Question

Locked

Help needed with WCCP. Cisco 6503 not redirecting packets

By luv2fish92 ·
Hello,

I need some configuration assistance with WCCP. I have a Cisco 6503 that I have configured to use WCCP v2 service 1 for http. I have two caching engines in use configured for Layer 2 forwarding method and MASK assignment method. I was told by the vendor to use this setting and that the router would report GRE. They are connected to a switch via a separate routed port on the 6503. The WCCP service on the 6503 sees both caching engines. I have "ip wccp 1 redirect in" configured on the interface connected to the web clients. I believe that this will enable redirection of incoming http requests from end users to the caching engines. However it's not working and I need some assistance. I've included sanitized wccp details. Thanks

ROUTER_6503#sho ip wccp 1 view
WCCP Routers Informed of:
192.168.1.252

WCCP Clients Visible:
192.168.2.92
192.168.2.93

WCCP Clients NOT Visible:
-none-

ROUTER_6503#sho ip wccp 1 detail
WCCP Client information:
WCCP Client ID: 192.168.2.92
Protocol Version: 2.0
State: Usable
Redirection: GRE
Packet Return: GRE
Assignment: HASH
Initial Hash Info: None
Assigned Hash Info: None

WCCP Client ID: 192.168.2.93
Protocol Version: 2.0
State: Usable
Redirection: GRE
Packet Return: GRE
Assignment: HASH
Initial Hash Info: None
Assigned Hash Info: None

ROUTER_6503#sho ip wccp 1
Global WCCP information:
Router information:
Router Identifier: 192.168.1.252
Protocol Version: 2.0

Service Identifier: 1
Number of Service Group Clients: 2
Number of Service Group Routers: 1
Total Packets s/w Redirected: 0
Process: 0
CEF: 0
Redirect access-list: 120
Total Packets Denied Redirect: 0
Total Packets Unassigned: 9338
Group access-list: -none-
Total Messages Denied to Group: 0
Total Authentication failures: 0
Total Bypassed Packets Received: 0

This conversation is currently closed to new comments.

7 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Answers

Collapse -

show ip wccp summary

by robo_dev In reply to Help needed with WCCP. Ci ...

I have never set this up, but I believe it's similar to a VPN tunnel in that traffic needs to go in two directions :)

Overall, need to make sure there is an ACL and the Tunnel is passing traffic both in AND out.

This is all very IOS version dependent.

show tunnel groups wccp

http://www.cisco.com/en/US/docs/ios/12_2/configfun/configuration/guide/fcf018_ps1835_TSD_Products_Configuration_Guide_Chapter.html

https://supportforums.cisco.com/docs/DOC-15782

Collapse -

Reponse To Answer

by luv2fish92 In reply to show ip wccp summary

Thanks for your help. This is my first time configuring WCCP. I'll check the links out to help me understand WCCP better. I do have an ACL configured for WCCP.

I was able to figure out what was going on. It was my configuration on the Cisco interconnect switch. I introduced a Netgear switch instead of using my Cisco swtich to connect the caching engines to the 6503. It worked right away. I had VLANs set up on my Cisco interconnect switch that were not part of the default VLAN. I needed to add IP addresses to the other VLANS where my caching engines and clients resided. So I added IPs and reintroduced the Cisco switch. I did not think this was necessary but it was. So its working now. Any idea as to why the VLAN requires an IP address to work? I don't recall needing an IP for a VLAN. I just wanted to isolate the physical ports. Without an IP, nodes connected to ports in the VLAN can still communicate. I was also able to browse to the Internet. However, the 6503 would not forward packets to the Caching engines even though they were registered. Strange. Thanks again.

Collapse -

Reponse To Answer

by robo_dev In reply to show ip wccp summary

I could be wrong but ....with Cisco you cannot do policy-based-routing and a private VLAN on the same interface and if inter-VLAN routing is not setup just right, the traffic may not be taking the route you think it is.....that's just a guess.

Collapse -

Also forgot to add

by robo_dev In reply to Help needed with WCCP. Ci ...

if the Cisco switch is a Layer2 or layer3 switch. If it's layer 2, then the VLAN IP is only needed for an external router to handle broadcast traffic for the VLAN, if it's layer3, then the IP of the VLAN becomes the gateway for the devices on the VLAN.

Collapse -

Reponse To Answer

by faisal7c In reply to Also forgot to add

Are you planing to redirect your traffic to Proxy? is it inbound or outbound?

Here some Examples you can try.
Router>enable
Router#configure terminal
Router(config)#ip wccp version 2
Router(config)#ip wccp 90
Router(config)#copy running-config startup-config

Router(config)#access-list 3 permit 10.1.1.5
0.0.0.255
Router(config)#ip wccp 90 group-list 3
Router(config)#copy running-config startup-config

If Inboud traffic redirection

Router(config)#interface gigabitEthernet2/2
Router(config-if)#ip wccp 90 redirect in
Router(config-if)#copy running-config startup-config

BR,

Faisal Cholayil

Collapse -

Reponse To Answer

by luv2fish92 In reply to Also forgot to add

Thanks robo_dev. What you say makes sense. If a switch port is configured as a routed port using the "no switchport" command (layer 3 mode)it no longer functions as a switch port (layer 2 mode)and can't be part of a VLAN. So you are correct there. The switch I am using is a Cisco Catalyst 3560 24TS-S which is a layer 3 switch. It just has a basic config with VLANS set up to separate the switch ports. Nothing more. No routing protocols enabled. The Cisco 6503 is performing the routing functions for my setup.

To answer Faisal7c's question, I am redirecting traffic inbound as described in my initial post.

Thanks you both for your assistance.

Back to Networks Forum
7 total posts (Page 1 of 1)  

Hardware Forums