Http And Non-Http Services Support - Cisco Catalyst 4500 Series Software Configuration Manual

Understanding WCCP
•

HTTP and Non-HTTP Services Support

WCCP enables redirection of HTTP traffic (TCP port 80 traffic), as well as non-HTTP traffic (TCP and
UDP). WCCP supports the redirection of packets intended for other ports, including those used for
proxy-web cache handling, File Transfer Protocol (FTP) caching, FTP proxy handling, web caching for
ports other than 80, and real audio, video, and telephony applications.
To accommodate the various types of services available, WCCP introduces the concept of multiple
service groups. Service information is specified in the WCCP configuration commands using dynamic
services identification numbers (such as 98) or a predefined service keywords (such as web-cache). This
information is used to validate that service group members are all using or providing the same service.
The Catalyst 4500 series switch supports up to eight service groups.
Note
For information on supported WCCP version 2 services with ACNS version 5.2 software, refer to the
Release Notes for Cisco ACNS Software, Release 5.2.3.
The content engines in service group specify traffic to be redirected by protocol (TCP or UDP) and port
(source or destination). Each service group has a priority level assigned to it. Packets are matched against
service groups in priority order and redirected by the highest priority service group that matches traffic
characteristics.
Multiple Routers Support
WCCP enables you to attach multiple routers to a cluster of cache engines. The use of multiple routers
in a service group enables redundancy, interface aggregation, and distribution of the redirection load.
MD5 Security
WCCP provides optional authentication that enables you to control which routers and content engines
become part of the service group using passwords and the HMAC MD5 standard. Shared-secret MD5
one-time authentication (set using the ip wccp [password [0-7] password] global configuration
command) enables messages to be protected against interception, inspection, and replay.
Web Content Packet Return
If a content engine is unable to provide a requested object it has cached due to error or overload, the
content engine returns the request to the router for onward transmission to the originally specified
destination server. WCCP verifies which requests have been returned from the content engine
unserviced. Using this information, the router can then forward the request to the originally targeted
server (rather than attempting to resend the request to the content cluster). This provides error handling
transparency to clients.
Typical reasons why a content engine would reject packets and initiate the packet return feature include
the following:
•
•
Catalyst 4500 Series Switch, Cisco IOS Software Configuration Guide - Cisco IOS XE 3.9.xE and IOS 15.2(5)Ex
81-4
Web Content Packet Return
Instances when the content engine is overloaded and has no room to service the packets.
Instances when the content engine is filtering for certain conditions that make caching packets
counterproductive (such as, when IP authentication has been turned on).
Chapter 81 Configuring WCCP Version 2 Services