Wccpv2 Authentication; Redirection Method; Packet Return Method - Cisco Nexus 7000 Series Configuration Manual
Nx-os unicast routing configuration
Hide thumbs
Also See for Nexus 7000 Series:
- Command reference manual (1018 pages) ,
- Reference manual (746 pages) ,
- Hardware installation and reference manual (508 pages)
Table of Contents
Advertisement
Chapter 5
Configuring WCCPv2
S e n d d o c u m e n t c o m m e n t s t o n e x u s 7 k - d o c f e e d b a c k @ c i s c o . c o m .
WCCPv2 Authentication
WCCPv2 can authenticate a device before it adds that device to the service group. Message Digest
(MD5) authentication allows each WCCPv2 service group member to use a secret key to generate a
keyed MD5 digest string that is part of the outgoing packet. At the receiving end, a keyed digest of an
incoming packet is generated. If the MD5 digest within the incoming packet does not match the
generated digest, WCCP ignores the packet.
WCCPv2 rejects packets in any of the following cases:
•
•
Redirection Method
WCCPv2 negotiates the packet redirection method between the router and the cache engine. Cisco
NX-OS uses this traffic redirection method for all cache engines in a service group.
WCCPv2 redirects packets using the following forwarding method:
•
You can also configure an access control list (ACL), called a redirect list, for a WCCPv2 service group.
This ACL can either permit a packet to go through the WCCPv2 redirection process or deny the WCCP
redirection and send the packet through the normal packet forwarding procedure.
Packet Return Method
WCCPv2 filters packets to determine which redirected packets have been returned from the cache engine
and which packets have not. WCCPv2 does not redirect the returned packets, because the cache engine
has determined that these packets should not be cached. WCCPv2 returns packets that the cache engine
does not service to the router that transmitted them.
A cache engine may return a packet for one of the following reasons:
•
•
WCCPv2 negotiates the packet return method between the router and the cache engine. Cisco NX-OS
uses this traffic return method for all cache engines in a service group.
WCCPv2 returns packets using the following forwarding method:
•
OL-20002-02
The authentication schemes differ on the router and in the incoming packet.
The MD5 digests differ on the router and in the incoming packet.
Layer 2 Destination MAC rewrite—WCCPv2 replaces the destination MAC address of the packet
with the MAC address of the cache engine that needs to handle the packet. The cache engine and the
router must be Layer 2 adjacent.
The cache engine is overloaded and cannot service the packets.
The cache engine is filtering certain conditions that make caching packets counterproductive, for
example, when IP authentication has been turned on.
Destination MAC rewrite—WCCPv2 replaces the destination MAC address of the packet with the
MAC address of the router that originally redirected the packet. The cache engine and the router
must be Layer 2 adjacent.
Cisco Nexus 7000 Series NX-OS Unicast Routing Configuration Guide, Release 4.x
Information About WCCPv2
5-5
Hide quick links:
Advertisement
Table of Contents
