Table of Contents
This document describes how to install and configure virtual WAAS (vWAAS) on a VMware virtual machine (VM). The vWAAS software is a virtual form of WAN optimization that supports a virtual private cloud, and on- demand provisioning and teardown, reducing the branch office and data center footprint.
The vWAAS software supports WAN optimization in a cloud environment where physical WAE devices cannot usually be deployed. It also follows the VMware ESXi standard as the preferred platform to deploy data center applications and services.
Virtualization provides various benefits like elasticity, ease of maintenance, and a reduction of branch office and data center footprint. Virtual WAN optimization is the solution to virtual private cloud deployments that require on-demand provisioning and teardown. (See Figure 1.)
- VMware vCenter server and vSphere client version 4.x management software.
- For virtual WAAS models that have a disk size greater than 256 GB, a datastore block size greater than 1 MB is required.
Note The above two tables for ESXi server datastore memory highlight memory requirements for vWAAS only. To calculate total memory commitment, consider these additional memory requirements:
- minimum of 2GB memory is needed for VMWare v5.0/v5.1
- minimum of 4 GB memory is needed for VMWare v5.5
- memory overhead for vCPU memory (for example, for 1, 2, 4, or 8 vCPUs)
vWAAS-1300 requires 6GB and VMWare version 5.1 requires 2GB, so overall memory commitment is more than 8GB. With this configuration, any UCS-E module with 8GB default DRAM would also need to have DRAM upgrade added on the UCS-E to accommodate this.
- For the vWAAS datastore, you can use either SAN storage or local storage on the ESXi server. NAS storage should only be used in nonproduction scenarios (for test purposes, for example).
- The OVA file for the specific virtual WAAS model (all models are available with WAAS version 4.3.1 and later, except as noted):
- An ESXi server that has access to either a Central Manager or a virtual Central Manager (models vCM-100N, vCM-500N, vCM-1000N, or vCM-2000N) before installing vWAAS. A vCM does not require a Central Manager.
- Nexus 1000v version 4.2(1)SV1(4) for vPATH interception.
Step 1 From the vSphere Client, choose File > Deploy OVF Template. (See Figure 2.)
Step 5 Enter a name for the vWAAS VM, choose the appropriate data center, and then click Next. (See Figure 3.)
The Cluster window appears (if a cluster is configured), or the Resource Pool window appears (if a resource pool is configured). Otherwise, the Datastore window appears (in this case, skip to Step 7).
Step 7 Choose a datastore to host the virtual machine and click Next. (See Figure 4.)
Step 8 Choose Thick provisioned format disk format and click Next. (See Figure 5.)
Step 9 Choose the network mapping provided by ESXi and click Next. You have the option to change this later if necessary. (See Figure 6.)
The status window appears while the OVA file is being deployed. (See Figure 7.)
Step 11 When the deployment is finished, the Deployment Completed Successfully window appears. (See Figure 8.)
Step 13 After vWAAS finishes booting, click the Console tab to view boot up messages. (See Figure 9.)
For vWAAS configuration information, see the “Configuring vWAAS” section.
- IP address and netmask
- Default gateway and primary interface
- Enterprise license
- Central Manager address
- Interception (WCCP or other)
Note If you are using both virtual 1/0 and virtual 2/0 interfaces, you must associate the IP default gateway with the interface that is being used for vPATH interception. To route traffic through another virtual interface (generally management traffic to the Central Manager), you must configure a static route.
Step 7 Configure either WCCP, AppNav, or vPATH interception for traffic redirection to vWAAS. WCCP uses a WCCP-enabled router or Layer 3 switch, while vPATH redirects traffic from within the Nexus 1000v virtual switch. For vPATH interception, see the “vPATH Interception” section.
When vWAAS is deployed as a network service in the virtual data center, server traffic is intercepted in the Nexus 1000v virtual switch using vPATH interception and redirected to vWAAS for WAN optimization.
vPATH interception is configured on the port profile of the VM server in both directions to redirect the VM server packets to vWAAS. vWAAS receives the vPATH intercepted packet, performs WAN optimization, and returns the response packet to the VEM.
The vWAAS egress traffic received by the VEM is forwarded without further vPATH interception. (See Figure 10.)
The Nexus 1000v switch uses the ARP mechanism in the service VLAN to check the status of vWAAS. If the switch does not receive any ARP replies from vWAAS during the timeout interval (18 to 24 seconds), the vWAAS is declared unreachable and it is removed from the service path. This behavior is known as fail-open mode, specified in the VN service configuration.
- No need to define the direction of interception (in or out)—vPATH maintains a flow entry table for each TCP flow that is used to intercept and redirect traffic.
- Automatic bypass of pass-through traffic—vWAAS automatically sends offload to vPATH for pass-though traffic.
- Policy-based configuration—Policies defined in the Nexus 1000v VSM are propagated to VMware vCenter and applied to the specified virtual machine.
- VM mobility awareness—If a virtual machine is moved, vPATH continues to intercept and redirect traffic without requiring any network changes.
- Fault-tolerant persistent performance—vWAAS DRE cache can be deployed in SAN. VMware HA creates a new VM upon failure of the vWAAS using the same DRE cache storage.
- Nexus 1000V 4.2(1)SV1(4) software version
- ESX/ESXi 4.0 Update 1 or later
- Virtual supervisor module (VSM) installed and configured
- Port profiles created (including vWAAS network profile, service-VLAN, which is mandatory)
- Virtual ethernet modules (VEM) installed
- Default network interface adapter for vWAAS with WAAS 5.1.1 and above is VMXNET3. For vWAAS with WAAS 5.2.1 and above, either VMXNET3 or E1000 can be used as the network interface adapter.
Note vPATH 2.0 is supported on WAAS with the Nexus 1000v switch in the following version combinations: WAAS version 5.3 and later with the Nexus 1000v switch version 4.2.1v2.2.3, and WAAS version 5.2 with the Nexus 1000v switch version 4.2.1v1.5.2.
Internet traffic destined to the server is intercepted by the Nexus 1000v virtual switch (residing in the ESX host) and redirected to vWAAS for WAN optimization. vWAAS can run either in the same ESX host or in another ESX host which is L2 adjacent.
Similarly, the traffic from the server is also intercepted by Nexus 1000v switch and redirected to vWAAS for WAN optimization. (See Figure 11.)
- Enable vPATH using the interception-method vn-service vpath global configuration command in vWAAS
- Configure vPATH interception on the port profile of the server to be optimized
Under rare conditions, the vWAAS VM may boot into diskless mode if other VMs on the host VM server do not release control of system resources or the physical disks become unresponsive. The vWAAS device raises a disk_failure critical alarm for disk01 and the show disk details EXEC command shows disk01 as Not used until replaced.
The Akamai Connect feature integrates an HTTP object cache inside Cisco WAAS. This allows WAAS to cache any HTTP content whether it is delivered via your internal corporate network, direct from the Internet, or from Akamai’s Intelligent Platform.
- Cisco Wide Area Application Services Upgrade Guide
- Cisco Wide Area Application Services Quick Configuration Guide
- Cisco Wide Area Application Services Configuration Guide
- Cisco Wide Area Application Services Command Reference
- Cisco Wide Area Application Services API Reference
- Cisco Wide Area Application Services Monitoring Guide
- Cisco WAAS Installation and Configuration Guide for Windows on a Virtual Blade
- Cisco WAAS Troubleshooting Guide for Release 4.1.3 and Later
- Cisco WAAS on Service Modules for Cisco Access Routers
- Cisco SRE Service Module Configuration and Installation Guide
- Configuring Cisco WAAS Network Modules for Cisco Access Routers
- WAAS Enhanced Network Modules
- Cisco Wide Area Application Services Online Help
- Using the Print Utilities to Troubleshoot and Fix Samba Driver Installation Problems
- Regulatory Compliance and Safety Information for the Cisco Wide Area Virtualization Engines
- Cisco Wide Area Virtualization Engine 274 and 474 Hardware Installation Guide
- Cisco Wide Area Virtualization Engine 574 Hardware Installation Guide
- Regulatory Compliance and Safety Information for the Cisco Content Networking Product Series
- Cisco Wide Area Application Engine 512 and 612 Hardware Installation Guide
- Cisco Wide Area Application Engine 7326 Hardware Installation Guide
- Cisco Wide Area Application Engine 7341, 7371, and 674 Hardware Installation Guide
- Installing the Cisco WAE Inline Network Adapter
- Cisco Nexus 1000V Software Installation Guide, Release 4.2(1) SV1(4)
- Cisco Nexus 1000V Getting Started Guide, Release 4.2(1) SV1(4)
- Cisco Nexus 1000V and VMware Compatibility Information, Release 4.2(1) SV1(4)
- Cisco Virtual Security Gateway Firewall Policy Configuration Guide, Release 4.2(1)VSG1(1)
For information on obtaining documentation, submitting a service request, and gathering additional information, see the monthly What’s New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at:
Subscribe to the What’s New in Cisco Product Documentation as a Really Simple Syndication (RSS) feed and set content to be delivered directly to your desktop using a reader application. The RSS feeds are a free service and Cisco currently supports RSS version 2.0.
This document is to be used in conjunction with the documents listed in the “Related Documentation” section.
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R)
Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and coincidental.