The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
This chapter describes how to configure web caching services using WCCP, and includes the following sections:
Web Cache Communication Protocol (WCCP) is a content routing protcol that allows utilization of Cisco Cache Engines (or other caches running WCCP) to localize web traffic patterns in the network, enabling content requests to be fulfilled locally. The purpose of web caching is to reduce latency and network traffic. Previously-accessed web pages are stored in a cache buffer, so if users need the page again, they can retrieve it from the cache instead of the web server.
WCCP specifies interactions between the ASA and external web caches. The feature transparently redirects selected types of traffic to a group of web cache engines to optimize resource usage and lower response times. The ASA only supports WCCP Version 2.
Using an ASA as an intermediary eliminates the need for a separate router to do the WCCP redirection, because the ASA redirects requests to cache engines. When the ASA determines that a packet needs redirection, it skips TCP state tracking, TCP sequence number randomization, and NAT on these traffic flows.
The following WCCPv2 features are supported for the ASA:
The following WCCPv2 features are not supported for the ASA:
In the ASA implementation of WCCP, the protocol interacts with other configurable features according to the following:
Supports Active/Active and Active/Standby failover. WCCP redirect tables are not replicated to standby units. After a failover, packets are not redirected until the tables are rebuilt. Sessions redirected before failover are probably reset by the web server.
Supported in routed and transparent firewall modes.
Supported in single mode and multiple context mode.
Does not support IPv6 traffic for redirection.
The ASA selects the highest IP address configured on any interface as the WCCP router ID. This address is used to establish a GRE tunnel with the cache engine.
WCCP does not support ACLs that include a user, user group, or a fully qualified domain name object.
|
|
---|---|
To allocate space and enable support of the specified WCCP service group, perform the following steps:
Step 1 In the ASDM main application window, choose Configuration > Device Management > Advanced > WCCP > Service Groups.
Step 2 To add a new service group, click Add to display the A dd Service Group dialog box.
Step 3 To modify an existing service group, click Edit to display the Edit Service Group dialog box.
Step 4 To remove a selected service group, click Delete.
Step 5 To continue, see Adding or Editing WCCP Service Groups.
Step 6 Click Apply to save your changes, or click Reset to discard them and enter new ones.
To add a new service group or change the service group parameters for a configured service group, perform the following steps:
Step 1 Click either the Web Cache Service or the Dynamic Service Number radio button. The maximum number of services, including those specified with a dynamic service identifier is 256.
Step 2 Enter the dynamic service identifier, which means the service definition is dictated by the cache. Valid dynamic service numbers are 0 to 254, and are used as the name of the service group.
Step 3 In the Options area, perform the following steps:
a. Choose the predefined ACL that controls traffic redirected to this service group.
b. Choose the predefined ACL that determines which web caches are allowed to participate in the service group. Only extended ACLs are allowed.
c. Enter a password up to seven characters long, which is used for MD5 authentication for messages received from the service group.
e. Click Manage to display the ACL Manager window, where you can create or change an ACL.
Step 4 Click OK to close the Add or Edit Service Group dialog box.
Step 5 To continue, see Configuring Packet Redirection.
To configure packet redirection on the ingress of an interface using WCCP, perform the following steps:
Step 1 In the ASDM main application window, choose Configuration > Device Management > Advanced > WCCP > Redirection.
Step 2 To add a new WCCP packet redirection, click Add to display the Add WCCP Redirection dialog box.
Step 3 To modify an existing WCCP packet redirection, click Edit to display the Edit WCCP Redirection dialog box.
Step 4 To remove a selected WCCP packet redirection, click Delete.
Step 5 To continue, see Adding or Editing Packet Redirection.
To add or change packet redirection on the ingress of an interface using WCCP, perform the following steps:
Step 1 Choose the interface on which to enable WCCP redirection from the drop-down list.
Step 2 Choose the service group from the drop-down list.
Step 3 Click OK to close the Edit WCCP Redirection dialog box.
Step 4 (Optional) If you need to create a new service group, click New to display the Add Service Group dialog box.
Step 5 (Optional) To continue, see Adding or Editing WCCP Service Groups.
To monitor WCCP, perform the following steps:
|
|
---|---|
Table 20-1 lists the release history for this feature. ASDM is backwards-compatible with multiple platform releases, so the specific ASDM release in which support was added is not listed.