[nsp] 7600 IOS SLB/WCCP for transparent cache

Clinton Work work@scripty.com
Sun, 17 Nov 2002 22:56:44 -0700 

I have used 6500s running both Native and Hybrid IOS to do WCCP V2 redirection
for transparent web-caching. The PFC2 is designed to support layer2 WCCP redirection
in hardware. Network appliance web-caches can to transparent caching with
IP spoofing using WCCP V2 redirection. Long redirection ACLs or vlan interfaces
under Native IOS may force the redirection into software on the MSFC2. You can
build in full redundancy, but it adds a lot of complexity to the WCCP configuration.


12.1E release notes when WCCP V2 support was added
http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/12_1e/ol_2310.htm#xtocid146

Configuring WCCP in IOS 12.1:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/fun_c/fcprt3/fcd305.htm

WCCP inbound redirection (12.1E feature):
http://www.cisco.com/en/US/partner/products/sw/iosswrel/ps1833/products_feature_guide09186a00800d6a3e.html

On Sat, Nov 16, 2002 at 11:57:49PM +0200, Arie Vayner wrote:
> Hi
> 
> I am investigating an option of using our 7600 to do transparent proxy 
> redirection.
> 
> I could not find anything special on Cisco's website except a short 
> paragraph saying:
> 
> "Transparent Webcache Load Balancing
> IOS SLB can load-balance HTTP flows across a cluster of transparent 
> webcaches. To set up this function, configure the subnet IP addresses 
> served by the transparent webcaches, or some common subset of them, as 
> virtual servers. Virtual servers used for transparent webcache load 
> balancing do not answer pings on behalf of the subnet IP addresses, and 
> they do not affect traceroute.
> 
> In some cases, such as when its cache does not contain needed pages, a 
> webcache might need to initiate its own connections to the Internet. Those 
> connections should not be load-balanced back to the same set of webcaches. 
> To address this need, IOS SLB allows you to configure client exclude 
> statements, which exclude connections initiated by the webcaches from the 
> load-balancing scheme."
> 
> 
> Does any one do it? Can I do it for other protocols except HTTP?
> Would IP spoofing be supported (where the server is using the client's 
> source IP)?
> 
> Any ideas?
> 
> Arie
> 
> _______________________________________________
> cisco-nsp mailing list  real_name)s@puck.nether.net
> http://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/

-- 
=========================================================================
Clinton Work                                        clinton@scripty.com
Calgary, Alberta