What should be my router affinity configuration in WCCP?
By default, the ProxySG uses regular routing table lookups to determine the next hop for intercepted
traffic. However, in some cases you may have routing policies that prevent your client- and/or server-bound traffic from reaching its destination (for example, if your WCCP router is multiple hops away from the ProxySG). With router affinity, the ProxySG returns intercepted client- and/or server-side traffic
that it intercepts to the router using the negotiated return method, ensuring that the traffic is always
returned to the same WCCP router that redirected it.
For example, network where router A1 only has routes to the B1 and C1 subnets and router A2 only has routes to the B2 and C2 subnets. Because the ProxySG’s default router is configured as A2, if you enable WCCP on A1’s client- and server- facing interfaces, packets from the ProxySG destined for B1 and C1 will be dropped by A2 because it does not have routing information for those subnets. Therefore, to ensure that redirected traffic from B1 and C1 is routed properly (without configuring additional routes on A2, which would change the existing routing policies), you can enable router affinity on the ProxySG. Notice that because there is no client traffic coming from C1 in this example (and therefore incoming SYN packets will only be coming from B1), you only need to enable router affinity (for client- and server-side traffic) traffic on service group 90 and not on service group 92.
router-affinity [client | server | both] Indicates whether the ProxySG will use the negotiated returning-type (GRE or L2) to return all packets (intercepted as well as bypassed packets) to the WCCP router t hat originally redirected the traffic to it.
Possible values are:
• client — return intercepted client-side traffic to the originating WCCP router using the negotiated returning-type.
• server — return intercepted server-side traffic to the originating WCCP router using the negotiated returning-type.
• both — return intercepted client- and server-side traffic to the originating WCCP router using the negotiated returning-type.
Example: router-affinity both
Configure WCCP from CLI and enable router affinity on service group 90:
wccp enable wccp version 2 service-group 90 interface 0:1 protocol 6 priority 1 forwarding-type gre assignment-type hash service-flags source-ip-hash router-affinity both home-router 184.108.40.206 end service-group 92 interface 0:1 protocol 6 priority 1 forwarding-type gre assignment-type hash service-flags destination-ip-hash home-router 220.127.116.11 end CONFIGURATION EXAMPLE—ROUTER AFFINITY (CONTINUED)
Subscribing will provide email updates when this Article is updated. Login is required.