Document ID: 9250 | PDF Downloads
|
FeedbackIntroduction
This document provides a basic framework for the troubleshoot of Web Cache Communication Protocol (WCCP) when you use WCCP to implement transparent caching.
Prerequisites
Requirements
There are no specific requirements for this document.
Components Used
The information in this document is based on these devices:
-
Cisco Catalyst 6500 with a Supervisor Engine 1 and Multilayer Switch Feature Card (MSFC) 1 that runs Cisco IOSĀ® Software
The software version on the 6500 is Cisco IOS Software Release 12.1(8a)EX (c6sup11-jsv-mz.121-8a.EX.bin).
-
Cisco 550 Cache Engine that runs version 2.51
The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure that you understand the potential impact of any command.
Conventions
For more information on document conventions, refer to the Cisco Technical Tips Conventions.
Configure
In this section, you are presented with the information to configure the features described in this document.
Note: To find additional information on the commands used in this document, use the Command Lookup Tool (registered customers only) .
Network Diagram
This document uses this network setup:
Configuration
A good approach when you install a Cache Engine is to configure only the commands necessary to make WCCP work. You can add other features, such as authentication of the router and clients redirection lists, at a later time.
On the Cache/Content Engine, specify the IP address of the router and the version of WCCP that you want to use.
wccp router-list 1 192.168.15.1 wccp web-cache router-list-num 1 wccp version 2
On the router, activate the feature and specify the port for the redirection. Recognition of the caches occurs automatically.
ip wccp web-cache !--- This is global configuration mode. interface Vlan100 ip address 172.17.241.97 255.255.255.0 ip wccp web-cache redirect out !--- This is interface configuration mode.
Apply the command ip wccp web-cache redirect out on the interface where you want to intercept the client HTTP packets in the path to the real web server. This interface is typically the interface that brings you to the company Internet service provider (ISP). This interface does not need to be the interface where you have installed your cache.
Once WCCP is active, the router listens on all the ports for WCCP packets. The Cache Engine continuously sends "Here I am" packets to the IP addresses that have a configuration in the router list to signal the Cache Engine presence. If you have set everything correctly, the router acquires and installs the cache. Issue the show ip wccp command to view the configuration.
Router# show ip wccp
Global WCCP information:
Router information:
Router Identifier: 192.168.15.1
Protocol Version: 2.0
Service Identifier: web-cache
Number of Cache Engines: 1
Number of routers: 1
Total Packets Redirected: 0
Redirect access-list: -none-
Total Packets Denied Redirect: 0
Total Packets Unassigned: 0
Group access-list: -none-
Total Messages Denied to Group: 0
Total Authentication failures: 0
The router identifier is the IP address of the router that the Cache Engines sees. This address is not necessarily the router interface that the redirected traffic uses to reach the cache. The command show ip wccp web-cache detail provides details about the caches.
Router# show ip wccp web-cache detail
WCCP Cache-Engine information:
IP Address: 192.168.15.2
Protocol Version: 2.0
State: Usable
Redirection: GRE
Initial Hash Info: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC
FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
Assigned Hash Info: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
Hash Allotment: 256 (100.00%)
Packets Redirected: 0
Connect Time: 00:02:49
The Redirection field represents the type of protocol that redirects the packets from the router to the Cache Engine. This protocol can be either generic routing encapsulation (GRE) or Layer 2 (L2). With GRE, a GRE packet encapsulates the packets. With L2, packets send straight to the cache, but the devices must be L2-adjacent.
The Hash Allotment is the number of hash buckets with assignment to this cache. Hex also represents Hash Allotment with Initial Hash Info and Assigned Hash Info. The hash algorithm permits collection and division of all the possible destination Internet addresses in a number of buckets. Each cache in a cluster, or group of caches, receives a percentage of this set of buckets. The WCCP dynamically manages this amount according to the load and some other conditions. If you have installed only one cache, this cache probably receives all the buckets with assignment to the cache.
When the router starts the redirection of packets to the Cache Engine, you see the number in the Total Packets Redirected field increase.
Router# show ip wccp
Global WCCP information:
Router information:
Router Identifier: 192.168.15.1
Protocol Version: 2.0
Service Identifier: web-cache
Number of Cache Engines: 1
Number of routers: 1
Total Packets Redirected: 37
Redirect access-list: -none-
Total Packets Denied Redirect: 0
Total Packets Unassigned: 12
Group access-list: -none-
Total Messages Denied to Group: 0
Total Authentication failures: 0
Total Packets Unassigned is the number of packets without redirection because of a lack of assignment to any cache. This redirection failure can happen during the initial discovery of caches. The failure can also occur for a small interval during a cache removal.
If the router does not acquire the cache, debug the WCCP activity. Whenever the router receives a "Here I am" packet from the cache, the router answers with an "I see you" packet. The debugs report this activity. The available debug commands are debug ip wccp events and debug ip wccp packets.
If you take the debugs on a router after you bring up a cache, this is the result:
Router# debug ip wccp event WCCP events debugging is on Router# debug ip wccp packet WCCP packet info debugging is on Router# 2d18h: WCCP-EVNT:S00: Built new router view: 0 routers, 0 usable web caches, change # 00000001 2d18h: %SYS-5-CONFIG_I: Configured from console by console 2d18h: WCCP-PKT:S00: Sending I_See_You packet to 192.168.15.2 w/ rcv_id 00000001 2d18h: WCCP-EVNT:S00: Redirect_Assignment packet from 192.168.15.2 fails source check 2d18h: %WCCP-5-SERVICEFOUND: Service web-cache acquired on Web Cache 192.168.15.2 2d18h: WCCP-PKT:S00: Received valid Here_I_Ampacket from 192.168.15.2 w/rcv_id 00000001 2d18h: WCCP-EVNT:S00: Built new router view: 1 routers, 1 usable web caches, change # 00000002 2d18h: WCCP-PKT:S00: Sending I_See_You packet to 192.168.15.2 w/ rcv_id 00000002 2d18h: WCCP-EVNT:S00: Built new router view: 1 routers, 1 usable web caches, change # 00000002 2d18h: WCCP-PKT:S00: Received valid Redirect_Assignment packet from 192.168.15.2 w/rcv_id 00000002 2d18h: WCCP-PKT:S00: Sending I_See_You packet to 192.168.15.2 w/ rcv_id 00000003 2d18h: WCCP-EVNT:S00: Built new router view: 1 routers, 1 usable web caches, change # 00000002 2d18h: WCCP-PKT:S00: Received valid Redirect_Assignment packet from 192.168.15.2 w/rcv_id 00000003 2d18h: WCCP-PKT:S00: Sending I_See_You packet to 192.168.15.2 w/ rcv_id 00000004 2d18h: WCCP-PKT:S00: Sending I_See_You packet to 192.168.15.2 w/ rcv_id 00000005 2d18h: WCCP-PKT:S00: Sending I_See_You packet to 192.168.15.2 w/ rcv_id 00000006 2d18h: WCCP-EVNT:S00: Built new router view: 1 routers, 1 usable web caches, change # 00000002 2d18h: WCCP-PKT:S00: Received valid Redirect_Assignment packet from 192.168.15.2 w/rcv_id 00000006
To increase the level of debug, trace the IP packet traffic to check whether the router receives packets from the Cache Engine. However, you do not want to kill a router in a production environment, and you only want to show the interesting traffic. Therefore, use an access control list (ACL) to restrict the debugs only to the packets that have the cache IP address as source.
access-list 130 permit ip host 192.168.15.2 host 192.168.15.1 Router# debug ip wccp event WCCP events debugging is on Router# debug ip wccp packet WCCP packet info debugging is on Router# debug ip packet 130 IP packet debugging is on for access list 130 2d19h: WCCP-EVNT:S00: Built new router view: 1 routers, 1 usable web caches, change # 00000002 2d19h: WCCP-PKT:S00: Received valid Redirect_Assignment packet from 192.168.15.2 w/rcv_id 0000001B 2d19h: datagramsize=174, IP 18390: s=192.168.15.2 (Vlan300), d=192.168.15.1 (Vlan300), totlen 160, fragment 0, fo 0, rcvd 3 2d19h: WCCP-PKT:S00: Sending I_See_You packet to 192.168.15.2 w/ rcv_id 0000001C 2d19h: datagramsize=174, IP 18392: s=192.168.15.2 (Vlan300), d=192.168.15.1 (Vlan300), totlen 160, fragment 0, fo 0, rcvd 3 2d19h: WCCP-PKT:S00: Sending I_See_You packet to 192.168.15.2 w/ rcv_id 0000001D 2d19h: datagramsize=174, IP 18394: s=192.168.15.2 (Vlan300), d=192.168.15.1 (Vlan300), totlen 160, fragment 0, fo 0, rcvd 3 2d19h: WCCP-PKT:S00: Sending I_See_You packet to 192.168.15.2 w/ rcv_id 0000001E 2d19h: datagramsize=378, IP 18398: s=192.168.15.2 (Vlan300), d=192.168.15.1 (Vlan300), totlen 364, fragment 0, fo 0, rcvd 3 2d19h: WCCP-EVNT:S00: Built new router view: 1 routers, 1 usable web caches, change # 00000002 2d19h: WCCP-PKT:S00: Received valid Redirect_Assignment packet from 192.168.15.2 w/rcv_id 0000001E 2d19h: datagramsize=174, IP 18402: s=192.168.15.2 (Vlan300), d=192.168.15.1 (Vlan300), totlen 160, fragment 0, fo 0, rcvd 3 2d19h: WCCP-PKT:S00: Sending I_See_You packet to 192.168.15.2 w/ rcv_id 0000001F 2d19h: datagramsize=174, IP 18404: s=192.168.15.2 (Vlan300), d=192.168.15.1 (Vlan300), totlen 160, fragment 0, fo 0, rcvd 3 2d19h: WCCP-PKT:S00: Sending I_See_You packet to 192.168.15.2 w/ rcv_id 00000020 2d19h: datagramsize=174, IP 18406: s=192.168.15.2 (Vlan300), d=192.168.15.1 (Vlan300), totlen 160, fragment 0, fo 0, rcvd 3 2d19h: WCCP-PKT:S00: Sending I_See_You packet to 192.168.15.2 w/ rcv_id 00000021 2d19h: datagramsize=378, IP 18410: s=192.168.15.2 (Vlan300), d=192.168.15.1 (Vlan300), totlen 364, fragment 0, fo 0, rcvd 3 2d19h: WCCP-EVNT:S00: Built new router view: 1 routers, 1 usable web caches, change # 00000002 2d19h: WCCP-PKT:S00: Received valid Redirect_Assignment packet from 192.168.15.2 w/rcv_id 00000021 2d19h: datagramsize=174, IP 18414: s=192.168.15.2 (Vlan300), d=192.168.15.1 (Vlan300), totlen 160, fragment 0, fo 0, rcvd 3 2d19h: WCCP-PKT:S00: Sending I_See_You packet to 192.168.15.2 w/ rcv_id 00000022 2d19h: datagramsize=174, IP 18416: s=192.168.15.2 (Vlan300), d=192.168.15.1 (Vlan300), totlen 160, fragment 0, fo 0, rcvd 3
If the router sees no caches or WCCP activity, check the basic connectivity. Try to ping the cache from the router or the router from the cache. If the pings works, verify that the configuration is correct.
If the cache acquisition occurs but there is no packet redirection, verify that traffic actually reaches the router. Also, verify that traffic forwards to the interface where you issued the ip wccp web-cache redirect out command. Remember that, with the interception and redirection of traffic, that traffic goes to the TCP port 80.
If the cache acquisition occurs and you see the redirection of packets but your clients cannot browse the Internet, check for cache connectivity to the Internet and to your clients. Then, try to ping from the cache to various IP addresses in the Internet and to some of your clients. If the pings go to fully qualified domains (URLs) instead of IP addresses, be sure that you have specified which Domain Name System (DNS) server to use in the cache configuration.
If you are not sure if the cache processes the requests or not, you can debug the HTTP activity in the cache. First, you must restrict the traffic so that you do not kill the cache. On the router, create an ACL with the source IP address of the client, and use the redirect-list option of the global command ip wccp web-cache.
Router(config)# access-list 50 permit 10.10.10.152 Router(config)# ip wccp web-cache redirect-list 50
Next, issue the debug http all all command to activate the HTTP debug in the cache. Then, issue the term mon command to activate the terminal monitoring, and try to browse a site from the client that you configured in the ACL. Here is sample command output:
Cache# debug http all trace Cache# clear cache Clear cache initiated Clear cache complete irq0#cework_readfirstdata() Start the recv: 0xb820a80 len 4096 timeout 0x3a98 ms ctx 0xb87d280 cework_recvurl() Start the request: 0xb20c800 0xb20c838 0xb20c8e0 Http Request headers received from client: GET / HTTP/1.1 Host: 172.17.241.126 User-Agent: Links (0.92; Linux 2.2.19 i686) Accept: */* Accept-Charset: us-ascii, ISO-8859-1, ISO-8859-2, ISO-8859-4, ISO-8895-5, ISO-8859-13, windows-1250, windows-1251, windows-1257, cp437, cp850, cp852, cp866, x-cp866-u, x-mac-ce, x-kam-cs, x-koi8-r, x-koi8-u, utf-8 Connection: Keep-Alive Protocol dispatch: mode=1 proto=2 ValidateCode() Begin: pRequest=0xb20c800 Proxy: CACHE_MISS: HealProcessUserRequest cework_teefile() 0xb20c800: Try to connect to server: CheckProxyServerOut(): Outgoing proxy is not enabled: 0xb20c800 (F) GetServerSocket(): Forwarding to server: pHost = 172.17.241.126, Port = 80 HttpServerConnectCallBack : Connect call back socket = 268055136, error = 0 Http request headers sent to server: GET / HTTP/1.1 Host: 172.17.241.126 User-Agent: Links (0.92; Linux 2.2.19 i686) Accept: */* Accept-Charset: us-ascii, ISO-8859-1, ISO-8859-2, ISO-8859-4, ISO-8895-5, ISO-8859-13, windows-1250, windows-1251, windows-1257, cp437, cp850, cp852, cp866, x-cp866-u, x-mac-ce, x-kam-cs, x-koi8-r, x-koi8-u, utf-8 Connection: keep-alive Via: 1.1 irq0 X-Forwarded-For: 10.10.10.152 cework_sendrequest: lBytesRemote = 383, nLength = 383 (0xb20c800) ReadResCharRecvCallback(): lBytesRemote = 1815, nLength = 1432 0xb20c800) IsResponseCacheable() OBJECTSIZE_IS_UNLIMITED, lContentLength = 3195 cework_processresponse() : 0xb20c800 is cacheable Http response headers received from server: HTTP/1.1 200 OK Date: Mon, 19 Nov 2001 19:26:06 GMT Server: Apache/1.3.12 (Unix) (Red Hat/Linux) mod_ssl/2.6.6 OpenSSL/0.9.5a mod_perl/1.24 Last-Modified: Fri, 12 Oct 2001 12:45:30 GMT ETag: "5d63-c7b-3bc6e5ea" Accept-Ranges: bytes Content-Length: 3195 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: text/html GetUpdateCode(): GET request from client, GET request to server. GetUpdateCode(): nRequestType = -1 SetTChain() 0xb20c800: CACHE_OBJECT_CLIENT_OBJECT sendobj_and_cache Http response headers sent to client: HTTP/1.1 200 OK Date: Mon, 19 Nov 2001 19:26:06 GMT Server: Apache/1.3.12 (Unix) (Red Hat/Linux) mod_ssl/2.6.6 OpenSSL/0.9.5a mod_perl/1.24 Last-Modified: Fri, 12 Oct 2001 12:45:30 GMT ETag: "5d63-c7b-3bc6e5ea" Content-Length: 3195 Keep-Alive: timeout=15, max=100 Content-Type: text/html Connection: keep-alive cework_tee_sendheaders() 0xb20c800: sent 323 bytes to client cework_tee_send_zbuf() 0xb20c800: Send 1087 bytes to client (1087) UseContentLength(): Valid Content-Length (T) cework_tee_recv_zbuf() 0xb20c800: Register to recv 2108 bytes timeout 120 sec HttpServerRecvCallBack(): Recv Call Back socket 268055136, err 0, length 2108 HttpServerRecvCallBack(): lBytesRemote = 3923, nLength = 2108 (186697728) cework_tee_send_zbuf() 0xb20c800: Send 2108 bytes to client (2108) UseContentLength(): Valid Content-Length (T) cework_setstats(): lBytesLocal = 0, lBytesRemote = 3923 (0xb20c800) cework_readfirstdata() Start the recv: 0xb820c00 len 4096 timeout 0x3a98 ms ctx 0xb87d280 cework_cleanup_final() End the request: 0xb20c800 0xb20c838 0xb20c8e0
So that the cache does not answer directly to the client with some previous load content, you can clear the cache on the Cache Engine. Issue the clear cache command. Boldface text highlights relevant information in the debug. These are the different phases of a web page transaction:
-
Receipt of HTTP request headers from the client
-
Send of HTTP request headers to the server
-
Receipt of HTTP response headers from the server
-
Send of HTTP response headers to the client
If the web page that you browse contains multiple objects, you see multiple instances of the previous sequences. Always keep the debug process as simple as possible.
If the problem persists and you need further assistance, you can report this problem to Cisco Technical Support.
From the router, collect this information to provide to Cisco Technical Support:
-
The output of the show tech command
You can substitute the output of the show running-config and show version output commands if there is some serious difficulty with the size of the show tech command output.
-
The output of the show ip wccp command
-
The output of the show ip wccp web-cache detail command
-
The output of the debug ip wccp events and debug ip wccp packets commands, if necessary
This debug output is necessary if there seems to be a problem with communication between the router and the web cache. Collect the output during occurrence of the problem.
From a Cisco Cache Engine only, collect this information to provide to Cisco Technical Support:
-
The output of the show tech command
When you contact Cisco Technical Support, be ready to:
-
Provide a clear description of the problem
Include answers to questions such as:
-
What are the symptoms?
-
Does the problem occur all the time, or infrequently?
-
Did the problem start to occur after some configuration change?
-
Are Cisco or third-party caches in use?
-
-
Provide a clear description of the affected topology, with a diagram if possible
-
Provide any other information that can help solve the problem
Here is sample command output:
*********************************** Router Configuration ************************ Router# show running Building configuration... Current configuration : 4231 bytes ! version 12.1 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname Router ! boot buffersize 126968 boot bootldr bootflash:c6msfc-boot-mz.120-7.XE1 ! redundancy main-cpu auto-sync standard ip subnet-zero ip wccp web-cache ! ! ! interface FastEthernet3/1 no ip address switchport switchport access vlan 100 switchport mode access ! interface FastEthernet3/2 no ip address switchport switchport access vlan 200 switchport mode access ! interface FastEthernet3/3 no ip address switchport switchport access vlan 300 switchport mode access ! interface FastEthernet3/4 no ip address ! interface FastEthernet3/5 no ip address shutdown ! interface FastEthernet3/6 no ip address shutdown ! interface FastEthernet3/7 no ip address shutdown ! interface FastEthernet3/8 no ip address shutdown ! interface FastEthernet3/9 no ip address shutdown ! interface FastEthernet3/10 no ip address shutdown ! interface FastEthernet3/11 no ip address shutdown ! interface FastEthernet3/12 no ip address shutdown ! interface Vlan1 no ip address shutdown ! interface Vlan100 ip address 172.17.241.97 255.255.255.0 ip wccp web-cache redirect out ! interface Vlan200 ip address 10.10.10.120 255.255.255.0 ! interface Vlan300 ip address 192.168.15.1 255.255.255.0 ! ip classless ip route 0.0.0.0 0.0.0.0 172.17.241.1 no ip http server ! access-list 30 permit 192.168.15.2 ! ! line con 0 exec-timeout 0 0 line vty 0 4 login transport input lat pad mop telnet rlogin udptn nasi ! end *********************************** Cache Configuration ************************ Cache# show running Building configuration... Current configuration: ! ! logging disk /local/syslog.txt debug ! user add admin uid 0 capability admin-access ! ! ! hostname Cache ! interface ethernet 0 ip address 192.168.15.2 255.255.255.0 ip broadcast-address 192.168.15.255 exit ! interface ethernet 1 exit ! ip default-gateway 192.168.15.1 ip name-server 172.17.247.195 ip domain-name cisco.com ip route 0.0.0.0 0.0.0.0 192.168.15.1 cron file /local/etc/crontab ! wccp router-list 1 192.168.15.1 wccp web-cache router-list-num 1 wccp version 2 ! authentication login local enable authentication configuration local enable rule no-cache url-regex .*cgi-bin.* rule no-cache url-regex .*aw-cgi.* ! ! end
Verify
There is currently no verification procedure available for this configuration.
Troubleshoot
There is currently no specific troubleshooting information available for this configuration.
Cisco Support Community - Featured Conversations
Related Information
-
Web Cache Coordination Protocol V2.0
- Configuring Web Cache Services Using WCCP
- Technical Support - Cisco Systems
| Updated: Jan 31, 2006 | Document ID: 9250 |