Guest

Cisco 500 Series Content Engines

Configuring WCCP Version 2 on the Catalyst 3550

Document ID: 29461

Updated: May 04, 2004

   Print

Introduction

This document provides a sample configuration for Web Cache Communication Protocol (WCCP) version 2 on the Catalyst 3550 with Cisco Content Engine 560.

Before You Begin

Conventions

For more information on document conventions, see the Cisco Technical Tips Conventions.

Prerequisites

There are no specific prerequisites for this document.

Components Used

This configuration was developed and tested using the following software and hardware versions.

  • Cisco Catalyst 3550 running Cisco IOS® Software Release 12.1(11)EA1a

  • Cisco Content Engine 560 running Cisco Application & Content Networking Software (ACNS) Release 4.2.3

The information presented in this document was created from devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If you are working in a live network, ensure that you understand the potential impact of any command before using it.

Configure

In this section, you are presented with the information to configure the features described in this document.

Note: To find additional information on the commands used in this document, use the Command Lookup Tool (registered customers only) .

Network Diagram

This document uses the network setup shown in the diagram below.

diagram.jpg

Configurations

This document uses the configurations shown below.

  • Catalyst 3550

  • Content Engine 560

Catalyst 3550
GIULIO#sh run
Building configuration...
Current configuration : 3426 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
!
hostname GIULIO
!
enable password ww
!
ip subnet-zero
ip routing



!--- Only TCP port 80 may be redirected.
!--- You need to issue the sdm prefer extended-match command
!--- on the switch. Refer to the Verify and Troubleshoot section for 
!--- further information.


ip wccp web-cache
!
!
spanning-tree extend system-id
!
!
!
interface FastEthernet0/1
�no switchport
�ip address 10.48.66.217 255.255.254.0
!
interface FastEthernet0/2
�no ip address
!
interface FastEthernet0/3
�no ip address
!
interface FastEthernet0/4
�no ip address
!
interface FastEthernet0/5
�no ip address
!
interface FastEthernet0/6
�no ip address
!���������
interface FastEthernet0/7
�no ip address
!
interface FastEthernet0/8
�no ip address
!
interface FastEthernet0/9
�no ip address
!
interface FastEthernet0/10
�no ip address
!
interface FastEthernet0/11
�no ip address
!
interface FastEthernet0/12
�no ip address
!
interface FastEthernet0/13
�no ip address
!
interface FastEthernet0/14
�no ip address
!
interface FastEthernet0/15
�no ip address
!
interface FastEthernet0/16
�no switchport
�ip address 33.33.33.33 255.255.255.0
�duplex full
�speed 100
!
interface FastEthernet0/17
�no ip address
!
interface FastEthernet0/18
�no ip address
!���������
interface FastEthernet0/19
�no ip address
!
interface FastEthernet0/20
�no ip address
!
interface FastEthernet0/21
�no ip address
!
interface FastEthernet0/22
�no ip address
!
interface FastEthernet0/23
�no ip address
!
interface FastEthernet0/24
�no ip address
!
interface FastEthernet0/25
�no ip address
!
interface FastEthernet0/26
�no ip address
!
interface FastEthernet0/27
�no ip address
!
interface FastEthernet0/28
�no ip address
!
interface FastEthernet0/29
�no ip address
!
interface FastEthernet0/30
�no ip address
!
interface FastEthernet0/31
�no ip address
!
interface FastEthernet0/32
�no ip address
!
interface FastEthernet0/33
�no ip address
!
interface FastEthernet0/34
�no ip address
!
interface FastEthernet0/35
�no ip address
!
interface FastEthernet0/36
�no ip address
!
interface FastEthernet0/37
�no ip address
!
interface FastEthernet0/38
�no ip address
!
interface FastEthernet0/39
�no ip address
!
interface FastEthernet0/40
�no ip address
!
interface FastEthernet0/41
�no ip address
!
interface FastEthernet0/42
�no ip address
!
interface FastEthernet0/43
�no ip address
!
interface FastEthernet0/44
�no ip address
!
interface FastEthernet0/45
�no ip address
!
interface FastEthernet0/46
�no ip address
!
interface FastEthernet0/47
�no ip address
!
interface FastEthernet0/48


!--- On this WCCP implementation, only input redirection is allowed.


�no switchport
�ip address 1.1.1.1 255.255.255.0
�ip wccp web-cache redirect in
!
interface GigabitEthernet0/1
�no ip address
!
interface GigabitEthernet0/2
�no ip address
!
!



!--- This access list 100, if associated as 'in' to Fa0/48, 
!--- can show if packets are reaching the Catalyst from the PC client.


access-list 100 permit tcp any eq www any log
access-list 100 permit tcp any any eq www log

access-list 100 permit any any any log

ip default-gateway 10.48.66.1
ip classless
ip route 0.0.0.0 0.0.0.0 10.48.66.1
ip http server
!
!
!
!
line con 0
�exec-timeout 0 0
�password cisco
line vty 0 4
�exec-timeout 0 0
�password ww
�login
line vty 5 15
�login
!
end

GIULIO#

Content Engine 560
agra#sh run 
  hostname agra 
  ! 
  ! 
  ! 
  ! 
  ! 


!--- The Standby feature on the Content Engine  is optional in the 
!--- implementation, but it works fine with the Catalyst.

  interface FastEthernet 0/0 
  �ip address 122.122.122.1 255.255.255.0 
  �standby 1 ip 33.33.33.31 255.255.255.0
  �standby 1 priority 120 
  �no autosense 
  �bandwidth 100 
  �full-duplex 
  �exit 
  interface FastEthernet 0/1 
  �ip address 122.122.123.1 255.255.255.0 
  �standby 1 ip 33.33.33.31 255.255.255.0  
  �standby 1 priority 80 
  �no autosense 
  �bandwidth 100 
  �full-duplex 
  �exit 
  ! 
  ! 
  ip default-gateway 33.33.33.33 
  ! 
  primary-interface FastEthernet 0/0 
  ! 
  ! 
  ! 
  ! 


!--- The logging console is only used for troubleshooting, as it may cause 
!-- high CPU on the Content Engine in production.
� 
  logging console enable 
  logging console priority debug 
  ! 
  ! 
  ! 
  ! 
  ! 
  ! 
  ! 
  
  wccp router-list 1 33.33.33.33 
  wccp web-cache router-list-num 1 l2-redirect 

!--- The assign-method-strict is not necessary.

  wccp version 2 


!--- Catalyst 3550 implementation of WCCP allows only Layer 2 redirection, 
!--- and not generic routing encapsulation (GRE). In addition, only TCP 
!--- port 80 may be redirected. 

  ! 
  ! 
  username admin password 1 bVmDmMMmZAPjY 
  username admin privilege 15 
  ! 
  ! 
  ! 
  ! 
  authentication login local enable primary 
  authentication configuration local enable primary 
  ! 
  !               

agra#

Verify and Troubleshoot

This section provides information you can use to confirm that your configuration is working properly and to troubleshoot further.

  • In order to enable WCCP redirection in the Catalyst switch, you need to issue the sdm prefer extended-match command (and reboot the switch). By issuing the show sdm prefer command, you are able to see the actual configuration of the TCAM/ASIC Hardware in the switch.

  • As the implementation of WCCP in the Catalyst 3550 is limited, issuing the show ip wccp command does not show the number of packets being redirected. This index remains at 0. Also, the same Catalyst may have multiple Content Engines in the cache farm, but only one WCCP Catalyst is allowed. The output of the show ip wccp command on the Catalyst is shown below.

    GIULIO#sh ip wccp 
    
    Global WCCP information: 
      ��� Router information: 
      ������� Router Identifier:������������������  33.33.33.33 
      ������� Protocol Version:�������������������  2.0 
    
    ��� Service Identifier: web-cache 
      ������� Number of Cache Engines:�������������  1 
      ������� Number of routers:���������������������1 
      ������� Total Packets Redirected:��������������0 
      ������� Redirect access-list:����������������  -none- 
      ������� Total Packets Denied Redirect:�������  0 
      ������� Total Packets Unassigned:��������������0 
      ������� Group access-list:�������������������  -none- 
      ������� Total Messages Denied to Group:���     0 
      ������� Total Authentication failures:���������0 
      �
                                  Statistics - Requests
                                                    Total             % of Requests
                                ---------------------------------------------------
         Total Received Requests:                       4                         -
                  Forced Reloads:                       0                       0.0
                   Client Errors:                       0                       0.0
                   Server Errors:                       0                       0.0
             URL Blocked (Reset):                       0                       0.0
                     URL Blocked:                       0                       0.0
          Sent to Outgoing Proxy:                       0                       0.0
    Failures from Outgoing Proxy:                       0                       0.0
    Excluded from Outgoing Proxy:                       0                       0.0
                 ICP Client Hits:                       0                       0.0
                 ICP Server Hits:                       0                       0.0
                   If-Range Hits:                       0                       0.0
               HTTP 0.9 Requests:                       4                     100.0
               HTTP 1.0 Requests:                       0                       0.0
               HTTP 1.1 Requests:                       0                       0.0
           HTTP Unknown Requests:                       0                       0.0
               Non HTTP Requests:                       0                       0.0
              Non HTTP Responses:                       0                       0.0
          Chunked HTTP Responses:                       0                       0.0
            Http Miss Due To DNS:                       0                       0.0
         Http Deletes Due To DNS:                       0                       0.0
    
    
    agra#sho stat http savings 
                             Statistics - Savings
                            Requests                          Bytes
             -----------------------------------------------------------
      Total:                       4                           3132
       Hits:                       3                           2349
       Miss:                       1                            783
    Savings:                    75.0 %                         75.0 %
    
    
    agra#sho stat netstat 
    Active Internet connections (w/o servers)
    Proto Recv-Q Send-Q Local Address           Foreign Address         State      
    tcp        0      0 33.33.33.31:8999        10.48.66.123:2011       ESTABLISHED 
    
    udp        0      0 127.0.0.1:10000         127.0.0.1:32346         ESTABLISHED 
    
    udp        0      0 127.0.0.1:10001         127.0.0.1:32347         ESTABLISHED 
    
    udp        0      0 127.0.0.1:10002         127.0.0.1:32345         ESTABLISHED
  • If access list 100 is applied to inbound traffic on FastEthernet 0/48, a message similar to the following should be sent to the console for each HTTP packet sent by the client browser to the Internet:

    *Mar� 1 04:19:09: %SEC-6-IPACCESSLOGP: list 109 permitted tcp 1.1.1.2(1828)    -> 10.48.66.125(80), 1 packet �    
    
    
  • On the Content Engine, the following commands allow you to see the number of packets sent by the Content Engine:

    • show statistics http requests

    • show statistics netstat

    • show statistic http savings

    All packets sent out to the internet have a source IP address identical to the Content Engine, except when the Content Engine is in bypass mode and the requests are sent by the client PC source IP address instead.

Related Information

Updated: May 04, 2004
Document ID: 29461