There are three methods for redirecting outbound packets from the client to the appliance (known as LAN-side redirection, or outbound redirection):
• PBR (Policy-Based Routing) — configured on the router. No other special configuration required on the appliance. This is also known as FBF (Filter-Based Forwarding).If you want to deploy two Silver Peaks at the site, for redundancy or load balancing, then you also need to use VRRP (Virtual Router Redundancy Protocol).
• WCCP (Web Cache Communication Protocol) — configured on both the router and the Silver Peak appliance. You can also use WCCP for redundancy and load balancing.
• Host routing — the server/end station has a default or subnet-based static route that points to the Silver Peak appliance as its next hop. Host routing is the preferred method when a virtual appliance is using a single interface, mgmt0, for datapath traffic (also known as Server Mode).To ensure end-to-end connectivity in case of appliance failure, consider using VRRP between the appliance and a router, or the appliance and another redundant Silver Peak.How you plan to optimize traffic affects whether or not you also need inbound redirection from the WAN router (also known as WAN-side redirection):
• If you enable subnet sharing (which relies on advertising local subnets between Silver Peak appliances) or route policies (which specify destination IP addresses), then you only need outbound redirection.
• If, instead, you default to TCP-based or IP-based auto-optimization (which relies on initial handshaking outside a tunnel), then you must set up inbound and outbound redirection on the WAN router.
• Additionally, for TCP flows to be optimized, both directions must travel through the same client and server appliances. If the TCP flows are asymmetric —as could occur in a high-availability deployment — you need to configure clusters for flow redirection among local appliances.
• If you enable auto-tunnel on the Configuration - System page, then TCP-based or IP-based handshaking creates the tunnel. That requires outbound and inbound redirection to be in place.
• You can let the Initial Configuration Wizard create the tunnel to the remote appliance.
• You can create a tunnel manually on the Configuration - Tunnels page.
• when subnet sharing is enabled
•
• when directed to a specific tunnel by the Route Policy
n Enable subnet sharing on both the local and remote appliances.
n For outbound redirection to the out-of-path appliance (B), choose from PBR (or FBF), WCCP, or host routing.
n
n For inbound and outbound redirection to the out-of-path appliance (B), choose from PBR (or FBF) or WCCP.
n For outbound redirection to the out-of-path appliance (B), choose from PBR (or FBF), WCCP, or host routing.
n
Please send comments or suggestions regarding user documentation to techpubs@silver-peak.com. |