Cisco vWAAS with Cisco Enterprise NFVIS
This section describes vWAAS on Cisco Enterprise Network Functions Virtualization Infrastructure Software (Enterprise NFVIS). It contains the following sections:
Cisco Enterprise NFVIS
Cisco Enterprise Network Function Virtualization Infrastructure Software (NFVIS) is a Linux-based software hosting layer with embedded KVM hypervisor with CentOS Version 7.x.
Cisco Enterprise NFVIS contains the following features:
- vWAAS with Cisco Enterprise NFVIS is deployed on the Cisco ENCS 5400-W Series. For more information on the ENCS 5400-W Series, see Chapter 7, “Cisco vWAAS on Cisco ENCS 5400-W Series” .
- Cisco Enterprise Network Functions Virtualization (NFV)—Extends Linux by packaging additional functions for Virtual Network Functions (VNF) that support lifecycle management, monitoring, device programmability, service chaining, and hardware acceleration.
Cisco Enterprise NFV also provides local network management capabilities that enable you to dynamically deploy virtualized network functions such as a virtual router, firewall, WAN acceleration, on a supported Cisco device, eliminating the need to add a physical device for every network function.
- Monitoring—Monitors all parameters of the deployed vWAAS, including memory, storage, and CPU, and monitors memory, storage, and CPU utilization of the vWAAS.
- Traffic verification—Verifies traffic flows through vWAAS by monitoring the Virtualized Network Function (VNF) interface statistics.
- Add-On Capability—Ability to add vCPU, memory, and storage, to modify the networking option and add a virtual interface, to configure the virtual networking port and it to a VLAN.
vWAAS with Enterprise NFVIS
This section contains the following topics:
About vWAAS with Enterprise NFVIS
vWAAS with NFVIS enables WAAS to run vWAAS as a standalone virtual machine (VM) on the ENCS 5400-W Series platform, to provide WAN application optimization, and, optionally, application optimization with Akamai Connect.
Caution For guaranteed performance, the ENCS 5400-W Series, UCS-C Series, UCS-E Series, ENCS 5100, CSP-2100, and ISR configurations listed in the WAAS Sizing Guides and specifically noted in WAAS and vWAAS user guides and WAAS Release Notes are the only devices we recommend for use with vWAAS. Although vWAAS models may be able to operate with other Cisco or third-party hardware, successful performance and scale for those configurations is not guaranteed.
For more information about supported platforms for Cisco Enterprise NFV, see the
Release Notes for Cisco Enterprise Network Function Virtualization Infrastructure Software, Release 3.9.x,
Table 8-1 shows the platforms and software versions supported for vWAAS with NFVIS.
Table 8-1 Platforms and Software Versions Supported for vWAAS with NFVIS
|
|
|
|
|
- PID: OE-VWAAS-ENCS
- Device Type: OE-VWAAS-ENCS
|
|
- Cisco ENCS (Enterprise Network Compute System)
|
|
|
- PID: OE-VWAAS-KVM
- Device Type: OE-VWAAS-KVM
|
|
|
|
|
vWAAS with NFVIS on ENCS provides the following capabilities:
- Enterprise Application Optimization—Branch to branch, and branch to data center optimization of application traffic, either within or outside of an IWAN solution. This includes traditional WAAS WAN optimization functions, as well as the deployment of other IWAN solution features that are inherent in IOS-XE platforms.
- XaaS (Everything as a Service) Optimization—For single-sided use cases in cloud deployments, where you have control of one side of the connection: branch to cloud, and data center to cloud (for backup and recovery purposes). Optimizations are applied in a unilateral fashion, without reliance on a peer.
- Service Nodes—A service node is a Cisco WAAS application accelerator that optimizes and accelerates traffic according to the optimization policies configured on the device. It can be a vWAAS instance or a Cisco ENCS appliance.
Note When upgrading vWAAS, do not upgrade more than five vWAAS nodes at the same time on a single UCS box. Upgrading more than five vWAAS nodes at the same time may cause the vWAAS devices to go offline and to diskless mode.
- vWAAS with NFVIS on ENCS is part of Cisco Intelligent WAN (IWAN)—a suite of components that brings together WAN optimization, performance routing, and security levels of leased lines and MPLS VPN services to the Internet. For more information on Cisco NFVIS and Cisco NFV, see the Cisco Intelligent WAN - An SD-WAN Solution.
About vWAAS with NFVIS for WAAS Version 6.2.x
For vWAAS with NFVIS for WAAS Version 6.2.x, vWAAS is deployed in a RHEL KVM hypervisor on a Cisco UCS-E Series device.
Note For vWAAS with NFVIS for WAAS Version 6.2.x, the vWAAS must run as an unmanaged VM.
To configure vWAAS as an unmanaged VM, follow these steps:
1. From the vCenter Orchestrator configuration console, navigate to vCenter Server.
2. For the vCenter Server instance, click Edit.
- Under Specify which strategy will be used for managing the users logins, select Share a unique session and click Apply changes.
- Restart the vCenter Orchestrator Server service.
Unified OVA Package for vWAAS with NFVIS for WAAS Version 6.4.1 and Later
For vWAAS with NFVIS for WAAS Version 6.4.x, vWAAS is deployed in a RHEL KVM hypervisor on a Cisco ENCS 5400-W Series device.
For vWAAS with NFVIS for WAAS Version 6.4.x and later, Cisco provides a single, unified OVA or NPE OVA package for each hypervisor type, which can be used with all vWAAS models for that hypervisor.
Caution For guaranteed performance, the ENCS 5400-W Series, UCS-C Series, UCS-E Series, ENCS 5100, CSP-2100, and ISR configurations listed in the WAAS Sizing Guides and specifically noted in WAAS and vWAAS user guides and WAAS Release Notes are the only devices we recommend for use with vWAAS. Although vWAAS models may be able to operate with other Cisco or third-party hardware, successful performance and scale for those configurations is not guaranteed.
For more information about supported platforms for Cisco Enterprise NFV, see the
Release Notes for Cisco Enterprise Network Function Virtualization Infrastructure Software, Release 3.9.x,
Each unified OVA package file is a pre-configured virtual machine image that is ready to run on a particular hypervisor. The launch script for each unified OVA package provides the model and other required parameters to launch vWAAS with WAAS in the required configuration.
Here are examples of the unified OVA and NPE OVA package filenames for vWAAS on RHEL KVM:
- OVA—Cisco-KVM-vWAAS-Unified-6.4.1-b-33.tar.gz
- NPE OVA—Cisco-KVM-vWAAS-Unified-6.4.1-b-33-npe.tar.gz
The unified OVA package for vWAAS on RHEL KVM/KVM on CentOS contains the following files.
- Flash disk image
- Data system disk
- Akamai disk
- INSTRUCTIONS.TXT—Describes the procedure for deploying the virtual instance and using the launch.sh file.
- package.mf template file and bootstrap-cfg.xml—These two files work together on the Cisco NFVIS platform with the image_properties.xml file as Day-0 configuration template.
- ezdeploy.sh—The script used to deploy vWAAS on UCS-E.
- exdeploy_qstatus.exp—The dependent file for ezdeploy.sh script image_properties.xml A VM configuration template file used on the Cisco NFVIS platform.
- launch.sh—The launch script to deploy Cisco vWAAS on Linux KVM.
- vm_macvtap.xml—Configuration file for vWAAS deployment using host machine interfaces with the help of the macvtap driver.
- vm_tap.xml—Configuration file for vWAAS deployment using virtual bridge or OVS (Open Virtual Switch) present in the host machine.
Traffic Interception for vWAAS with NFVIS
vWAAS with NFVIS on ENCS supports WCCP traffic interception.
The Web Cache Communication Protocol (WCCP) specifies interactions between one or more routers and one or more WAE's, to establish and maintain the transparent redirection of selected types of traffic in real time. The selected traffic is redirected to a group of WAE's with the aim of optimizing resource usage and lowering response times. A WCCP-enabled router and a WAE exchange WCCP protocol packets and negotiate membership of WCCP service groups.
For vWAAS on Cisco ENCS with WCCP, there are two Ethernet Gigabit ports that can be configured to intercept the traffic. With the Network Interception Module card and if the inline interception method is not configured, the ports can be used to intercept the WCCP traffic (configure port channel with LAN and WAN interface).
For detailed information on configuring WCCP, see Chapter 5, “Configuring Traffic Interception” in the Cisco Wide Area Application Services Configuration Guide.
Table 8-3 shows the CLI commands used to configure WCCP traffic interception for vWAAS with NFVIS.
Table 8-3 CLI Commands for WCCP Interception Mode
|
|
|
Global configuration |
interception method wccp |
Configures the WCCP traffic interception method. |
wccp access-list |
Configures an IP access list on a WAE for inbound WCCP GRE encapsulated traffic. |
wccp flow-redirect |
Redirects moved flows. |
wccp router-list |
Configures a router list for WCCP Version 2. |
wccp shutdown |
Sets the maximum time interval after which the WAE will perform a clean shutdown of the WCCP. |
wccp tcp-promiscuous |
Configures the WCCP Version 2 TCP promiscuous mode service. |
wccp tcp-promiscuous service-pair serviceID serviceID+1 |
Configures the WCCP Version 2 TCP promiscuous mode service and specifies a pair of IDs for the WCCP service on devices configured as application accelerators. |
EXEC |
show statistics wccp |
Displays WCCP statistics for a WAE. |
show wccp clients |
Displays which WAEs are seen by which routers. |
show wccp egress |
Displays the WCCP egress method—IP forwarding, generic GRE, WCCP GRE, or L2. |
show wccp flows tcp-promiscuous summary |
Displays WCCP packet flows and TCP-promiscuous service information. |
show wccp masks tcp promiscuous |
Displays WCCP mask assignments and TCP-promiscuous service information. |
show wccp routers [detail] |
Displays details of routers seen and not seen by the specified WAE. |
show wccp services [detail] |
Displays the configured WCCP services. |
show wccp statistics |
Displays WCCP generic routing encapsulation packet-related information. |
show wccp status |
Displays the enabled state of WCCP and the configured service IDs. |
For more information on these commands, see the Cisco Wide Area Application Services Command Reference.
Upgrade/Downgrade Guidelines for vWAAS with NFVIS
This section contains the following topics:
Note For upgrade/downgrade guidelines for vWAAS on ENCS 5400-W, see Chapter 7, “Cisco vWAAS on ENCS 5400-W Device,” section Upgrade/Downgrade Guidelines for vWAAS on ENCS-W.
Cisco NFVIS Downgrade Guidelines
- For vWAAS with Cisco NFVIS 3.7.1, you cannot downgrade a WAAS device on ENCS to a version earlier than WAAS Version 6.4.1.
If you try to downgrade a WAAS device on ENCS to a version earlier than WAAS Version 6.4.1, the WAAS Central Manager displays the following warning message:
Device Group has unsupported devices ENCS-DeviceName to the selected version. The image installation will not be applied on such devices.
Do you still want to proceed with the downgrade?