Guest

Cisco CSS 11000 Series Content Services Switches

Configuring a Cache in Front of Your Web Farm

Document ID: 12644

Updated: Jan 30, 2006

   Print

Introduction

This document provides a sample configuration for front ending a Web farm using the Content Services Switch (CSS) 11000.

Before You Begin

Conventions

For more information on document conventions, see the Cisco Technical Tips Conventions.

Prerequisites

There are no specific prerequisites for this document.

Components Used

The information in this document is based on the CSS 11100 and CSS 11800 content services switches, and Cisco WebNS Software Release 2.06 and later.

The information presented in this document was created from devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If you are working in a live network, ensure that you understand the potential impact of any command before using it.

Configure

In this section, you are presented with the information to configure the features described in this document.

If your goal is to off-load requests for static content to the caches so that the servers do not become overwhelmed, you can configure a cache to receive hits for cacheable content before hitting your local web farm. The cache must be a reverse proxy cache, and the CSS should direct requests to it based on the file extensions. The origin servers must have Internet routeable addresses. This configuration requires two Virtual IPs (VIPs), one for requests from the client base, the second for requests from the cache.

There would be two content rules for the first VIP, one that directs cacheable content to the cache(s), the other to direct all other content to the origin servers. The cache(s) are configured as local services so that when it makes requests for content to the second VIP, the requests do not bypass the content rule, which is the default behavior if configured as either a type transparent-cache or proxy-cache. The cache(s) have to be capable of being configured as reverse proxy cache(s), so that you can program the VIP where you want the cache(s) to retrieve data.

A second VIP is necessary if you want the cache(s) to load balance its requests across the origin servers. If you wanted the cache to only make requests to one server, the second VIP is not necessary. When configuring a cache rule, we typically leave out the VIP and simply have a port 80 rule to grab all port 80 traffic, however in this case, the first VIP is necessary because without it, the content rule for the cache(s) would never be hit because a content rule with a VIP has higher precedence over a similar rule with no VIP.

The origin servers each need two services created for them, one as type local and one as type redirect. The local services are load balanced for both cache requests and client requests, but the redirect services are used if the cache(s) fail. If all local services on a rule fail, the CSS round robins HTTP redirects to the IP addresses of the redirect services.

Reverse Proxy-Cache 1
configure


!*************************** GLOBAL ***************************
  persistence reset remap 
  ip route 0.0.0.0 0.0.0.0 10.200.255.1 

!************************** CIRCUIT **************************
circuit VLAN1

  ip address 210.200.255.28 255.255.255.0 

!************************** SERVICE **************************
service Cache1 
  ip address 210.200.255.37 
  active 

service Cache2 
  ip address 210.200.255.38 
  active

service Server1 
  ip address 210.200.255.11 
  active

service Server1-redirect
  ip address 210.200.255.11
  type redirect 
  active

service Server2
  ip address 210.200.255.12 
  active

service Server2-redirect
  ip address 210.200.255.12
  type redirect 
  active

service Server3 
  ip address 210.200.255.13 
  active

service Server3-redirect
  ip address 210.200.255.13
  type redirect 
  active

service Server4 
  ip address 210.200.255.14 
  active

service Server4-redirect
  ip address 210.200.255.14
  type redirect 
  active
service Server5 
  ip address 210.200.255.15 
  active

service Server5-redirect
  ip address 210.200.255.15
  type redirect 
  active
service Server6 
  ip address 210.200.255.16 
  active

service Server6-redirect
  ip address 210.200.255.16
  type redirect 
  active

!**************************** EQL ****************************
eql cacheable
  description "This EQL contains extensions of cacheable content"
  extension pdf "Acrobat"
  extension fdf "Acrobat Forms Document"
  extension au "Sound audio/basic"
  extension bmp "Bitmap Image"
  extension z "Compressed data application/x-compress"
  extension gif "GIF Image image/gif"
  extension html "Hypertext Markup Language text/html"
  extension htm
  extension js "Java script application/x-javascript"
  extension mocha
  extension jpeg "JPEG image image/jpeg"
  extension jpg
  extension jpe
  extension jfif
  extension pjpeg
  extension pjp
  extension mp2 "MPEG Audio audio/x-mpeg"
  extension mpa
  extension abs
  extension mpeg "MPEG Video video/mpeg"
  extension mpg
  extension mpe
  extension mpv
  extension vbs
  extension m1v
  extension pcx "PCX Image"
  extension txt "Plain text text/plain"
  extension text
  extension mov "QuickTime video/quicktime"
  extension tiff "TIFF Image image/tiff"
  extension tar "Unix Tape Archive application/x-tar"
  extension avi "Video for Windows video/x-msvideo"
  extension wav "Wave File audio/x-wav"
  extension gz "application/x-gzip"
  extension zip "ZIP file application/x-zip-compressed"


!*************************** OWNER ***************************
owner www.whatever.com 

  content Reverse_Proxy_Rule 
    vip address 210.200.255.10
    protocol tcp
    port 80 
    url "/*" eql Cacheable
    add service Cache1
    add service Cache2
    add service Server1-redirect
    add service Server2-redirect
    add service Server3-redirect
    add service Server4-redirect
    add service Server5-redirect
    add service Server6-redirect
    active 

  content Web_Server_Rule 
    vip address 210.200.255.10 
    protocol tcp 
    port 80 
    url "/*" 
    add service Server1
    add service Server2
    add service Server3
    add service Server4
    add service Server5
    add service Server6
    active 

  content Cache_Request_Rule 
    vip address 210.200.255.20 
    protocol tcp 
    port 80 
    add service Server1
    add service Server2
    add service Server3
    add service Server4
    add service Server5
    add service Server6
    active 

The configuration below uses the redirect service with a domain string. Use this type of configuration when services have non-routable IP addresses.

Reverse Proxy-Cache 2
configure


!*************************** GLOBAL ***************************
  persistence reset remap 
  ip route 0.0.0.0 0.0.0.0 10.200.255.1 

!************************** CIRCUIT **************************
circuit VLAN1

  ip address 210.200.255.28 255.255.255.0 

!************************** SERVICE **************************
service Cache1 
  ip address 210.200.255.37 
  active 

service Cache2 
  ip address 210.200.255.38 
  active

service Server1 
  ip address 210.200.255.11 
  active

service Server2
  ip address 210.200.255.12 
  active


service Server3 
  ip address 210.200.255.13 
  active


service Server4 
  ip address 210.200.255.14 
  active


service Server5 
  ip address 210.200.255.15 
  active

service Server6 
  ip address 210.200.255.16 
  active

service Web_Farm_VIP
  type redirect 
  domain 210.200.255.20
  active

!**************************** EQL ****************************
eql cacheable
  description "This EQL contains extensions of cacheable content"
  extension pdf "Acrobat"
  extension fdf "Acrobat Forms Document"
  extension au "Sound audio/basic"
  extension bmp "Bitmap Image"
  extension z "Compressed data application/x-compress"
  extension gif "GIF Image image/gif"
  extension html "Hypertext Markup Language text/html"
  extension htm
  extension js "Java script application/x-javascript"
  extension mocha
  extension jpeg "JPEG image image/jpeg"
  extension jpg
  extension jpe
  extension jfif
  extension pjpeg
  extension pjp
  extension mp2 "MPEG Audio audio/x-mpeg"
  extension mpa
  extension abs
  extension mpeg "MPEG Video video/mpeg"
  extension mpg
  extension mpe
  extension mpv
  extension vbs
  extension m1v
  extension pcx "PCX Image"
  extension txt "Plain text text/plain"
  extension text
  extension mov "QuickTime video/quicktime"
  extension tiff "TIFF Image image/tiff"
  extension tar "Unix Tape Archive application/x-tar"
  extension avi "Video for Windows video/x-msvideo"
  extension wav "Wave File audio/x-wav"
  extension gz "application/x-gzip"
  extension zip "ZIP file application/x-zip-compressed"


!*************************** OWNER ***************************
owner www.whatever.com 

  content Reverse_Proxy_Rule 
    vip address 210.200.255.10
    protocol tcp
    port 80 
    url "/*" eql Cacheable
    add service Cache1
    add service Cache2
    add service Web_Farm_VIP
    active 

  content Web_Server_Rule 
    vip address 210.200.255.10 
    protocol tcp 
    port 80 
    url "/*" 
    add service Server1
    add service Server2
    add service Server3
    add service Server4
    add service Server5
    add service Server6
    active 

  content Cache_Request_Rule 
    vip address 210.200.255.20 
    protocol tcp 
    port 80 
    add service Server1
    add service Server2
    add service Server3
    add service Server4
    add service Server5
    add service Server6
    active 

Verify

There is currently no verification procedure available for this configuration.

Troubleshoot

There is currently no specific troubleshooting information available for this configuration.

Related Information

Updated: Jan 30, 2006
Document ID: 12644