Configuration Example: Itd As Wccp Replacement (Web-Proxy Deployment Mode) - Cisco Nexus 9000 Series Configuration Manual

Configuration Example: ITD as WCCP Replacement (Web-Proxy Deployment Mode)

switch(config)# itd device-group DG
switch(config-device-group)# node ip 192.168.2.11
switch(config-device-group)# node ip 192.168.2.12
switch(config-device-group)# node ip 192.168.2.13
switch(config-device-group)# node ip 192.168.2.14
switch(config-device-group)# probe icmp
Step 2: Define the ITD service.
switch(config)# itd HTTP
switch(config-itd)# ingress interface port-channel 1
switch(config-itd)# ingress interface port-channel 2
switch(config-itd)# ingress interface port-channel 3
switch(config-itd)# device-group DG
Switch(config-itd)# virtual ip 172.16.1.1 255.255.255.255
switch(config-itd)# no shutdown
Configuration Example: ITD as WCCP Replacement (Web-Proxy Deployment
Mode)
A proxy server acts as an intermediary for requests from clients seeking resources from other servers. A
web-proxy server specifically operates as an intermediary between a local network and the Internet. Typically,
a web-proxy server needs the network device to redirect Internet-bound web traffic toward it (forward flow);
however, subsequent packet forwarding only requires the network device to forward the packet regularly.
In a web-proxy deployment with ITD, the switch matches the Internet-bound web traffic and load balances
it toward the proxy servers. The proxy servers work in an autonomous mode (independent of WCCP and as
Active-Active) and handle the traffic that gets redirected to them. The node health probing done through ITD
serves the purpose of tracking the state of the nodes and removing or adding them back appropriately based
on their availability. Standby servers can also be configured at the group level or node level for redundancy.
ITD redirection is normally only required in the forward direction in the client-facing VLAN. Subsequently,
the packets are routed or forwarded without any ITD redirection or distribution. ITD with such web-proxy
deployments only need one ITD service, which is configured for the forward direction. However, reverse
traffic redirection is required, with traffic selection based on the source Layer 4 ports. Flow symmetry also
needs to be maintained by reversing the LB parameter.
With ITD for web-proxy deployments, ITD probes are used to check the availability of the web-proxy server,
which is critical because traffic sent toward a failed proxy server is lost.
The configuration below uses the topology in the following figure:
Cisco Nexus 9000 Series NX-OS Intelligent Traffic Director Configuration Guide, Release 9.x
48
Configuring ITD