimise ACL to minimise TCAM usage 54
54 WCCP Redirection Default Service Groups 61 and 62 (Multiple SGs now supported) Redirect 61 FROM Clients (balance on Src IP) Redirect 62 FROM Servers (balance on Dst IP) Always use Redirect IN wherever possible Never use Redirect OUT on Catalyst switch Redirect OUT can be used on ISR/ISR G2, ASR, Nexus 7000 if required by design Avoid WCCP LOOPS! (more on this later) WAN
55 WCCP Assignment Hash or Mask Router uses assignment method to determine which WAVE to redirect traffic to Hash Assignment Byte level XOR computation divided into 256 buckets Default for SW based routing platforms (eg ISR/ISR G2) All buckets allocated evenly across WAVEs (by default) Mask Assignment Mask - Bit level AND divided up to 128 buckets (7 bits) Optimised for hardware based routing platforms (eg Nexus, Catalyst) Always keep Mask size as small as possible Number of buckets (and size of mask) based on number of WAVEs in cluster 2 WAVEs 1 bit mask eg 0x1 8 WAVEs 3 bit mask eg 0x
56 Hash Assignment Hash applied to Source OR Destination IP based on Service Group (61/62) Assignment matches in both directions Src Dest WAN Src WAVE-A WAVE-B Src Dest WAN Dst WAVE-A WAVE-B
57 Mask Assignment Mask applied to Source OR Destination IP based on Service Group (61/62) Assignment matches in both directions Src Dest WAN eg Four WAVEs Mask 0x3 (2 bits) Src WAVE-A WAVE-B WAVE-C WAVE-D Src Dest WAN eg Four WAVEs Mask 0x3 (2 bits) Dst WAVE-A WAVE-B WAVE-C WAVE-D
58 Mask Assignment Examples Branch ISR G2 - Hash or Mask supported (Hash more efficient in SW) Use Hash or keep Mask small (typically only one or two bits) If balancing across multiple engines with Mask, set mask to match host bits Src/Dst IP (Dec) = Src/Dst IP (Bin) = 0000: : : :0001 Mask 0x3 = 0000: : : :0011 Result Data Centre Assuming /24 allocation per site (or per subnet) Two WAVE Cluster 01 WAVE-B Set mask to match third octet (subnet) with mask range 0x100 to 0x7F00 Src/Dst IP (Dec) = Src/Dst IP (Bin) = 0000: : : :0001 Mask 0x700 = 0000: : : :0000 Result 001 Eight WAVE Cluster WAVE-B 59
59 Redirect, Return and Egress Methods WCCP specifics are configured on WAVE (WCCP Client) MUST match WCCP router capabilities WCCP Redirect Methods WCCP GRE - Entire packet inside GRE tunnel to WAVE (default) Layer 2 - Frame Destination MAC address rewritten to WAVE MAC WCCP Return Methods WCCP GRE - GRE Packet returned Router WCCP Layer 2 - Frame rewritten to Router MAC WCCP Egress Methods IP Forward WAVE ARPs for configured Default Gateway (default) WCCP negotiated Flow sent back inside WCCP GRE tunnel to Router Generic GRE Flow sent back inside preconfigured Generic GRE tunnel to Switch (specific for HW assisted interception on Catalyst 6500) 60
60 Layer 2 Methods WAVE must be L2 adjacent to router L2 Redirect Rewrite frame dest MAC to WAVE MAC address Transmit frame towards WAVE L2 Return Rewrite frame dest MAC to Router MAC address Transmit frame towards router L2 Egress Rewrite frame dest MAC to Router MAC address Transmit frame towards redirecting router IP Forwarding Egress WAVE ARPs for default gateway Forward frame as IP packet to gateway address Redirect: L2 Redirect: L2 Today Return: L2 Egress: IP FWD WAAS v5.0 (Future) Return: L2 Egress: L2 61
61 Layer 3 or GRE Methods WAVE must be L3 reachable WCCP GRE Redirect (default) Encapsulate frame in GRE header Transmit GRE packet to WAVE (Source: Router-ID IP) WCCP GRE Return (negotiated) Encapsulate frame in GRE header Transmit GRE packet to redirecting router Destination IP: Router-ID WCCP GRE Egress Encapsulate frame in GRE header Transmit GRE packet to redirecting router Destination IP: Router-ID MUST USE Alternative Generic GRE on Catalyst 6500 Redirect: GRE Router/Switch Return: GRE Egress: GRE Router-ID defaults to loopback or highest IP. Configurable with ip wccp sourceaddress command in ASR 62
62 WCCP Loop Avoidance Common Loop Scenarios Cause: Default Egress Method is IP FWD Solution: Configure WCCP GRE Egress Redirect Loop WAN Cause: Redirect OUT configured Solution: Reconfigure to Redirect IN Redirect Loop WAN Cause: Redirect OUT configured Solution A: Reconfigure to Redirect IN Solution B: Configure Redirect-Exclude IN Redirect Loop 61 WAN 62 ip wccp redirect exclude in 63
63 WCCP Function WAAS Network Deployment WCCP - Platform Recommendations Nexus 7000 ISR & 7200 ASR 1000 Cat 6500 Cat 7600 Sup720/32 Cat 6500 Sup2T Cat 4500 Cat 3750 Assign Mask Hash or Mask Mask Hash or Mask (Hash*) or Mask Mask Mask Redirect L2 GRE or L2 GRE or L2 GRE or L2 GRE or L2 L2 only L2 only Redirect List L3/L4 ACL Extended ACL Extended ACL Extended ACL Extended ACL No Extended ACL (no deny) Direction In or Out In or Out In or Out In or Out In (or Out*) In In Return L2 GRE or L2 L2 Generic GRE or L2 Generic GRE VRFs Supported Supported Planned Planned Supported N/A N/A IOS 4.2(1) 5.1(5) 12.1(14); 12.2(26); 12.3(13); 12.4(10); 12.1(3)T; 12.2(14)T; 12.3(14)T5; 12.4(15)T8; ISR G2 15.0(1)M use L2/Mask XE3.1.0S IOS 15.0(1)S (33)SXH (18)SXF or L2 15.0(1)SY L2 <Sup6 12.2(50)SG1 Sup6 15.0(2)SG Sup7 15.1(1)SG L2 12.2(37)SE This list is dynamic over time, see release notes for latest information 64
64 WAAS Configuration Example Enable GRE Egress Turn on WCCP AFTER configuration wccp router-list wccp tcp-promiscuous router-list-num 1 egress-method negotiated-return intercept-method wccp wccp version 2 65
65 WCCP Router Configuration Router Global Configuration Router(config)# ip cef Router(config)# ip wccp 61 <optional-redirect-list acl-name> Router(config)# ip wccp 62 <optional-redirect-list acl-name> Router(config)# ip wccp version 2 Router Interface Configuration Router(config-if)# ip wccp 61 redirect <in out> Router(config-if)# ip wccp 62 redirect <in out> Router(config-if)# ip wccp redirect exclude in Determined by topology WAN
66 Branch WCCP Configuration Example 61 g0 s0 62 WAN 61 g0 s0 62 Si sm1/0 WAN Looped Intercept Risk! SRE-700 Router ip wccp version 2 ip wccp 61 ip wccp 62 Hash Router ip wccp version 2 ip wccp 61 ip wccp 62 Mask interface gigabit0 ip wccp 61 redirect in interface serial0 ip wccp 62 redirect in interface gigabit0 ip wccp 61 redirect in interface serial0 ip wccp 62 redirect in WAVE wccp router-list wccp tcp-promiscuous router-list-num 1 egress-method negotiated-return interceptmethod wccp wccp version 2 WAVE wccp router-list wccp tcp promiscuous router-list 1 l2- redirect mask-assign wccp tcp-promiscuous mask src-ip-mask 0x1 wccp version 2 67
67 Data Centre Example Single DC WCCP at WAN Edge WAVE or vwaas Deployed WAVE Registration Loopback IP of router ASR Router-ID Configured Loopback IP Single WCCP cluster each WAVE to both routers Assignment Mask Redirect WCCP GRE Return/Egress WCCP GRE Variable WCCP timers configured for fast convergence Network WAVEs on dedicated or shared VLAN WAVEs could be vpc connected to Nexus access layer Routed edge link with no WCCP High Availability via WCCP Maintains Symmetric Traffic Flows WAVE/vWAAS WAN WAVE/vWAAS ASR 1000 ASR 1000 WCCP Registration 68
68 Data Centre Example Multiple DC WCCP at WAN Edge WAVE or vwaas Deployed WAVE Registration Loopback IP of router ASR Router-ID Configured Loopback IP Single WCCP cluster each WAVE to all edge routers (full mesh) Assignment Mask (0x300 or 0x700 for growth) Redirect WCCP GRE Return/Egress WCCP GRE Variable WCCP timers configured Network WAVEs on dedicated or shared VLAN WAVEs could be vpc connected to Nexus access layer Routed edge link with no WCCP High Availability via WCCP Maintains Symmetric Traffic Flows WAVE/ vwaas ASR 1000 WAVE/ vwaas WCCP Registration not displayed 69 ASR 1000 WAN WAVE/ vwaas ASR 1000 WAVE/ vwaas ASR 1000
69 Data Centre Example Single DC WCCP at Aggregation Layer WAVE or vwaas Deployed WAVE Registration Interface IP of router ASR Router-ID Configured Loopback IP Single WCCP cluster each WAVE to both routers Assignment Mask Redirect Layer 2 Return/Egress Layer 2/IP FWD (L2 Egress in WAAS v5.0) Network WAVEs on dedicated VLAN no redirect All server VLAN SVIs 62 Redirect IN WAVEs could be vpc connected to Nexus access layer L2 between Aggregation Switches High Availability via WCCP Maintains Symmetric Traffic Flows WAVE/vWAAS WAN WCCP Registration WAVE/vWAAS Nexus 7000 Nexus 7000 ASR 1000 ASR 1000 L3 Routed 70
70 Data Centre Example Multiple DC WCCP at Aggregation Layer WAVE or vwaas Deployed WAVE Registration Interface IP of router ASR Router-ID Configured Loopback IP Single WCCP cluster each WAVE to all agg switches (full mesh) WAVE/v WAAS Assignment Mask (0x300 or 0x700 for growth) Redirect Layer 2 Return/Egress Layer 2/IP FWD (L2 Egress in WAAS v5.0) Network WAVEs on dedicated VLAN no redirect All server VLAN SVIs 62 Redirect IN WAVEs could be vpc connected L2 between Aggregation Switches Routed edge link High Availability via WCCP Maintains Symmetric Traffic Flows Nexus 7000 ASR 1000 WAVE/v WAAS Nexus 7000 WAVE/v WAAS WCCP Registration not displayed 71 ASR 1000 L2 Trunk L3 Routed WAN Nexus 7000 ASR 1000 WAVE/v WAAS Nexus 7000 ASR 1000
71 WAAS WCCP Deployment Configuration Best Practices Registration Do NOT use a virtual gateway address (HSRP, VRRP, GLBP) Use interface IP address if L2 adjacent to WCCP router Use highest loopback address if not L2 adjacent to WCCP router Software Platforms ISR, ISR G2 GRE Redirect (Default) Hash Assignment (Default) Inbound Interception "ip wccp redirect exclude in" on WCCP client interface (outbound interception only) WAAS Egress Method: IP Forwarding Hardware Platform ASR, Nexus 7000, Catalyst 6500, 4500 L2 Nexus 7000, Catalyst 6500, 4500, ASR WCCP GRE Redirect Catalyst 6500, ASR if required for design Mask Assignment keep mask small Inbound Interception Do not use "ip wccp redirect exclude in Catalyst 6500 WAAS Egress Method: IP Forwarding, Generic GRE (Cat6k PFC-based systems only) 72
72 Network Interception vpath Mode
73 vpath Overview FC Array VSN vwaas1 1 SAN Web-Server 1 DBServer Web-Server 2 Web-Server 3 VSN vwaas2 App Server vcm vpath Nexus 1000v VEM VMware ESX Server 1 Nexus 1000v VEM VMware ESXi Server 2 VEM: Virtual Ethernet Module VSM: Virtual Supervisor Module VSN: Virtual Service Node Nexus 1000v VSM vcenter Server Optimised Port-Profile for WAAS 1 Optimised Port-Profile for WAAS 2 Non Opt Port-Profile vwaas Port-Profile
74 vpath Configuration Example port-profile type vethernet DC-vWAAS vmware port-group switchport mode access switchport access vlan 40 no shutdown state enabled port-profile type vethernet server-3 vmware port-group switchport mode access switchport access vlan 40 vn-service ip-address vlan 40 fail open no shutdown state enabled 75
75 vwaas vpath Deployment Port-Profile Configuration Network Admin view Port-Profile Port-group vpath interception Nexus 1000v VSM Server Admin view vsphere client Attach Opt-port-profile to server VMs 76
76 Deploying WAAS AOs Secure Application Optimisers
77 SSL AO Overview Central WAVE acts as a Trusted Intermediary Node for SSL requests by client Server Private Key and Certificate are securely loaded from CM Secure Store to Central WAVE Central WAVE participates in SSL Handshake to derive the Session Key Central WAVE securely sends the session key in-band to the Edge WAVE enabling it to terminate (decrypt/encrypt) the Client SSL session Edge WAVE Send session key Central WAVE Client Secure Channel SSL Handshake SSL Handshake WAN Original Data - Encrypted Optimised & Encrypted Original Data - Encrypted Server SSL Session Client to Core WAE (WAAS) SSL Session Central WAVE to Server 78
78 SSL Secure Store CM secure store keeps all imported host and accelerated SSL certificates and private keys Certificates and private keys encrypted with user pass-phrase: When secure store is being initialised first time (initialisation) After CM device reloads to open secure store (opening) CM secure store must be open to synchronise configuration between SSL capable CM and WAVEs Upon reboot, if CM detects the secure store is initialized but not open, a critical alarm is raised 79
79 E-MAPI AO Overview New in WAAS v5.0 June 2012 Preserves end-to-end security with Kerberos Operational consistency with MS infrastructure Consistent across version changes of MS Exchange Kerberos/NTLM Branch WAE Send session key Transparent Secure Channel Kerberos/NTLM DC WAE KDC/AD/DC Kerberos/NTLM WAN Outlook Client Original Data Encrypted/Signed Optimised & Encrypted/Signed Original Data Encrypted/Signed Exchange Server 80
80 E-MAPI AO Operation Grant WAE Workstation account Key permission Kerberos session key allows access to Encrypt/Read/Sign Data Encrypted MAPI Request Branch WAAS Securely transfer key to remote branch. WAN WAN-Secure Core WAAS Active Directory Controller (Kerberos KDC) Outlook Client Application Data: Encrypted Authentication: Kerberos Application Data: Optimised, Encrypted Authentication: Kerberos Application Data: Encrypted Authentication: Kerberos Exchange Server 81
81 E-MAPI Active Directory Integration POC and Commercial Deployment Work Flow with Admin Account Set Time, DNS and Domain info Enter User in WAE Ready! Enterprise Deployment Work Flow Workstation Account Set Time, DNS and Domain info User Account Set Time, DNS and Domain info Join WAE to Domain Create User in AD Grant WAVE Key Permission Grant WAVE Key Permission Require Active Directory team involvement Set WAVE to Use M/A Enter User in WAVE Ready! Ready! 82
82 E-MAPI AO Configuration Requirements WAVE requires DNS configuration to resolve AD domain queries. All WAVEs should be NTP Time Synchronised with the AD domain AD Provisioning User account identity - account created in the AD domain and provisioned on the WAVE Machine account identity - WAVE to join the AD domain. Domain Controller to delegate read only access for the root of the AD DB to the WAVE identity account CM Configuration Enable E-MAPI AO through CM 83
83 Citrix ICA AO Overview ICA Optimisation enabled by default No changes to client configurations No changes to server-side configurations WAN Virtual Desktops Branch Clients WAAS WAAS Citrix Hosting Infrastructure HDX Mediastream HDX with ICA CGP / Session Reliability 84
84 Citrix ICA AO Deployment Guidelines Disable CGP unless needed for lossy links such as satellite Use Client Side Rendering for HDX Mediastream for flash where possible for optimal end user experience Use Direct Print where possible for optimal print performance When using Redirected Print Mode, ensure Printer Redirection bandwidth and printer redirection bandwidth percentage settings are set to default (0) DRE Caching is more effective with greater number of users 85
85 Q & A
86 Complete Your Online Session Evaluation Complete your session evaluation: Directly from your mobile device by visiting and login by entering your username and password Visit one of the Cisco Live internet stations located throughout the venue Open a browser on your own computer to access the Cisco Live onsite portal Don t forget to activate your Cisco Live Virtual account for access to all session materials, communities, and on-demand and live activities throughout the year. Activate your account at any internet station or visit 87
87 88
Configuring Traffic Interception
4 CHAPTER This chapter describes the WAAS software support for intercepting all TCP traffic in an IP-based network, based on the IP and TCP header information, and redirecting the traffic to wide area
More informationCertifyMe. CertifyMe
CertifyMe Number: 642-652 Passing Score: 800 Time Limit: 120 min File Version: 8.9 http://www.gratisexam.com/ CertifyMe 642-652 Exam A QUESTION 1 Exhibit: You work as an engineer at Certkiller.com. Study
More informationSymbols INDEX > 12-14
INDEX Symbols > 12-14 A AAA accounting configuring 6-32 AAA-based management systems 2-25, 6-2 acceleration about 1-6, 12-1 features 1-6 TCP settings 12-17 accounts creating 7-3 creation process 7-2 deleting
More informationWAAS Design and Deployment
WAAS Design and Deployment 2 Abstract This session will show how to deploy WAAS into the network, covering design topologies and network interception techniques from the traditional Inline and WCCP to
More informationConnect, Optimize, Accelerate. Enterprise Application Delivery Platform (Cisco WAAS)
Riyadh, Saudi Arabia February 2013 Connect, Optimize, Accelerate. Enterprise Application Delivery Platform (Cisco WAAS) Mahmoud Ahmed Consulting Systems Engineer Emerging markets Comparison of WAN Costs
More informationConfiguring Web Cache Services By Using WCCP
CHAPTER 44 Configuring Web Cache Services By Using WCCP This chapter describes how to configure your Catalyst 3560 switch to redirect traffic to wide-area application engines (such as the Cisco Cache Engine
More informationCISCO EXAM QUESTIONS & ANSWERS
CISCO 642-655 EXAM QUESTIONS & ANSWERS Number: 642-655 Passing Score: 800 Time Limit: 120 min File Version: 70.0 http://www.gratisexam.com/ CISCO 642-655 EXAM QUESTIONS & ANSWERS Exam Name: WAASFE-Wide
More informationCisco Application Networking Services for VMware Virtual Desktop Infrastructure
Cisco Application Networking Services for VMware Virtual Desktop Infrastructure Deployment Guide 2008 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Contents Introduction...
More informationMonitoring WAAS Using WAAS Central Manager. Monitoring WAAS Network Health. Using the WAAS Dashboard CHAPTER
CHAPTER 1 This chapter describes how to use WAAS Central Manager to monitor network health, device health, and traffic interception of the WAAS environment. This chapter contains the following sections:
More informationCisco Wide Area Application Services: Secure, Scalable, and Simple Central Management
Solution Overview Cisco Wide Area Application Services: Secure, Scalable, and Simple Central Management What You Will Learn Companies are challenged with conflicting requirements to consolidate costly
More informationCisco WAAS Software Command Summary
2 CHAPTER This chapter summarizes the Cisco WAAS 4.0.7 software commands. lists the WAAS commands (alphabetically) and indicates the command mode for each command. The commands used to access modes are
More informationConfiguring Cache Services Using the Web Cache Communication Protocol
Configuring Cache Services Using the Web Cache Communication Protocol Finding Feature Information, page 1 Prerequisites for WCCP, page 1 Restrictions for WCCP, page 2 Information About WCCP, page 3 How
More informationCisco Wide Area Application Services Upgrade Guide
Cisco Wide Area Application Services Upgrade Guide Published: May 27, 2010 Software Version 4.1 This document describes how to upgrade Cisco Wide Area Application Services (WAAS) from software release
More informationWCCP Network Integration with Cisco Catalyst 6500: Best Practice Recommendations for Successful Deployments
WCCP Network Integration with Cisco Catalyst 6500: Best Practice Recommendations for Successful Deployments What You Will Learn This document is intended for network engineers deploying the Cisco Catalyst
More informationFeatures. HDX WAN optimization. QoS
May 2013 Citrix CloudBridge Accelerates, controls and optimizes applications to all locations: datacenter, branch offices, public and private clouds and mobile users Citrix CloudBridge provides a unified
More informationQ. What technologies does Cisco WAAS Express use to optimize traffic? A. Cisco WAAS Express optimizes WAN bandwidth using these technologies:
Q&A Cisco WAAS Express General Q. What is Cisco Wide Area Application Services (WAAS) Express? A. Cisco WAAS Express extends the Cisco WAAS product portfolio with a small-footprint, cost-effective solution
More informationCisco Virtual Networking Solution for OpenStack
Data Sheet Cisco Virtual Networking Solution for OpenStack Product Overview Extend enterprise-class networking features to OpenStack cloud environments. A reliable virtual network infrastructure that provides
More informationVirtual Security Gateway Overview
This chapter contains the following sections: Information About the Cisco Virtual Security Gateway, page 1 Cisco Virtual Security Gateway Configuration for the Network, page 10 Feature History for Overview,
More informationCisco Cloud Services Router 1000V with Cisco IOS XE Software Release 3.13
Q&A Cisco Cloud Services Router 1000V with Cisco IOS XE Software Release 3.13 Q. What is the Cisco Cloud Services Router 1000V? A. The Cisco Cloud Services Router 1000V (CSR 1000V) is a router in virtual
More informationCISCO WAAS DEPLOYMENT USING WEB CACHE COMMUNICATION PROTOCOL VERSION 2 (WCCPV2)
CISCO PUBLIC WHITE PAPER CISCO WAAS DEPLOYMENT USING WEB CACHE COMMUNICATION PROTOCOL VERSION 2 (WCCPV2) Cisco Wide Area Application Services (WAAS) relies on network interception to be integrated into
More informationWhy WAN accelerators (still) matter? Andrea Dainese Data Center Engineer
Why WAN accelerators (still) matter? Data Center Engineer Presentation Data Center Engineer @ Cerved Group SpA Red Hat RHCE VMware VCP-DCV NetApp NCIE-SAN Cisco CCIE Who is Andrea Dainese Cisco Architecture
More informationPlanning Your WAAS Network
2 CHAPTER Before you set up your Wide Area Application Services (WAAS) network, there are general guidelines to consider and some restrictions and limitations you should be aware of if you are migrating
More informationConfiguring Transparent Redirection for Standalone Content Engines
CHAPTER 6 Configuring Transparent Redirection for Standalone Content Engines This chapter discusses the following methods for transparently redirecting content requests to standalone Content Engines: Web
More informationDriving Performance with Application Velocity. Marc van Hoof, Product Manager Service Routing Tech Group
Driving Performance with Application Velocity Marc van Hoof, Product Manager Service Routing Tech Group The Borderless Routing Challenge Performance Services Operations DC / Cloud WAN / Internet Mobile
More informationConfiguring WCCPv2. Information About WCCPv2. Send document comments to CHAPTER
CHAPTER 5 This chapter describes how to configure the Web Cache Communication Protocol version 2 (WCCPv2) on Cisco NX-OS devices. This chapter includes the following sections: Information About WCCPv2,
More informationWINNER 2007 WINNER 2008 WINNER 2009 WINNER 2010
2010 2009 2008 2007 WINNER 2007 WINNER 2008 WINNER 2009 WINNER 2010 DATA SHEET VIRTUAL ACCELERATOR Six Reasons to say Yes to Expand 1. Comprehensive Whether the WAN is used to connect file servers, email
More informationCisco Virtual Security Gateway Deployment Guide VSG 1.4
Deployment Guide Cisco Virtual Security Gateway Deployment Guide VSG 1.4 Deployment Guide 2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 1 of 33
More informationLayer 2 Implementation
CHAPTER 3 In the Virtualized Multiservice Data Center (VMDC) 2.3 solution, the goal is to minimize the use of Spanning Tree Protocol (STP) convergence and loop detection by the use of Virtual Port Channel
More informationHypervisors networking: best practices for interconnecting with Cisco switches
Hypervisors networking: best practices for interconnecting with Cisco switches Ramses Smeyers Customer Support Engineer Agenda What is this session about? Networking virtualization concepts Hypervisor
More informationCisco Exam Questions & Answers
Cisco 648-375 Exam Questions & Answers Number: 648-375 Passing Score: 800 Time Limit: 120 min File Version: 22.1 http://www.gratisexam.com/ Cisco 648-375 Exam Questions & Answers Exam Name: Cisco Express
More informationBi-directional ADN Deployment Using WCCP with Reflect Client IP [Configuration Sample] Ken Fritz (PSS)
Bi-directional ADN Deployment Using WCCP with Reflect Client IP [Configuration Sample] February 17, 2011 Ken Fritz (PSS) Copyright 2011 Blue Coat Systems, Inc. All rights reserved worldwide. No part of
More informationCISCO EXAM QUESTIONS & ANSWERS
CISCO 642-618 EXAM QUESTIONS & ANSWERS Number: 642-618 Passing Score: 800 Time Limit: 120 min File Version: 39.6 http://www.gratisexam.com/ CISCO 642-618 EXAM QUESTIONS & ANSWERS Exam Name: Deploying Cisco
More informationConfiguring EtherChannels and Layer 2 Trunk Failover
35 CHAPTER Configuring EtherChannels and Layer 2 Trunk Failover This chapter describes how to configure EtherChannels on Layer 2 and Layer 3 ports on the switch. EtherChannel provides fault-tolerant high-speed
More informationConfiguring EtherChannels and Link-State Tracking
CHAPTER 37 Configuring EtherChannels and Link-State Tracking This chapter describes how to configure EtherChannels on Layer 2 and Layer 3 ports on the switch. EtherChannel provides fault-tolerant high-speed
More informationIntroduction to Cisco WAAS
1 CHAPTER This chapter provides an overview of the Cisco WAAS solution and describes the main features that enable WAAS to overcome the most common challenges in transporting data over a wide area network.
More informationPorts and Interfaces. Ports. Information About Ports. Ports, page 1 Link Aggregation, page 5 Interfaces, page 10
Ports, page 1 Link Aggregation, page 5 Interfaces, page 10 Ports Information About Ports A port is a physical entity that is used for connections on the Cisco WLC platform. Cisco WLCs have two types of
More informationCisco Nexus 1100 Series Virtual Services Appliances
Deployment Guide Cisco Nexus 1100 Series Virtual Services Appliances Deployment Guide Version 1.0 June 2013 2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.
More informationInterface Configuration Mode Commands
Chapter 3 CLI Commands Interface Configuration Mode Commands Use the mode for setting, viewing, and testing the configuration of WAAS software features on a specific interface. To enter this mode, enter
More informationInterfaces for Firepower Threat Defense
This chapter includes Firepower Threat Defense interface configuration including Ethernet settings, EtherChannels, VLAN subinterfaces, IP addressing, and more. About Firepower Threat Defense Interfaces,
More informationCisco Nexus 1000V InterCloud
Deployment Guide Cisco Nexus 1000V InterCloud Deployment Guide (Draft) June 2013 2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 1 of 49 Contents
More informationPass-Through Technology
CHAPTER 3 This chapter provides best design practices for deploying blade servers using pass-through technology within the Cisco Data Center Networking Architecture, describes blade server architecture,
More informationVSB Backup and Recovery
CHAPTER 6 This chapter describes how to backup and recover a VSB, and includes the following sections: Information About, page 6-1 Guidelines and Limitations, page 6-1 Configuring VSB Backup and Restoration,
More informationEnterprise. Nexus 1000V. L2/L3 Fabric WAN/PE. Customer VRF. MPLS Backbone. Service Provider Data Center-1 Customer VRF WAN/PE OTV OTV.
2 CHAPTER Cisco's Disaster Recovery as a Service (DRaaS) architecture supports virtual data centers that consist of a collection of geographically-dispersed data center locations. Since data centers are
More informationConfiguring Cisco Prime NAM
Cisco SRE NAM has an internal Gigabit Ethernet interface and an external interface. You can use either interface for Prime NAM management traffic such as the NAM web GUI, telnet or ssh, but not both. You
More informationPowering Transformation With Cisco
Shape Your Business For the Future: Powering Transformation With Cisco Cisco VXI : Delivering The Next Generation of Virtualized Environment Herdiman Eka Wijaya 12 June 2012 Agenda What is Desktop Virtualization?
More informationWCCP Configuration Mode Commands
WCCP Configuration Mode Commands To configure the Web Cache Coordination Protocol (WCCP) Version 2 TCP promiscuous mode service, use the wccp tcp-promiscuous service-pair global configuration command.
More informationConfiguring the Catena Solution
This chapter describes how to configure Catena on a Cisco NX-OS device. This chapter includes the following sections: About the Catena Solution, page 1 Licensing Requirements for Catena, page 2 Guidelines
More informationDesigning Solution with Cisco Intrusion Prevention Systems
Designing Solution with Cisco Intrusion Prevention Systems Petr Růžička, CSE CCIE #20166 1 Session Abstract IPS technology could be placed in many different places in the network and as such it has to
More informationHybrid Clouds: Integrating the Enterprise Data Center and the Public Cloud
Hybrid Clouds: Integrating the Enterprise Data Center and the Public Cloud Usha Ramachandran, Technical Marketing Engineer Session Abstract In this session, participants will learn how to create hybrid
More informationConfiguring WCCP. Finding Feature Information
The Web Cache Communication Protocol (WCCP) is a Cisco-developed content-routing technology that intercepts IP packets and redirects those packets to a destination other than that specified in the IP packet.
More informationInterface Configuration Mode Commands
Interface Configuration Mode Commands Use the mode for setting, viewing, and testing the configuration of WAAS software features on a specific interface. To enter this mode, enter the interface command
More informationConfiguring High Availability (HA)
4 CHAPTER This chapter covers the following topics: Adding High Availability Cisco NAC Appliance To Your Network, page 4-1 Installing a Clean Access Manager High Availability Pair, page 4-3 Installing
More informationCisco Branch Routers Series Network Analysis Module (NME-NAM-120S) Installation and Configuration Note, 4.2
Cisco Branch Routers Series Network Analysis Module (NME-NAM-120S) Installation and Configuration Note, 4.2 The Cisco Network Analysis Module (NAM) is an integrated module that enables network managers
More informationSeven Criteria for a Sound Investment in WAN Optimization
Seven Criteria for a Sound Investment in WAN Optimization Introduction WAN optimization technology brings three important business benefits to IT organizations: Reduces branch office infrastructure costs
More informationEnterprise Branch Wide Area Application Services Design Guide (Version 1.1)
Enterprise Branch Wide Area Application Services Design Guide (Version 1.1) This document discusses design and deployment considerations in deploying wide area application services (WAAS) over branch architectures.
More informationCisco Nexus 1000V Installation and Upgrade Guide, Release 5.2(1)SV3(1.4)
Cisco Nexus 1000V Installation and Upgrade Guide, Release 5.2(1)SV3(1.4) First Published: April 17, 2015 Last Modified: August 27, 2015 Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San
More informationInterchassis Asymmetric Routing Support for Zone-Based Firewall and NAT
Interchassis Asymmetric Routing Support for Zone-Based Firewall and NAT The Interchassis Asymmetric Routing Support for Zone-Based Firewall and NAT feature supports the forwarding of packets from a standby
More informationBorderless Networks. Tom Schepers, Director Systems Engineering
Borderless Networks Tom Schepers, Director Systems Engineering Agenda Introducing Enterprise Network Architecture Unified Access Cloud Intelligent Network & Unified Services Enterprise Networks in Action
More informationInterfaces for Firepower Threat Defense
This chapter includes Firepower Threat Defense interface configuration including Ethernet settings, EtherChannels, VLAN subinterfaces, IP addressing, and more. About Firepower Threat Defense Interfaces,
More informationCisco Virtual Networking Solution Nexus 1000v and Virtual Services. Abhishek Mande Engineer
Cisco Virtual Networking Solution Nexus 1000v and Virtual Services Abhishek Mande Engineer mailme@cisco.com Agenda Application requirements in virtualized DC The Anatomy of Nexus 1000V Virtual Services
More informationECDS MDE 100XVB Installation Guide on ISR G2 UCS-E and VMWare vsphere Hypervisor (ESXi)
ECDS MDE 100XVB Installation Guide on ISR G2 UCS-E and VMWare vsphere Hypervisor (ESXi) Revised: November, 2013 Contents Overview, page 1 Guidelines and Limitations, page 1 Prerequisites, page 2 Installation
More informationApplication Optimization
Application Optimization Anthony Lockhart, WAAS Product Manager BRKRST-2514 Cisco Spark How Questions? Use Cisco Spark to chat with the speaker after the session 1. Find this session in the Cisco Live
More informationF5 DDoS Hybrid Defender : Setup. Version
F5 DDoS Hybrid Defender : Setup Version 13.1.0.3 Table of Contents Table of Contents Introducing DDoS Hybrid Defender... 5 Introduction to DDoS Hybrid Defender...5 DDoS deployments... 5 Example DDoS Hybrid
More informationWide Area Application Services (WAAS) for iscsi
Wide Area Application Services (WAAS) for iscsi Contents iscsi Overview 2 Topology 2 Configuration 3 Verification 4 WAN Characteristics 4 Optimization Validation 5 Summary 7 The Cisco ISR router Video
More informationDeployment Scenarios for Standalone Content Engines
CHAPTER 3 Deployment Scenarios for Standalone Content Engines This chapter introduces some sample scenarios for deploying standalone Content Engines in enterprise and service provider environments. This
More informationBIG-IP TMOS : Implementations. Version
BIG-IP TMOS : Implementations Version 11.5.1 Table of Contents Table of Contents Customizing the BIG-IP Dashboard...13 Overview: BIG-IP dashboard customization...13 Customizing the BIG-IP dashboard...13
More informationINTRODUCTION...2 SOLUTION DETAILS...3 NOTES...3 HOW IT WORKS...4
TESTING & INTEGRATION GROUP TECHNICAL DOCUMENT DefensePro out of path with Cisco router INTRODUCTION...2 SOLUTION DETAILS...3 NOTES...3 HOW IT WORKS...4 CONFIGURATION... 4 TRAFFIC FLOW... 4 SOFTWARE AND
More informationHyTrust CloudControl Installation Guide
HyTrust CloudControl Installation Guide Version 4.5 August, 2015 Use, reproduction, or disclosure is subject to restrictions set forth in Contract Number 2009*0674524*000 and Sub Contract No. HyTrust 01.
More informationDeploy Webex Video Mesh
Video Mesh Deployment Task Flow, on page 1 Install Webex Video Mesh Node Software, on page 2 Log in to the Webex Video Mesh Node Console, on page 4 Set the Network Configuration of the Webex Video Mesh
More informationCisco Etherswitch Service Modules
. &A Cisco Etherswitch Service Modules Overview Q. What are the Cisco EtherSwitch service modules? A. The Cisco EtherSwitch service modules are integrated switching modules for Cisco routers. These are
More informationConfiguring Stateful Interchassis Redundancy
The Stateful Interchassis Redundancy feature enables you to configure pairs of devices to act as backups for each other. This module describes conceptual information about and tasks for configuring stateful
More informationConfiguring WCCP. Finding Feature Information. Last Updated: August 04, 2011
Configuring WCCP Finding Feature Information Configuring WCCP Last Updated: August 04, 2011 The Web Cache Communication Protocol (WCCP) is a Cisco-developed content-routing technology that intercepts IP
More informationCCNA Security 1.0 Student Packet Tracer Manual
1.0 Student Packet Tracer Manual This document is exclusive property of Cisco Systems, Inc. Permission is granted to print and copy this document for non-commercial distribution and exclusive use by instructors
More informationRelease Notes for Cisco Application Policy Infrastructure Controller Enterprise Module, Release x
Release s for Cisco Application Policy Infrastructure Controller Enterprise Module, Release 1.3.3.x First Published: 2017-02-10 Release s for Cisco Application Policy Infrastructure Controller Enterprise
More informationBraindumpsIT. BraindumpsIT - IT Certification Company provides Braindumps pdf!
BraindumpsIT http://www.braindumpsit.com BraindumpsIT - IT Certification Company provides Braindumps pdf! Exam : 300-115 Title : Implementing Cisco IP Switched Networks Vendor : Cisco Version : DEMO Get
More informationCisco Integrated Services Virtual Router
Data Sheet Cisco Integrated Services Virtual Router The Cisco Integrated Services Virtual Router (ISRv) is a virtual form-factor Cisco IOS XE Software router that delivers comprehensive WAN gateway and
More informationInstalling the Cisco Nexus 1000V Software Using ISO or OVA Files
Installing the Cisco Nexus 1000V Software Using ISO or OVA Files This chapter contains the following sections: Installing the VSM Software, page 1 Installing the VSM Software Installing the Software from
More informationDeploying Silver Peak Velocity with Dell Compellent Remote Instant Replay. November 2012
Deploying Silver Peak Velocity with Dell Compellent Remote Instant Replay November 2012 1 Page Formatting Conventions... 3 Prerequisites... 3 Overview... 3 VMware Configuration... 4 Deploying the Silver
More informationDeploy the ExtraHop Discover Appliance with VMware
Deploy the ExtraHop Discover Appliance with VMware Published: 2018-07-17 The ExtraHop virtual appliance can help you to monitor the performance of your applications across internal networks, the public
More informationConfiguring Web-Based Authentication
This chapter describes how to configure web-based authentication on the switch. It contains these sections: Finding Feature Information, page 1 Web-Based Authentication Overview, page 1 How to Configure
More informationOrdering and deleting Single-node Trial for VMware vcenter Server on IBM Cloud instances
Ordering and deleting Single-node Trial for VMware vcenter Server on IBM Cloud instances The Single-node Trial for VMware vcenter Server on IBM Cloud is a single-tenant hosted private cloud that delivers
More informationChapter 2. Switch Concepts and Configuration. Part I
Chapter 2 Switch Concepts and Configuration Part I CCNA3-1 Chapter 2-1 Note for Instructors These presentations are the result of a collaboration among the instructors at St. Clair College in Windsor,
More informationDeploying the Cisco ASA 1000V
CHAPTER 2 This chapter includes the following sections: Information About the ASA 1000V Deployment, page 2-1 Downloading the ASA 1000V OVA File, page 2-7 Deploying the ASA 1000V Using the VMware vsphere
More informationCisco Nexus 1000V Series Switches
Cisco Nexus 1000V Series Switches Product Overview Cisco Nexus 1000V Series Switches are virtual machine access switches that are an intelligent software switch implementation for VMware vsphere environments
More informationVMware Identity Manager Connector Installation and Configuration (Legacy Mode)
VMware Identity Manager Connector Installation and Configuration (Legacy Mode) VMware Identity Manager This document supports the version of each product listed and supports all subsequent versions until
More informationIntelligent WAN Multiple VRFs Deployment Guide
Cisco Validated design Intelligent WAN Multiple VRFs Deployment Guide September 2017 Table of Contents Table of Contents Deploying the Cisco Intelligent WAN... 1 Deploying the Cisco IWAN Multiple VRFs...
More information3. What could you use if you wanted to reduce unnecessary broadcast, multicast, and flooded unicast packets?
Nguyen The Nhat - Take Exam Exam questions Time remaining: 00: 00: 51 1. Which command will give the user TECH privileged-mode access after authentication with the server? username name privilege level
More informationTestOut Routing and Switching Pro - English 6.0.x COURSE OUTLINE. Modified
TestOut Routing and Switching Pro - English 6.0.x COURSE OUTLINE Modified 2017-07-10 TestOut Routing and Switching Pro Outline- English 6.0.x Videos: 133 (15:42:34) Demonstrations: 78 (7:22:19) Simulations:
More informationCCIE Data Center Written Exam ( ) version 1.0
CCIE Data Center Written Exam (350-080) version 1.0 Exam Description: The Cisco CCIE Data Center Written Exam (350-080) version 1.0 is a 2-hour test with 80 110 questions that will validate that a data
More informationConfiguring Virtual Port Channels
Configuring Virtual Port Channels This chapter describes how to configure virtual port channels (vpcs) on Cisco Nexus 5000 Series switches. It contains the following sections: Information About vpcs, page
More informationBranch Repeater :51:35 UTC Citrix Systems, Inc. All rights reserved. Terms of Use Trademarks Privacy Statement
Branch Repeater 6.0 2013-07-22 14:51:35 UTC 2013 Citrix Systems, Inc. All rights reserved. Terms of Use Trademarks Privacy Statement Contents Branch Repeater 6.0... 3 Branch Repeater 6.0... 4 Release Notes
More informationSend documentation comments to You must enable FCIP before attempting to configure it on the switch.
CHAPTER 9 (Fibre Channel over IP) is an IETF standards based protocol for connecting Fibre Channel SANs over IP based networks. encapsulates the FCP frames in a TCP/IP packet which is then sent across
More informationVeloCloud Cloud-Delivered WAN Fast. Simple. Secure. KUHN CONSULTING GmbH
VeloCloud Cloud-Delivered WAN Fast. Simple. Secure. 1 Agenda 1. Overview and company presentation 2. Solution presentation 3. Main benefits to show to customers 4. Deployment models 2 VeloCloud Company
More informationConfiguring Private VLANs
CHAPTER 15 This chapter describes how to configure private VLANs on the Cisco 7600 series routers. Note For complete syntax and usage information for the commands used in this chapter, refer to the Cisco
More informationAdministration and monitoring of the Cisco Data Center with Cisco DCNM
Administration and monitoring of the Cisco Data Center with Cisco DCNM Paul Dunon Consulting SE Network Management Emeric Calabrese Consulting SE Data Center Agenda DCNM Solution overview Best Practices
More informationP ART 3. Configuring the Infrastructure
P ART 3 Configuring the Infrastructure CHAPTER 8 Summary of Configuring the Infrastructure Revised: August 7, 2013 This part of the CVD section discusses the different infrastructure components that are
More informationInstalling the Cisco CSR 1000v in VMware ESXi Environments
Installing the Cisco CSR 1000v in VMware ESXi Environments VMware ESXi Support Information, page 1 VMware Requirements Cisco IOS XE Fuji 16.7, page 2 Supported VMware Features and Operations, page 3 Deploying
More informationCisco Intelligent WAN with Akamai Connect
Data Sheet Cisco Intelligent WAN with Akamai Connect Deliver consistent, LAN-like user experiences using application acceleration and WAN optimization while lowering bandwidth costs. Users get world-class
More informationChapter 10 Configure AnyConnect Remote Access SSL VPN Using ASDM
Chapter 10 Configure AnyConnect Remote Access SSL VPN Using ASDM Topology Note: ISR G1 devices use FastEthernet interfaces instead of GigabitEthernet interfaces. 2015 Cisco and/or its affiliates. All rights
More informationChapter 10 - Configure ASA Basic Settings and Firewall using ASDM
Chapter 10 - Configure ASA Basic Settings and Firewall using ASDM This lab has been updated for use on NETLAB+ Topology Note: ISR G1 devices use FastEthernet interfaces instead of GigabitEthernet interfaces.
More information