There are three methods for redirecting outbound packets from the client to the appliance (known as LAN-side redirection, or outbound redirection):
|
•
|
PBR (Policy-Based Routing) — configured on the router. No other special configuration required on the appliance. This is also known as FBF (Filter-Based Forwarding).
|
If you want to deploy two Silver Peaks at the site, for redundancy or load balancing, then you also need to use VRRP (Virtual Router Redundancy Protocol).
|
•
|
WCCP (Web Cache Communication Protocol) — configured on both the router and the Silver Peak appliance. You can also use WCCP for redundancy and load balancing.
|
|
•
|
Host routing — the server/end station has a default or subnet-based static route that points to the Silver Peak appliance as its next hop. Host routing is the preferred method when a virtual appliance is using a single interface, mgmt0, for datapath traffic (also known as Server Mode).
|
To ensure end-to-end connectivity in case of appliance failure, consider using VRRP between the appliance and a router, or the appliance and another redundant Silver Peak.
How you plan to optimize traffic affects whether or not you also need inbound redirection from the WAN router (also known as WAN-side redirection):
|
•
|
If you enable subnet sharing (which relies on advertising local subnets between Silver Peak appliances) or route policies (which specify destination IP addresses), then you only need outbound redirection.
|
|
•
|
If, instead, you default to TCP-based or IP-based auto-optimization (which relies on initial handshaking outside a tunnel), then you must set up inbound and outbound redirection on the WAN router.
|
|
•
|
Additionally, for TCP flows to be optimized, both directions must travel through the same client and server appliances. If the TCP flows are asymmetric —as could occur in a high-availability deployment — you need to configure clusters for flow redirection among local appliances.
|
For more about flow redirection, see |
•
|
If you enable auto-tunnel on the Configuration - System page, then TCP-based or IP-based handshaking creates the tunnel. That requires outbound and inbound redirection to be in place.
|
|
•
|
You can let the Initial Configuration Wizard create the tunnel to the remote appliance.
|
|
•
|
You can create a tunnel manually on the Configuration - Tunnels page.
|
|
•
|
when subnet sharing is enabled
|
|
•
|
|
•
|
when directed to a specific tunnel by the Route Policy
|
|
n
|
Enable subnet sharing on both the local and remote appliances.
|
|
n
|
For outbound redirection to the out-of-path appliance (B), choose from PBR (or FBF), WCCP, or host routing.
|
 |
 |
|
n
|
|
n
|
For inbound and outbound redirection to the out-of-path appliance (B), choose from PBR (or FBF) or WCCP.
|
 |
 |
|
n
|
For outbound redirection to the out-of-path appliance (B), choose from PBR (or FBF), WCCP, or host routing.
|
|
n
|
 |
 |
