本文描述如何對WAAS Express運行進行故障排除。
WAAS Express是IOS中內建的WAAS功能,在路由器等裝置上運行。WAAS Central Manager可以管理WAAS Express裝置以及WAAS網路中的其他WAAS裝置。本文描述如何對WAAS Express裝置運行進行故障排除。
附註:WAAS Express中央管理器支援是在WAAS版本4.3.1中引入的。本節不適用於較早的WAAS版本。
要驗證WAAS Express映像版本,請在WAAS Express路由器上使用show waas status命令。要從WAAS Central Manager檢視WAAS Express映像版本,請選擇My WAN > Manage Devices。
waas-express# show waas status IOS Version: 15.1(20101018:232707) <----- IOS version WAAS Express Version: 1.1.0 <----- WAAS Express version . . .
WAAS Express許可證分為兩種型別:考評許可證(有效期為12年)和永久許可證。在WAAS Express裝置上使用show waas status命令顯示許可證資訊。
waas-express# show waas status IOS Version: 15.1(20101018:232707) WAAS Express Version: 1.1.0 . . . WAAS Feature License License Type: Evaluation <----- Indicates an evaluation license Evaluation total period: 625 weeks 0 day Evaluation period left: 622 weeks 6 days
在WAAS Express裝置上使用show waas status命令列出啟用WAAS的一組介面。此命令還會顯示裝置支援的最佳化型別。某些WAAS Express路由器型號不支援DRE。
waas-express# show waas status IOS Version: 15.1(20101018:232707) WAAS Express Version: 1.1.0 WAAS Enabled Interface Policy Map GigabitEthernet0/1 waas_global <----- Interfaces on which optimization is enabled GigabitEthernet0/2 waas_global Virtual-TokenRing1 waas_global Virtual-TokenRing2 waas_global GigabitEthernet0/0 waas_global Virtual-TokenRing10 waas_global WAAS Feature License License Type: Evaluation Evaluation total period: 625 weeks 0 day Evaluation period left: 622 weeks 6 days DRE Status : Enabled <----- Indicates DRE is supported LZ Status : Enabled + Entropy Maximum Flows : 50 <----- Number of optimized connections supported Total Active connections : 0 <----- Total number of connections active Total optimized connections : 0 <----- Total number of optimized connections
附註:應僅在WAN介面上啟用WAAS。如果要最佳化的連線是通過多個WAN介面路由的,則應該在所有這些WAN介面上應用WAAS。
附註:如果在邏輯或虛擬介面上啟用WAAS,則不需要在相應的物理介面上實施。
在WAAS Express裝置上,使用show waas connection命令列出最佳化連線集。不包括直通連線。
waas-express# show waas status ConnID Source IP:Port Dest IP:Port PeerID Accel 1999 64.103.255.217 :59211 192.168.4.2 :1742 0021.5e57.a768 TLD <----- TFO, LZ and DRE are applied 1910 64.103.255.217 :56860 192.168.4.2 :61693 0021.5e57.a768 TLD 1865 64.103.255.217 :59206 192.168.4.2 :23253 0021.5e57.a768 TLD
要檢視Central Manager中的類似資訊,請選擇WAAS Express裝置,然後選擇Monitor > Optimization > Connections Statistics以檢視連線摘要表。
在WAAS Express裝置上,使用show waas statistics application命令列出分類到每個應用程式的最佳化資料。WAAS Express裝置不顯示直通資料。此資料用於在WAAS Central Manager中生成TCP相關的圖表。
waas-express# show waas statistics application Number of applications : 1 Application: waas-default TCP Data Volumes Connection Type Inbound Outbound Opt TCP Plus 53001765483 41674120 Orig TCP Plus 0 87948683030 Opt TCP Only 1165 863 Orig TCP Only 60 0 Internal Client 0 0 Internal Server 0 0 TCP Connection Counts Connection Type Active Completed Opt TCP Plus 50 126 Opt TCP Only 0 71 Internal Client 0 0 Internal Server 0 0 Pass Through Connection Counts Connection Type Completed PT Asymmetric 0 PT Capabilities 0 PT Intermediate 0 PT_Other 0 Connection Reset: 0 Cleared connections 0
在WAAS Express裝置上,使用show waas alarms命令列出裝置中出現的警報及其狀態。
waas-express# show waas alarms WAAS status: enabled Alarms Connection limit exceeded: on <----- on indicates this alarm is active. off indicates inactive Too many peers discovered: off WAAS license expired: off WAAS license revoked: off WAAS license deleted: off High CPU: off
要從中央管理器檢視所有裝置的警報,請選擇My WAN > Alerts。除了上面列出的警報外,如果WAAS Express和WAAS Central Manager裝置的時鐘不同步,也會發出警報。
在WAAS Express裝置上,使用show waas statistics peer命令列出WAAS Express裝置的對等裝置。
waas-express# show waas statistics peer Number of Peers : 1 Peer: 0021.5e57.a768 TCP Data Volumes Connection Type Inbound Outbound Opt TCP Plus 597068158 5212151 Orig TCP Plus 0 6867128187 Opt TCP Only 0 0 Orig TCP Only 0 0 Internal Client 0 0 Internal Server 0 0 TCP Connection Counts Connection Type Active Completed Opt TCP Plus 50 0 Opt TCP Only 0 0 Internal Client 0 0 Internal Server 0 0 Pass Through Connection Counts Connection Type Completed PT Asymmetric 0 PT Capabilities 0 PT Intermediate 0 PT_Other 0 Connection Reset: 0 Cleared connections 0 Router#show waas statistics aoim Total number of peer syncs: 1 Current number of peer syncs in progress: 0 Number of peers: 1 Number of local application optimizations (AO): 3 Number of AO discovery successful: 1 Number of AO discovery failure: 0 Local AO statistics Local AO: TFO Total number of incompatible connections: 0 Version: 0.11 Registered: Yes Local AO: HTTP Total number of incompatible connections: 0 Version: 1.1 Registered: Yes Local AO: SSL Total number of incompatible connections: 0 Version: 1.0 Registered: Yes Peer AOIM Statistics Number of Peers : 1 Peer: 0027.0d79.c215 <--- Peer ID Peer IP: 20.0.0.2 <--- Peer IP Peer Expiry Time: 00:00:02 Peer Compatible: Yes Peer active connections: 0 Peer Aoim Version: 1.0 Peer sync in progress: No Peer valid: Yes Peer Software Version: 4.4.3(b4) Peer AOs: Peer AO: TFO Compatible: Yes Version: 0.20 Peer AO: HTTP Compatible: Yes Version: 1.4 Peer AO: SSL Compatible: Yes Version: 1.0 Router#show waas statistics dre peer DRE Status: Enabled Current number of connected peers 0 Current number of active peers 1 Peer-ID 0027.0d79.c215 <--- Peer ID Hostname waasx1-b-wae.cisco.com <--- Peer hostname IP reported from peer 20.0.0.2 <--- Peer IP Peer version 4.4.3(b4) Cache: Cache in storage 0 B Age 00:00:00 AckQ: AckQ in storage 0 B WaitQ: WaitQ in storage 0 B WaitQ size 0 B Sync-clock: Local-head 0 ms Local-tail 0 ms Remote-head 18609143000 ms Curr-sync-clock 24215235228 ms Encode Statistics DRE msgs: 1 R-tx total: 0 R-tx chunk-miss: 0 R-tx collision: 0 Bytes in: 0 Bytes out: 0 Bypass bytes: 178 Compression gain: 0% Decode Statistics DRE msgs: 4 Bytes in: 299 Bytes out: 277 Bypass bytes: 51 Compression gain: 0% Nacks generated: 0
要從中央管理器檢視類似資訊,請選擇Monitor > Topology。
由於以下問題,WAAS Express裝置可能會在中央管理器中進入離線狀態:
要驗證WAAS Express裝置上的HTTPS伺服器配置,請使用show ip http server secure status命令。
waas-express# show ip http server secure status HTTP secure server status: Enabled HTTP secure server port: 443 HTTP secure server ciphersuite: 3des-ede-cbc-sha des-cbc-sha rc4-128-sha HTTP secure server client authentication: Disabled HTTP secure server trustpoint: local HTTP secure server active session modules: ALL
此版本的WAAS-Express支援包括TFO、LZ和DRE在內的傳輸最佳化。
WAAS-Express版本1.0在IOS軟體版本15.1(3)T1中引入
WAAS-Express版本1.5是在IOS軟體版本15.1(4)M中引入的。除了最佳化之外,此版本還增加了對嵌入式監控功能(稱為Performance Agent(PA))的支援。 有關PA的詳細資訊,請參閱CCO上的PA頁面
Recommended WAAS-Express IOS image: 15.1(3)T1 Recommended WAE version: >= 4.3.1 Recommended WCM version: 4.4.5a
IOS版本 | WAE版本 | WAAS CM版本 | 已知的問題 |
---|---|---|---|
15.1(3)T1 | 5.0.1 | 4.4.5安 | 源自資料中心端的連線將不會得到最佳化:CSCtz82646 |
此版本的WAAS-Express除了支援傳輸最佳化外,還支援選定的應用程式最佳化,具體就是HTTP Express、SSL Express和CIFS Express AO。
Recommended WAAS-Express IOS image: 15.2(4)M1 Recommended WAE version: 5.0.1 Recommended WCM version: 5.0.1
IOS版本 | WAE版本 | WAAS CM版本 | 已知的問題 |
---|---|---|---|
15.2(4)M1 | < 4.4.3c | < 5.0.1 | HTTP-Express加速器需要4.4.3c或更高版本。連線不會進行http最佳化,但會進行TDL。 |
15.2(4)M1 | < 5.0.1 | < 4.4.5a | 在WCM上看到的連線統計資訊中缺少分類器名稱。 |
15.2(4)M1 | < 5.0.1 | < 5.0.1 | CSCub21189:策略對映更改未與WAAS-Express裝置正確同步 CSCtw50988:SMB:下載檔案時連線重置 CSCtr07216:在WAAS-X <-> WAE案例中無法正確處理具有無效hdr的事務 CSCua49764:Https建立了WExp證書 — 升級後WExp進入離線狀態 |
15.2(3)T1 | < 5.0.1 | < 5.0.1 | CSCub21189:策略對映更改未與WAAS-Express裝置正確同步 CSCtw50988:SMB:下載檔案時連線重置 CSCtr07216:在WAAS-X <-> WAE案例中無法正確處理具有無效hdr的事務 CSCua49764:Https建立了WExp證書 — 升級後WExp進入離線狀態 |
15.2(3)公噸 | < 5.0.1 | < 5.0.1 | CSCtx82427:IOS-WAAS:傳輸結束時重置SSL連線(EOT) CSCtz08485:HTTP-AO檢測失敗(%WAAS-3-WAAS_LZ_CONN_ABORT) CSCtu19564:在使用Waas+VPN+ZBFW+NAT+NETFLOW的dt21中觀察到崩潰 CSCtz85134:WAAS Express SSL-Express在重新載入後更改自簽名信任點 CSCua22313:WAAS Express 2.0無法使用IE6連線選項顯示HTTPS頁面 CSCtw50988:SMB:下載檔案時連線重置 CSCty04359:手動建立的WExp證書 — 升級後Wexp進入離線狀態 CSCtr07216:在WAAS-X <-> WAE案例中無法正確處理具有無效hdr的事務 |
Router#sh license | beg WAAS_Express
Index 12 Feature: WAAS_Express
Period left: Life time
License Type: RightToUse
License State: Active, In Use <---- License is Active
License Count: Non-Counted
License Priority: Low
Router#show waas status
IOS Version: 15.2(2.9)T
WAAS Express Version: 2.0.0
WAAS Enabled Interface Policy Map
GigabitEthernet0/1 waas_global
WAAS Feature License
License Type: Evaluation
Evaluation total period: 0 seconds <---- License is expired.
Evaluation period left: 0 seconds
有關詳細的WAAS-Express註冊過程的逐步資訊,請檢視以下文檔:WAAS Express部署指南
debug ip http all debug ssl openssl errors debug ssl openssl ext debug ssl openssl msg debug ssl openssl states
router#show run | include crypto pki trustpoint crypto pki trustpoint TP-self-signed-4046801426 <-- Indicate this is non-persistent trustpoint
Router#show crypto pki trustpoints status State: Keys generated ............. Yes (General Purpose, non-exportable) <--- check if this shows “No” for the self-signed certificate Issuing CA authenticated ....... Yes <--- check if this shows “No” for the self-signed certificate Certificate request(s) ..... Yes <--- check if this shows “No” for the self-signed certificate Router#show crypto pki trustpoints status Trustpoint TP-self-signed-2330253483: Issuing CA certificate configured: Subject Name: cn=IOS-Self-Signed-Certificate-2330253483 Fingerprint MD5: 3F5E9EB4 6BD680FE 8A1C1664 0939ADCB <--- Check fingerprints before and after upgrade Fingerprint SHA1: DFF10AF4 83A90CAD 71528B3C CCD4EF0C E338E501 Router General Purpose certificate configured: Subject Name: cn=IOS-Self-Signed-Certificate-2330253483 Fingerprint MD5: 3F5E9EB4 6BD680FE 8A1C1664 0939ADCB Fingerprint SHA1: DFF10AF4 83A90CAD 71528B3C CCD4EF0C E338E501 State: Keys generated ............. Yes (General Purpose, non-exportable) Issuing CA authenticated ....... Yes Certificate request(s) ..... Yes Router#show crypto pki certificates … Validity Date: start date: 20:16:14 UTC May 26 2011 <--- Check whether these dates are valid end date: 20:16:14 UTC May 24 2016 … Provide outputs for following commands: show crypto pki certificates storage show crypto pki trustpoints show crypto key storage show crypto key pubkey-chain rsa show crypto key mypubkey all show crypto key mypubkey rsa show ip http server all
WAAS CM和WAAS-Express時鐘需要同步,因此強烈建議將NTP伺服器配置為同步時鐘。
使用show waas statistics pass-through驗證傳遞統計資訊/原因。查詢連線獲得傳遞的原因。
Router#show waas statistics pass-through Pass Through Statistics: Overall: 0 No Peer: 0 Rejected due to Capabilities: 0 Rejected due to Resources: 0 Interface Application config: 0 <---- Traffic classified for pass-through? Interface Global config: 0 <---- Asymmetric route in the setup? Assymmetric setup: 0 Peer sync was in progress: 0 IOS WAAS is intermediate router: 0 Internal error: 0 Other end is in black list: 0 AD version mismatch: 0 Incompatable AO: 0 <---- Incompatible peer? Connection limit exceeded: 0 AOIM peertable full: 0 AOIM multiple sync request passthrough: 0 Others: 0
檢查自動發現統計資訊(和/或使用自動發現調試)。
Use the following command to check the reason '''show waas statistics auto-discovery''' Enable following debugs for more information: debug waas infra error debug waas infra events debug waas auto-discovery error debug waas auto-discovery event debug waas auto-discovery op <---- Verbose debug
show policy-map type waas interface debug waas infra events
Network topology IOS version Configuration Following debugs and show commands: debug waas auto-discovery error debug waas auto-discovery event debug waas auto-discovery operation debug waas infra error debug waas infra event show waas statistics auto-disc show waas statistics pass show waas statistics aoim
這通常是由組態錯誤所導致。WAAS-Express版本2映像中預設禁用HTTP-Express加速器和CIFS-Express加速器。檢查是否已全域性啟用Express加速器。
router#show waas status IOS Version: 15.2(4)M1 WAAS Express Version: 2.0.0 WAAS Enabled Interface Policy Map FastEthernet8 waas_global WAAS Feature License License Type: EvalRightToUse Evaluation total period: 8 weeks 4 days Evaluation period left: 7 weeks 4 days DRE Status : Enabled LZ Status : Enabled + Entropy CIFS-Express AO Status : Disabled SSL-Express AO Status : Enabled HTTP-Express AO Status : Disabled <---- HTTP Express AO is disabled by default Maximum Flows : 75 Total Active connections : 4 Total optimized connections : 4
附註:預設情況下未啟用HTTP-Express AO。
class HTTP
optimize tfo dre lz application Web accelerate http-express
Router#show waas connection detail ... Negotiated Policy: TFO, LZ, DRE Configured Accelerator: HTTP-Express Derived Accelerator: HTTP-Express Applied Accelerator: HTTP-Express Hist. Accelerator: None Bytes Read Orig: 174 ...
附註:預設情況下,CIFS-Express AO處於禁用狀態。
class CIFS
optimize tfo dre lz application CIFS accelerate cifs-express
Router#show waas statistics accelerator cifs-express CIFS-Express AO Statistics ... Unsupported dialects / CIFS version: 0 Currently active unsupported dialects / CIFS version: 0 Unsupported due to signing: 0 ...
Router#show waas statistics accelerator ssl SSL-Express: Global Statistics ----------------- Time Accelerator was started: 16:31:37 UTC Jul 26 2012 ... Pipe through due to C2S cipher mismatch: 0 Pipe through due to C2S version mismatch: 0 Pipe through due to W2W cipher mismatch: 0 Pipe through due to W2W version mismatch: 0 Pipe through due to detection of non-SSL traffic: 0 Pipe through due to unknown reasons: 0 Total pipe through connections: 0 ...
SSL-Express加速器在路徑中引入了HTTP-Express加速器。確保SSL-Express和HTTP-Express加速器都已全域性啟用。
Provide following show command outputs for debugging: show waas status show waas alarms show waas accelerator detail show waas accelerator http show waas accelerator smb show waas accelerator ssl show waas statistic global show waas statistic auto-discovery show waas statistic aoim show waas statistic pass-through
通常還會出現錯誤消息,指示錯誤型別以及正在重置的流。例如,
Aug 18 03:02:52.861: %WAAS-3-WAAS_TFO_DEC_FRAME_FAILED: IOS-WAAS failed to decode TFO frame for connection 100.2.0.107:50118--200.0.0.12:1494 (Unknown TFO frame rcvd, RST connection.)
Debug logs Show命令日誌show-tech show-running config網路拓撲客戶端和伺服器詳細資訊,以及用於連線的應用程式(和版本,例如IE6)。
debug waas infra error debug waas auto-discovery error debug waas aoim error debug waas tfo error debug waas lz error debug waas dre error debug waas accelerator ssl error debug waas accelerator http error debug waas accelerator cifs error
在測試期間可能會看到路由器崩潰和回溯。搜尋以前的案例和DDTS以瞭解類似的已知問題。此外,我們還需要隔離導致崩潰的功能。如果ios-waas或layer4-forwarding以外的IOS功能導致崩潰/回溯,則應相應地聯絡該特定功能開發團隊/路由器TAC。
效能降低可能是由於以下各種原因造成的:流量的性質、路由器上的負載、網路中的網路拓撲或資料包丟棄。為了處理慢速連線,我們需要確定相對於直通或未最佳化連線的相對降級。
附註:不支援按資料包負載共用部署。這不是預設負載共用模式。
掛起連線不存在已知問題,請向開發團隊提供以下資訊以幫助RCA解決問題。
Router#show waas connection ConnID Source IP:Port Dest IP:Port PeerID Accel 3336 192.168.22.99 :37797 192.168.42.99 :80 0016.9d39.20bd THDL Router#
Router#show waas connection client-port 37797 detail connection ID: 3336 Peer Id: 0016.9d39.20bd Connection Type: External Start Time: 19:45:34 UTC Dec 21 2011 Source IP Address: 192.168.22.99 Source Port Number: 37797 <------ Unique port number required for next step Destination IP Address: 192.168.42.99 Destination Port Number: 80 Application Name: Web Classifier Name: HTTP Peer Policy: TFO, LZ, DRE Configured Policy: TFO, LZ, DRE Negotiated Policy: TFO, LZ, DRE Configured Accelerator: HTTP-Express Derived Accelerator: HTTP-Express Applied Accelerator: HTTP-Express Hist. Accelerator: None Bytes Read Orig: 43056412 Bytes Written Orig: 25 Bytes Read Opt: 162 Bytes Written Opt: 43359878 Auto-discovery information: ---<snip>---
Router#show l4f flows | include 37797 F4DF6EA0 Proxy TCP 192.168.22.99:37797 192.168.42.99:80 Router#
Router#show l4f flow detail F4DF6EA0 Flow Address : F4DF6EA0 Index : 11 Idle Time : 0.004 Family : IPv4 Protocol : TCP VRF ID : 0 Address1 : 192.168.22.99:37797 Address2 : 192.168.42.99:80 State : L4F_STATE_PROXYING Flags : 0x00012000 App Context : 0x41D4728C CEF pak : 0x0 Endpoint1 FD 1073748479 State : EP-ESTAB Flags : 0x00000001 Client : L4F_FEATURE_WAAS Association : OUTPUT CEF Fwd State : 0xC20D2C74 Proc Fwd State: 0xC1E36EA8 TCB Address : 0xC01F0D9C <------ Address required for next step Endpoint2 FD 1073748480 State : EP-ESTAB Flags : 0x00000001 Client : L4F_FEATURE_WAAS Association : INPUT CEF Fwd State : 0xC20D2248 Proc Fwd State: 0xC1E36F20 TCB Address : 0x4002AB6C <------ Address required for next step
Router#show tcp tcb 0xC01F0D9C Connection state is ESTAB, I/O status: 1, unread input bytes: 31504 Connection is ECN Disabled, Mininum incoming TTL 0, Outgoing TTL 255 Local host: 192.168.42.99, Local port: 80 Foreign host: 192.168.22.99, Foreign port: 37797 Connection tableid (VRF): 0 Maximum output segment queue size: 50 Enqueued packets for retransmit: 0, input: 22 mis-ordered: 0 (0 bytes) Event Timers (current time is 0x85115B0): Timer Starts Wakeups Next Retrans 2 0 0x0 TimeWait 0 0 0x0 AckHold 10192 0 0x0 SendWnd 0 0 0x0 KeepAlive 20129 0 0x851FFF4 GiveUp 2 0 0x0 PmtuAger 0 0 0x0 DeadWait 0 0 0x0 Linger 0 0 0x0 ProcessQ 1 1 0x0 iss: 688070906 snduna: 688070932 sndnxt: 688070932 irs: 684581592 rcvnxt: 713368125 sndwnd: 6144 scale: 9 maxrcvwnd: 32767 rcvwnd: 1263 scale: 7 delrcvwnd: 0 SRTT: 6687 ms, RTTO: 59312 ms, RTV: 52625 ms, KRTT: 0 ms minRTT: 0 ms, maxRTT: 2857348 ms, ACK hold: 200 ms Status Flags: passive open, Timestamp echo present Option Flags: keepalive running, SACK option permitted, non-blocking reads non-blocking writes, win-scale, 0x200000, 0x1000000, 0x10000000 0x20000000 IP Precedence value : 0 Datagrams (max data segment is 1432 bytes): Rcvd: 20129 (out of order: 0), with data: 20127, total data bytes: 28786532 Sent: 30017 (retransmit: 0, fastretransmit: 0, partialack: 0, Second Congestion: 0), with data: 1, total data bytes: 25 Packets received in fast path: 53559, fast processed: 2, slow path: 21294 fast lock acquisition failures: 7, slow path: 0 Router# Router#show tcp tcb 0x4002AB6C Connection state is ESTAB, I/O status: 1, unread input bytes: 0 Connection is ECN Disabled, Mininum incoming TTL 0, Outgoing TTL 255 Local host: 192.168.22.99, Local port: 37797 Foreign host: 192.168.42.99, Foreign port: 80 Connection tableid (VRF): 0 Maximum output segment queue size: 50 Enqueued packets for retransmit: 50, input: 0 mis-ordered: 0 (0 bytes) Event Timers (current time is 0x8519A48): Timer Starts Wakeups Next Retrans 27124 0 0x8519D3B TimeWait 0 0 0x0 AckHold 2 0 0x0 SendWnd 0 0 0x0 KeepAlive 28560 0 0x85284A4 GiveUp 27121 0 0x8545964 PmtuAger 0 0 0x0 DeadWait 0 0 0x0 Linger 0 0 0x0 ProcessQ 19975 19975 0x0 iss: 2832065240 snduna: 2867154917 sndnxt: 2867205953 irs: 2835554554 rcvnxt: 2835554717 sndwnd: 261120 scale: 7 maxrcvwnd: 65535 rcvwnd: 65535 scale: 7 delrcvwnd: 0 bic_last_max_cwnd: 8388480 SRTT: 1000 ms, RTTO: 1003 ms, RTV: 3 ms, KRTT: 0 ms minRTT: 80 ms, maxRTT: 1000 ms, ACK hold: 200 ms Status Flags: active open Option Flags: keepalive running, SACK option permitted, Timestamp option used, non-blocking reads, non-blocking writes win-scale, 0x200000, 0x1000000, 0x10000000, 0x20000000 IP Precedence value : 0 Datagrams (max data segment is 1432 bytes): Rcvd: 28560 (out of order: 0), with data: 2, total data bytes: 162 Sent: 28672 (retransmit: 0, fastretransmit: 28, partialack: 3, Second Congestion: 0), with data: 28671, total data bytes: 35176602 Packets received in fast path: 21244, fast processed: 21240, slow path: 29668 fast lock acquisition failures: 21374, slow path: 0 Router#
show waas statistics errors show waas statistics accelerator http-express show waas statistics accelerator cifs-express show waas statistics accelerator ssl-express show waas statistics accelerator ssl-express debug
show waas connection conn-id [id] debug show waas statistics accelerator http-express debug show waas statistics accelerator ssl-express debug
clear waas connection conn-id [id] Router(config-if)#no waas enable forced
Router#show waas status | include SSL-Express AO Status SSL-Express AO Status : Unavailable (security license not enabled) Router#show license detail securityk9 Index: 1 Feature: securityk9 Version: 1.0 License Type: RightToUse …
Router#show waas status | include SSL-Express AO Status SSL-Express AO Status : Unsupported Router#show license detail securityk9 % Error: No license for securityk9 found - License feature not found
Router#show running-config all | include waas-ssl-trustpoint Router#show crypto pki trustpoints <trustpoint-name> status WAAS#show crypto certificates WAAS#show crypto certificate-detail WORD
Router#show waas alarms ... WAAS SSL-Express CA enrolled trustpoint deleted: off WAAS SSL-Express router certificate deleted: off ...
Show commands used for further debugging and RCA: show waas statistics accelerator ssl show waas statistics accelerator ssl debug show waas statistics accelerator ssl ciphers show waas statistics accelerator ssl peering
如果WAAS-Express裝置在WCM上的裝置組之間移動,有時會看到新裝置組下的策略定義不起作用。當從裝置組取消分配裝置時,它從裝置上次擁有的備份策略集中獲取策略。
在裝置組之間流動裝置時,請執行以下步驟:
* Go to the Policy Definitions page of that device and select the new device-group and click on Submit. OR * Go to device-group-1 -> Assign Devices page and unassign the device from this DG. * Go to device-group-2 -> Assign Devices page and assign the device to this DG. * Go to device-group-2 -> Policy Definitions page and click on 'Force DG settings' button.
在此領域沒有已知問題。請使用以下過程收集日誌,並將其提供給開發團隊。
* Disable waas on Waas-Express device * Clear statistics on WAAS-Express and core WAE * Enable waas on Waas-Express device * Let traffic run, disable waas on Waas-Express device * Collect statistics * Present screen-shots and show command outputs.
show tech-support show ip interface show ip virtual-reassembly show ip route show ip cef detail show ip cef internal show ip cef switching statistics show process cpu history
http://www.cisco.com/en/US/products/hw/iad/ps397/products_tech_note09186a00800b4447.shtml
要調試連線問題,您可能需要捕獲WAAS Express裝置上的資料包。
有關IOS資料包捕獲的詳細資訊,請參閱文檔:IP流量匯出。
Example to configure packet capture: ip traffic-export profile waas_wan mode capture bidirectional interface Serial0/0/0 ip virtual-reassembly out encapsulation frame-relay ip traffic-export apply waas_wan size 20000000 frame-relay map ip 10.0.0.2 557 broadcast no frame-relay inverse-arp frame-relay local-dlci 557 Use following commands to start, stop, copy and clear the buffer: traffic-export int s0/0/0 start traffic-export int s0/0/0 stop traffic-export int s0/0/0 copy ftp://username:password@192.168.1.116//tftpboot/ngwo.pcap traffic-export int s0/0/0 clear