In this scenario, the Silver Peak appliances are not connected in the direct path of the network traffic. As a result, a network traffic redirection technique is used to forward traffic to the appliance.Web Cache Communications Protocol (WCCP) supports the redirection of any TCP or UDP connections to appliances participating in WCCP Service Groups. The appliance intercepts only those packets that have been redirected to it. The appliance accelerates traffic flows that the Route Policy directs to a tunnel; all other traffic passes through the appliance unmodified.In the unlikely event that the appliance fails, WCCP on the WAN router removes the appliance from the WCCP Service Group and resumes forwarding traffic normally, according to its routing tables.At Site A, both the router and the participating appliance require a separate WCCP service group for each protocol used in the tunnel. So, if a tunnel uses both TCP and UDP, you must create a separate WCCP Service Group for each protocol (TCP and UDP) used in the A-to-B tunnel.
Note You don’t need a spare router port for this configuration. The Silver Peak appliance can be connected to an existing or newly configured subinterface on the router via a VLAN trunk such that a spare port on the LAN switch can be used for the physical connection.
• Appliance wan0 interface connects to network
• Do not connect lan0 interface Configure WCCP on the Silver Peak appliance and the WAN router. Service Group IDs on the router and appliance must match.
• Configure two WCCP v2 Service Groups on the Silver Peak appliance
(one for TCP and one for UDP)
• Configure two WCCP v2 Service Groups on the WAN router
(one for TCP and one for UDP)Fail-safe behavior should always be tested before production deployment by ensuring that traffic continues to flow in each of the following cases:
1 With the appliance in bypass state
2 With the appliance powered off
Gather all the IP addresses needed for setup Install the appliance into the network Physical appliance: Connect the Site A appliance to the Site A router, and insert the Site B appliance between its WAN edge router and the Ethernet switch. Verify connectivity, connect power, and verify LEDs.Virtual appliance: Configure the hypervisor, with the required interfaces. Silver Peak Appliance Manager Operator’s Guide
• Configure an Access Control List (ACL) that redirects all traffic from the Site A subnet to the Site B subnet
• Configure two WCCP Service Groups — one for UDP, one for TCP
• Enable WCCP on the appropriate router interface Access the Initial Config Wizard to assign Appliance IP and Management IP addresses for Site A’s appliance. Configure the WCCP Service Groups on Site A’s appliance
• Create a pair of Service Groups (TCP, UDP) for outbound redirection.
• Create a pair of Service Groups (TCP, UDP) for inbound redirection. Run the Initial Config Wizard to set up Site B’s Silver Peak appliance in Bridge mode. Ensure that the cable connections are sound and you haven’t misconfigured any IP addresses.Do NOT proceed until you have verified connectivity. Create a tunnel and Route Policy on Site A’s appliance
n Although it isn’t a requirement, it’s considered a best practice to use different subnets for mgmt0 and the Appliance IP.
mgmt0 IP Address / Mask1 LAN Next-hop IP Address (optional) 2
Please send comments or suggestions regarding user documentation to techpubs@silver-peak.com. |