Wednesday, 21 May 2014

WAAS Interception methods



WAAS relies on some form of network interception to integrate into the network and receive packets from flows that are to be optimized. WAAS supports four methods of network interception listed below:

Physical inline interception

The WAE appliance (the router integrated network module does not support physical inline) is deployed physically between two network devices, most commonly between a router and a switch in a branch office. This allows all traffic traversing the network toward the WAN or returning from the WAN to physically pass through the WAE, thereby giving it the opportunity to optimize or unoptimize. Physical inline can be used in any type of location (branch office, regional office, data center), but is commonly used for branch office implementations.Normally this is not used much because of the scalability factor  .


Policy-Based Routing (PBR)

The WAAS devices support PBR, which provides an off-path but virtually in-line deployment. With PBR, WAE devices are deployed as appliances (nodes on the network and not physically in-line) and policies are configured within the layer-3 topology that will route traffic going to or coming from the WAN through the WAE device first. PBR provides high-availability and failover capabilities (requires use of CDP neighbor checking or IP SLA) but does not provide load-balancing. Cisco Advanced Services does not recommend PBR as intercept method as it adds complexity for maintainability and troubleshooting.
I have seen issues with this, as this require switch TCAM programming only , which sometimes require lots of memory .

Web Cache Communication Protocol version 2 (WCCPv2)

All WAAS devices (appliances and network modules) support WCCPv2, which provides an off-path but virtually in-line deployment. With WCCPv2, WAE devices are deployed as appliances (nodes on the network and not physically in-line) on the network. WCCPv2 provides scalability to 32 WAE devices in a service group, load-balancing amongst WAEs, fail-through operation if all WAEs are unavailable, and allows the administrator to dynamically add or remove WAE devices to the cluster with little to no disruption.

Cisco Application Control Engine (ACE)

WAE appliances (not applicable to the router-integrated network module) can be integrated into the network using the Cisco ACE appliance or module for the Catalyst 6500. Using ACE, Cisco WAEs are
deployed as appliances (nodes on the network and not physically in-line) and are configured as part of a server-farm within the ACE configuration. As of today, ACE provides ultra-high levels of scalability - up to 64Gbps of load-balanced throughput in a single chassis, up to 16 million TCP connections, and load-balancing for hundreds of WAE devices - and is the premier means of integration into the data center network.

WAAS Overview

WAAS WAEs are deployed at the edge/field sales offices and core sites at the network entry and exit points. A single WAE is deployed in the field sales office, while more than one WAE is deployed in the core sites for redundancy. WAAS provides transparent optimizations by requiring two WAEs to be in the path of a TCP connection to be optimized. The two WAEs participating at both ends of the network are auto discovered during the TCP three way hand shake, all WAEs sitting in between the paths of the two WAEs will put the TCP session flow in pass through. The auto discovery is performed for each TCP session; any TCP session that is in progress is put in pass through and not optimized.
For management and monitoring of the WAAS enterprise, WAEs must also be deployed to host the Central Manager application, which is made redundant by using two WAEs.
WAAS edge and core WAEs relies on network interception and redirection to receive the TCP packets that should be optimized. WCCPv2 is used in the Cisco enterprise to support the interception and redirection of the TCP traffic flows by the router to the WAEs. WCCP redirect lists/ACLs are used on the routers to control the IP subnets and traffic that should be intercepted and redirected to the WAEs. When the packets get redirected to the WAE, the WAE will apply the appropriate optimization based on the application policies.
Cisco WAAS uses a variety of transport flow optimization (TFO) features to optimize TCP traffic intercepted by the WAAS devices. TFO protects communicating clients and servers from negative WAN conditions, such as bandwidth constraints, packet loss, congestion, and retransmission. TFO includes the following optimization features:
• Compression Using DRE & LZ techniques
• Windows Scaling
• TCP Initial Window Size Maximization
• Increased Buffering
• Selective Acknowledgment
• Binary Increase Congestion (BIC) TCP