Configuring an AppNav Cluster
This section contains the following topics:
Task Flow for Configuring an AppNav Cluster
You must complete the following steps to configure an AppNav Cluster:
1. Install and configure the individual ANC and WN devices with basic network settings. For WAAS appliances, see the “Configuring WAAS Device Interfaces” section. For AppNav-XE devices, see the router documentation.
2. Use the Central Manager AppNav Cluster Wizard to create a cluster and configure the interception mode, configure cluster settings, choose cluster devices, configure VRFs (for AppNav-XE), configure traffic interfaces, and configure WCCP settings if you are using WCCP. AppNav-XESee the “Creating a New AppNav Cluster with the Wizard” section.
3. (Optional) Configure AppNav class maps. This step is necessary only if you want to customize the default class map configuration. The system adds several default class maps that match traffic corresponding to most of the application accelerators and a class-default class map that matches all traffic. See the “Configuring AppNav Class Maps” section.
4. (Optional) Configure an AppNav policy. This step is necessary only if you want to customize the default policy. The system adds a default policy that distributes all traffic to the WNG-Default WNG, which is the node group into which all WNs are grouped by default. See the “Configuring Rules Within an AppNav Policy” section.
5. (Optional) Configure WAAS node optimization class maps and policy rules. This step is necessary only if you want to customize the default optimization policy that is listed in
Appendix A, “Predefined Optimization Policy.”
6. (Optional) Configure an interception ACL on WAAS appliance ANCs. See the “Configuring AppNav Controller ACLs” section.
Configuring WAAS Device Interfaces
Before you can use the AppNav Cluster wizard to create an AppNav Cluster, you must connect the WAAS device interfaces and configure the management interfaces. Configuration differs depending on whether management traffic uses a separate interface or shares the traffic handling interface.
This section contains the following topics:
For more information about device interface configuration, see Chapter6, “Configuring Network Settings” For more information about configuring a bridge group for inline interception mode, see the “Configuring Inline Operation on ANCs” section.
Note See your Cisco router documentation for information on configuring interfaces on AppNav-XE devices.
Interface Configuration with a Separate Management Interface
If you want management traffic to use a dedicated interface, separate from the traffic data path, connect and configure the devices as described in this section.
AppNav Controller
Step 1 Connect the last AppNav Controller Interface Module port to the switch/router port for the cluster traffic. For example, this port is GigabitEthernet 1/11 on a 12-port module or TenGigabitEthernet 1/3 on a 4-port module.
Step 2 Connect a built-in Ethernet port to the switch/router port for the management interface.
Step 3 For an in-path (inline) deployment, connect the first pair of ports on the AppNav Controller Interface Module (for example, GigabitEthernet 1/0 [LAN] and GigabitEthernet 1/1 [WAN] for bridge 1) to corresponding switch/router ports.
If the ANC is connected to a second router for a dual inline deployment, connect the second pair of ports on the AppNav Controller Interface Module (for example, GigabitEthernet 1/2 [LAN] and GigabitEthernet 1/3 [WAN] for bridge 2) to corresponding switch/router ports.
Step 4 Use the device
setup
command to configure the following settings:
– Configure the device mode as AppNav Controller.
– Configure the IP address and netmask of the built-in management port.
– Configure the built-in management port as the primary interface.
– Configure the other network and basic settings (default gateway, DNS, NTP server, and so forth).
– Register the device with the Central Manager by entering the Central Manager IP address.
Step 5 Configure the IP address and netmask of the last AppNav Controller Interface Module port and do not use DHCP. You can also configure these settings through the AppNav Cluster wizard, if desired.
WAAS Node
Step 1 Connect a built-in Ethernet port to the switch/router port for the management interface.
Step 2 Use the device
setup
command to configure the following settings:
– Configure the device mode as Application Accelerator.
– Configure the IP address and netmask of the built-in management port.
– Configure the built-in management port as the primary interface.
– Configure the other network and basic settings (default gateway, DNS, NTP server, and so forth).
– Register the device with the Central Manager by entering the Central Manager IP address.
Interface Configuration with a Shared Management Interface
If you want management traffic to use an interface shared by the traffic data path, connect and configure the devices as described in this section.
AppNav Controller
Step 1 Connect the last AppNav Controller Interface Module port to the switch/router port for the cluster traffic. For example, this port is GigabitEthernet 1/11 on a 12-port module or TenGigabitEthernet 1/3 on a 4-port module.
Step 2 For an in-path (inline) deployment, connect the first pair of ports on the AppNav Controller Interface Module (for example, GigabitEthernet 1/0 [LAN] and GigabitEthernet 1/1 [WAN] for bridge 1) to corresponding switch/router ports.
If the ANC is connected to a second router for a dual inline deployment, connect the second pair of ports on the AppNav Controller Interface Module (for example, GigabitEthernet 1/2 [LAN] and GigabitEthernet 1/3 [WAN] for bridge 2) to corresponding switch/router ports.
Step 3 Use the device
setup
command to configure the following settings:
– Configure the device mode as AppNav Controller.
– Configure the IP address and netmask of the last AppNav Controller Interface Module port and do not use DHCP.
– Configure the last AppNav Controller Interface Module port as the primary interface.
– Configure the other network and basic settings (default gateway, DNS, NTP server, and so forth).
– Register the device with the Central Manager by entering the Central Manager IP address.
WAAS Node
Step 1 Connect a built-in Ethernet port to the switch/router port for the management interface.
Step 2 Use the device
setup
command to configure the following settings:
– Configure the device mode as Application Accelerator.
– Configure the IP address and netmask of the built-in management port.
– Configure the built-in management port as the primary interface.
– Configure the other network and basic settings (default gateway, DNS, NTP server, and so forth).
– Register the device with the Central Manager by entering the Central Manager IP address.
Interface Configuration Considerations
The following guidelines concern WAAS device interface configuration:
-
On an ANC, the intercepted traffic must go through an interface on the AppNav Controller Interface Module.
-
On an ANC that also serves as a WN, the cluster interface is the same as the interception interface.
-
On a WN, cluster traffic can be handled on any interface, either built-in or on an interface module.
-
To simplify AppNav deployment, the AppNav Cluster Wizard uses the following conventions for configuring the AppNav Controller Interface Module ports on an ANC:
– The default port for cluster traffic is the last port on the module (for example, GigabitEthernet 1/11 on a 12-port module or TenGigabitEthernet 1/3 on a 4-port module).
– For an in-path (inline) deployment, the default interception bridge is the first pair of ports on the module (for example, GigabitEthernet 1/0 [LAN] and GigabitEthernet 1/1 [WAN] for bridge 1). If the ANC is connected to a second router for a dual inline deployment, the default second interception bridge is the second pair of ports on the module (for example, GigabitEthernet 1/2 [LAN] and GigabitEthernet 1/3 [WAN] for bridge 2).
The AppNav Cluster Wizard uses four predefined deployment models to help simplify configuration on a WAAS appliance. Each deployment model expects interfaces to be connected and configured in a particular way, except for the Custom option, which allows you to configure interfaces in any way. Before you run the wizard with one of the four predefined models, the needed interfaces must be in either of these states:
-
Not configured with an IP address and netmask and not used as part of another logical interface. (However, the last port on the AppNav Controller Interface Module can be configured with an IP address because it is the default port for cluster traffic.)
The wizard configures all needed traffic interface settings.
-
Configured as expected by the wizard according to the following deployment model expectations.
The following sections describe the interface configurations used by each of the four predefined deployment models.
Single AppNav Controller WCCP Interception
With a 12-port AppNav Controller Interface Module:
-
Port channel 1—Contains ports GigabitEthernet 1/10 and 1/11
-
Cluster interface—Port channel 1
With a 4-port AppNav Controller Interface Module:
-
Cluster interface—GigabitEthernet 1/3
Dual AppNav Controllers WCCP Interception
With a 12-port AppNav Controller Interface Module:
-
Port channel 1—Contains ports GigabitEthernet 1/10 and 1/11
-
Port channel 2—Contains ports GigabitEthernet 1/8 and 1/9
-
Standby group 1—Contains interfaces Port channel 1 (primary) and Port channel 2
-
Cluster interface—Standby Group 1
With a 4-port AppNav Controller Interface Module:
-
Standby group 1—Contains ports GigabitEthernet 1/2 and 1/3 (primary)
-
Cluster interface—Standby Group 1
Single AppNav Controller Inline Interception
-
Interception bridge 1—Contains ports GigabitEthernet 1/0 (LAN) and 1/1 (WAN)
-
Cluster interface—GigabitEthernet 1/11
Dual AppNav Controllers Inline Interception
-
Interception bridge 1—Contains ports GigabitEthernet 1/0 (LAN) and 1/1 (WAN)
-
Interception bridge 2—Contains ports GigabitEthernet 1/2 (LAN) and 1/3 (WAN)
-
Standby group 1—Contains ports GigabitEthernet 1/10 and 1/11 (primary)
-
Cluster interface—Standby Group 1
Creating a New AppNav Cluster with the Wizard
See the topic for the type of AppNav Cluster you want to create:
Creating a WAAS Appliance AppNav Cluster
Detailed Steps
To create a new AppNav Cluster by using the wizard, follow these steps:
Step 1 From the WAAS Central Manager menu, choose
AppNav Clusters > All AppNav Clusters
.
The Manage AppNav Clusters window appears.
Step 2 Click the
AppNav Cluster Wizard
icon in the taskbar of the Manage AppNav Clusters area. The Cluster Wizard window appears.
Step 3 In the AppNav platform drop-down list, choose WAVE Appliance.
Step 4 In the Deployment model drop-down list, choose one of the following deployment models that matches your deployment:
-
Single AppNav Controller WCCP interception
-
Dual AppNav Controllers WCCP interception
-
Single AppNav Controller Inline interception
-
Dual AppNav Controllers Inline interception
-
Custom
—For a deployment that does not match one of the choices above
Click
Next
.
Step 5 (Optional) If you chose the Custom deployment model, from the Interception method drop-down list, choose the
WCCP
or
Inline interception
method and click
Next
.
Step 6 Define the cluster settings by entering the following information:
-
In the Name field, enter a name for the cluster. Use only letters, numbers, hyphen, and underscore, up to a maximum of 32 characters and beginning with a letter.
-
(Optional) In the Description field, enter a description of the cluster. Use only letters and numbers, up to a maximum of 200 characters.
-
Check the
Disable Distribution
check box if you want make the cluster operate in monitoring mode, otherwise, it is activated when the wizard finishes. In monitoring mode, all traffic is passed through instead of being distributed to WNs.
Click
Next
.
Step 7 Choose the ANC and WN devices that you want to be part of the cluster:
a. Choose up to eight ANCs in the AppNav Controller device list by clicking the check box next to the device names. You can use the filter settings in the taskbar to filter the device list.
b. (Optional) If you want to enable optimization on the ANC devices, check the
Enable WAN optimization on selected AppNav Controller(s)
check box (it may be enabled or disabled by default, depending on the deployment model you chose).
c. Choose up to 32 WNs in the WAAS Nodes device list by clicking the check box next to the device names. You can use the filter settings in the taskbar to filter the device list.
If there are devices that are ineligible to join the cluster, click
Show Ineligible Devices
to see them and the reasons why they are ineligible. You can use the filter settings to filter the list.
d. Click
Next
.
Step 8 Verify the cluster interface, IP address, and netmask for each device in the cluster. The wizard automatically selects recommended cluster interfaces that should be configured. To edit the IP address and netmask settings for a device, choose the device and click the
Edit
taskbar icon. This screen does not appear if you are configuring a custom cluster.
Click
Finish
if you are using inline interception (and you are done) or click
Next
if you are using WCCP interception (and continue with the following steps for WCCP).
Step 9 (Optional) Configure the WCCP settings for the ANC. This screen does not appear if you are configuring an inline cluster.
For details about configuring WCCP, see the “Configuring WCCP on WAEs” section.
a. Ensure the
Enable WCCP Service
check box is checked if you want to enable WCCP. This item appears only if you are defining a custom cluster.
b. Verify the single WCCP service ID of 61 (default) or change it if desired.
You need to configure only this single WCCP service on both the ingress and egress ports of the router doing WCCP redirection to this ANC.
c. (Optional) If you want to enable two WCCP services, uncheck the
Enable Single Service Mode
check box (it is checked by default because two WCCP services are not needed). The automatically assigned second service ID number is shown in the Service ID2 field.
d. From the Redirect Method drop-down list, choose the WCCP L2 or WCCP GRE redirect method. For details on the redirect method, see the “Configuring or Viewing the WCCP Settings on ANCs” section. This item appears only if you are defining a custom cluster.
e. (Optional) If you do not want to use the default gateway defined on the device, uncheck the
Use Default Gateway as WCCP Router
check box. Enter the address of one or more WCCP routers, separated by commas, in the WCCP Routers field.
f. Click
Advanced WCCP Settings
to configure additional settings as needed. For more information on these fields, see the “Configuring or Viewing the WCCP Settings on ANCs” section. This item appears only if you are defining a custom cluster.
g. Click
Next
. If you are configuring multiple ANCs, a similar screen is shown for each ANC.
Step 10 Configure the interception and cluster interface settings for each device. The Cluster Interface Wizard appears only if you are defining a custom cluster, with one screen for each device in the cluster:
a. Configure individual interception interfaces, port channels, standby interfaces, and bridge interfaces (for inline only) as needed on the device by using the graphical interface wizard. If you are configuring an inline ANC, you must define a bridge interface with two physical or port-channel interfaces (or one of each) for interception. For details on how to use the wizard, see the “Configuring Interfaces with the Graphical Interface Wizard” section.
b. From the Cluster Interface drop-down list, choose the interface to be used for intra-cluster traffic.
c. Click
Next
. If you are configuring multiple devices, a similar screen is shown for each device.
Step 11 Click
Finish
to save the cluster configuration.
By default, the wizard assigns all WNs to a default WNG named WNG-Default. You can create additional WNGs as described in the “Adding a New WAAS Node to the Cluster” section. You can reassign WNs to different WNGs as described in the “Configuring WAAS Node Settings” section.
After you create an AppNav Cluster, it is shown in the Manage AppNav Clusters list. For details on monitoring the cluster, see the “Monitoring an AppNav Cluster” section.
Creating an AppNav-XE Cluster
Prerequisites
-
Set up the individual ANC and WN devices. Configure WN device interfaces as described in the “Configuring WAAS Device Interfaces” section. Configure ANC device interfaces as described in the router documentation.
-
Configure any desired VRF instances on the ANC routers.
-
Register all AppNav-XE devices with the Central Manager and ensure they are activated in the Central Manager. For more information on registering AppNav-XE devices, see the “Managing Cisco IOS Router Devices” section.
Detailed Steps
To create a new AppNav-XE cluster by using the wizard, follow these steps:
Step 1 From the WAAS Central Manager menu, choose
AppNav Clusters > All AppNav Clusters
.
The Manage AppNav Clusters window appears.
Step 2 Click the
AppNav Cluster Wizard
icon in the taskbar of the Manage AppNav Clusters area. The Cluster Wizard window appears.
Step 3 In the AppNav platform drop-down list, choose one of the following AppNav-XE platforms to use for your deployment. All ANCs must use the same platform type with identical memory configurations.
-
ASR 1000 Series
—AppNav-XE on the Cisco ASR 1000 Series Aggregation Services Router
-
CSR 1000V Series
—AppNav-XE on the Cisco Cloud Services Router 1000V Series
-
ISR 4451X
—AppNav-XE on the Cisco 4451-X Integrated Services Router
Click
Next
.
Step 4 Define the cluster settings by entering the following information:
-
In the Cluster Name field, enter a name for the cluster. Use only letters, numbers, hyphen, and underscore, up to a maximum of 32 characters and beginning with a letter.
-
(Optional) In the Description field, enter a description of the cluster. Use only letters and numbers, up to a maximum of 200 characters.
-
(Optional) From the WAAS Cluster Id drop-down list, choose a cluster ID that is unique for this cluster in your WAAS network. Only unused cluster IDs are shown.
Click
Next
.
Step 5 Choose the ANC and WN devices that you want to be part of the cluster:
a. Choose up to four AppNav-XE devices of the same platform type in the AppNav Controller device list by clicking the check box next to the device names. You can use the filter settings in the taskbar to filter the device list.
b. Choose up to 32 WNs in the WAAS Nodes device list by clicking the check box next to the device names. You can use the filter settings in the taskbar to filter the device list.
If there are devices that are ineligible to join the cluster, click
Show Ineligible Devices
to see them and the reasons why they are ineligible. You can use the filter settings to filter the list.
c. Click
Next
.
Step 6 Choose the VRF instances to associate with the service context by checking the box next to each VRF instance that you want to use. If you choose the VRF default, you cannot choose other VRFs. If you choose multiple VRFs, they must not have overlapping source IP addresses. Only VRFs that are available on all ANCs are listed in the top table. Ineligible VRFs are listed in the lower table.
Click
Next
.
Step 7 Configure the interception and cluster interface settings for each ANC device in the cluster:
a. Choose the WAN interfaces on which traffic interception is to be enabled. Interfaces must already be configured on the AppNav-XE devices and only those on which service insertion can be enabled are listed.
b. Choose the local interface to be used for intra-cluster traffic.
c. Click
Next
. If you are configuring multiple ANCs, a similar screen is shown for each device.
Step 8 Configure the cluster interface settings for each WN device in the cluster. The Cluster Interface Wizard appears, with one screen for each WN in the cluster:
a. Configure individual interfaces as needed on the device by using the graphical interface wizard. For details on how to use the wizard, see the “Configuring Interfaces with the Graphical Interface Wizard” section.
b. From the Cluster Interface drop-down list, choose the interface to be used for intra-cluster traffic.
c. Click
Next
. If you are configuring multiple WNs, a similar screen is shown for each device.
Step 9 Click
Finish
to save the cluster configuration.
By default, the wizard assigns all WNs to a default WNG named WNG-Default. You can create additional WNGs as described in the “Adding a New WAAS Node to the Cluster” section. You can reassign WNs to different WNGs as described in the “Configuring WAAS Node Settings” section.
To begin traffic optimization with AppNav-XE, enable WAAS service insertion on the AppNav-XE device interfaces on which you chose to intercept traffic. For more information, see the “Enabling WAAS Service Insertion on AppNav-XE Device Interfaces” section.
After you create an AppNav Cluster, it is shown in the Manage AppNav Clusters list. For details on monitoring the cluster, see the “Monitoring an AppNav Cluster” section.
Configuring Interfaces with the Graphical Interface Wizard
You can easily configure interfaces on AppNav Controller Interface Modules that are installed in devices that are part of an AppNav Cluster by using the graphical interface wizard (see Figure 4-4). Additionally, you can configure WN interfaces.
Figure 4-4 Graphical Interface Wizard
Note The graphical interface wizard is not used to configure interfaces on AppNav-XE ANCs.
The graphical interface wizard appears when you are editing the settings for a WN or ANC in the AppNav Cluster context. The top two fields, WAAS Node and WAAS Node Group, do not appear when configuring ANC interfaces.
In the graphical interface view, hover over a physical or logical interface to see its identifier (for example, GigabitEthernet 1/0). Port channels, bridge groups, and standby groups are indicated by colored blocks or dotted outlines. The IP address of each configured physical or logical interface is shown in a small blue highlight. The legend below the table indicates port channel, bridge group, and standby interfaces.
Right click on an interface to choose from the following actions (available actions are dependent on the device and cluster type):
-
Edit—To display a pane where you can edit the interface description, IP address, netmask, and shutdown status.
-
Create PortChannel—To create a new port channel with this interface. This choice displays a pane where you can configure the port channel number, description, IP address, netmask, and shutdown status.
-
Create Bridge—To create a new bridge group with this interface. This choice displays a pane where you can configure the bridge group number and description and enable link state propagation. This choice appears only when configuring a device for inline interception. A bridge interface consists of two physical or port-channel interfaces (or one of each)
-
Create Standby—To create a new standby group with this interface. This choice displays a pane where you can configure the standby group number, description, IP address, netmask, and shutdown status.
-
To PortChannel
n
—To add this interface to an existing port channel, where
n
is the port channel number.
-
To Standby
n
—To add this interface to an existing standby group, where
n
is the standby group number.
-
To Bridge
n
—To add this interface to an existing bridge group, where
n
is the bridge group number.
-
For standby interfaces (right-click within the standby interface group indicator):
– Edit—To edit the standby group settings such as the description, IP address, netmask, primary interface, and shutdown status.
– Delete Standby
n
—To delete the standby group.
-
For port channel interfaces (right-click within the port channel indicator):
– Edit—To edit the port channel settings such as the port channel number, description, IP address, netmask, and shutdown status.
– Remove from Standby
n
—To remove the port channel from standby group
n
.
– Delete PortChannel
n
—To delete the port channel.
-
For bridge group interfaces (right-click within the bridge group indicator):
– Edit—To edit the bridge group settings such as the bridge group number, description, and link state propagation status.
– Delete Bridge
n
—To delete the standby group.
To select an interface:
-
Individual interface—Click and selection is indicated by a blue color.
-
Standby group—Click on colored or dotted line indicator and selection is indicated by a thick dotted blue outline around all interfaces in the standby group.
-
Port channel or bridge group—Click on colored indicator and selection is indicated by a thick dotted blue outline around all interfaces in the port channel or bridge group.
You can also perform actions by selecting an interface and clicking the following taskbar icons:
-
Add (choices differ depending on the selected entity):
– Create PortChannel—To create a new port channel with this interface.
– Create Bridge—To create a new bridge group with this interface.
– Create Standby—To create a new standby group with this interface.
– To PortChannel
n
—To add this interface to an existing port channel, where
n
is the port channel number.
– To Standby
n
—To add this interface to an existing port channel, where
n
is the port channel number.
-
Edit—To edit the selected interface.
-
Delete (choices differ depending on the selected entity):
– Remove from Standby
n
—To remove the port channel from standby group
n
.
– Delete PortChannel
n
—To delete the port channel.
– Delete Standby
n
—To delete the standby group.
– Delete Bridge
n
—To delete the bridge group.
Use the Cluster Interface drop-down list to select the interface to be used for intra-cluster traffic (between the ANCs and WNs).
To enable swapping of client and WAAS device source IP address fields in intra-cluster traffic, check the
Enable swapping of source IP address in intra-cluster traffic
check box. You may want to enable this option if you are using a port channel for the cluster interface or there is a load balancing device between the ANC and WN. This option may improve the load balancing of traffic that the ANC distributes to WNs for optimization because it load balances based on the client IP address rather than the ANC IP address. (For traffic from the server to the client, it swaps the server IP address with the ANC IP address.) This option is not available for AppNav-XE clusters.
Note If you are using WCCP, the WCCP control messages must pass through the ANC interface that receives intercepted traffic from the routers. If WCCP control messages are routed to the ANC management interface, the cluster does not operate.
Configuring AppNav Policies
This section contains the following topics:
Configuring AppNav Class Maps
See the topic for the type of AppNav cluster you have:
Configuring a WAAS Appliance AppNav Class Map
To configure a class map on a WAAS appliance AppNav cluster, follow these steps:
Step 1 From the WAAS Central Manager menu, choose
AppNav Clusters >
cluster-name
.
Step 2 Choose
Configure > AppNav Cluster > AppNav Class-Map
.
The AppNav Class-Maps window appears, listing the existing class maps.
From this window, you can perform the following tasks:
-
Use the filter settings in the Show drop-down list to filter the class map list as needed. You can use a quick filter or show all class maps.
-
Edit a class map by selecting it and clicking the
Edit
taskbar icon.
-
Delete one or more class maps by selecting them and clicking the
Delete
taskbar icon.
-
Add a new class map as described in the steps that follow.
Step 3 Click the
Add Class-Map
taskbar icon.
Step 4 In the Name field enter a name for the class map, with up to 40 alphanumeric characters and underscore.
Step 5 (Optional) In the Description field enter a description for the class map, with up to 200 alphanumeric characters, underscore, and space.
Step 6 From the Type drop-down list, choose the class map type:
-
Application
—Matches traffic for a particular application based on source and/or destination IP addresses and/or ports, or the Microsoft RPC application identifier (for applications that use dynamic port allocation). Continue with Step 7.
-
Site
—Matches traffic from particular WAAS peer devices, for site affinity. Continue with Step 8.
-
Custom
—Mixes application and site affinity. Matches traffic for a particular application from one specific peer WAAS device. Continue with Step 9.
-
Any TCP
—Matches any TCP traffic as a catch-all classifier. If you choose this type, there are no other fields to set. Click
OK
to finish and return to the class maps list.
The match conditions shown in the lower part of the pane change depending on the class map type.
Step 7 (Optional) For an Application class map type, enter one or more match conditions. You can perform the following tasks in this pane:
-
Edit a match condition by selecting it and clicking the
Edit
taskbar icon.
-
Delete one or more match conditions by selecting them and clicking the
Delete
taskbar icon.
-
Add a new match condition as described in the steps that follow.
a. Click the
Add Match Condition
taskbar icon.
b. Enter values in one or more fields to create a condition for a specific type of traffic. For example, to match all traffic going to ports 5405–5407, enter
5405
in the Destination Port Start field and
5407
in the Destination Port End field. You can use the IP address wildcard fields to specify a range of IP addresses using a wildcard subnet mask in dotted decimal notation (such as 0.0.0.255 for /24).
c. If you want to match Microsoft RPC traffic that uses dynamic port allocation, choose the RPC application identifier from the Protocol drop-down list. For example, to match Microsoft Exchange Server traffic that uses the MAPI protocol, choose
mapi
.
d. Click
Save
to save the match condition.
e. Add additional match conditions as needed and click
OK
to save the class map and return to the class maps list. If any one of the conditions is matched, the class is considered matched.
Step 8 (Optional) For a Site class map type, select one or more peer devices. Follow these steps to create the class map:
a. Use the filter settings in the Show drop-down list to filter the device list as needed. You can use a quick filter, show all devices, or show all assigned devices.
b. Check the box next to each device that you want to match traffic from. You can check the box next to the column title to select all devices and uncheck it to deselect all devices. If any one of the selected devices is matched, the class is considered matched.
c. Click
OK
to save the class map and return to the class maps list.
Step 9 (Optional) For a Custom class map type, you must enter one match condition based on IP address/port or Microsoft RPC application ID and you must choose one WAAS peer device. All specified matching criteria must be satisfied for the class to be considered matched. Follow these steps to create the class map:
a. Enter values in one or more IP address and/or port fields to create a condition for a specific type of traffic. For example, to match all traffic going to ports 5405–5407, enter
5405
in the Destination Port Start field and
5407
in the Destination Port End field. You can use the IP address wildcard fields to specify a range of IP addresses using a wildcard subnet mask in dotted decimal notation (such as 0.0.0.255 for /24).
Note We strongly recommend that you use the WAAS Central Manager GUI to centrally configure class maps for your WAAS devices. However, there is one exception to this recommendation. Use the CLI to create an AppNav class map with a Type of Application or Custom, and whose source or destination address has one of the following: an IP address ending in “0.0.0” or a non-Class A IP address ending in “0.0”.
b. (Optional) If you want to match Microsoft RPC traffic that uses dynamic port allocation, choose the RPC application identifier from the Protocol drop-down list. For example, to match Microsoft Exchange Server traffic that uses the MAPI protocol, choose
mapi
.
c. You must choose one WAAS peer device from the Remote Device drop-down list.
d. Click
OK
to save the class map and return to the class maps configuration window.
Configuring an AppNav-XE Class Map
To configure a class map on an AppNav-XE cluster, follow these steps:
Step 1 From the WAAS Central Manager menu, choose
AppNav Clusters >
cluster-name
.
Step 2 Choose
Configure > AppNav Cluster > AppNav Class-Map
.
The AppNav Class-Maps window appears, listing the existing class maps.
From this window, you can perform the following tasks:
-
Use the filter settings in the Show drop-down list to filter the class map list as needed. You can use a quick filter or show all class maps.
-
Edit a class map by selecting it and clicking the
Edit
taskbar icon.
-
Delete one or more class maps by selecting them and clicking the
Delete
taskbar icon.
-
Add a new class map as described in the steps that follow.
Step 3 Click the
Add Class-Map
taskbar icon.
Step 4 In the Name field enter a name for the class map, with up to 221 characters, not including a space or question mark (?).
Step 5 (Optional) In the Description field enter a description for the class map, with up to 200 characters, not including a question mark (?).
Step 6 From the Match Type radio buttons, choose
match-any
or
match-all
. Match-any means that if any one of the match conditions is matched, the class is considered matched. Match-all means that all the match conditions must be matched for the class to be matched.
Step 7 Click the
Add Match Condition
taskbar icon. The Match Condition pane appears.
Step 8 From the Match Condition drop-down list, choose the type of match condition you want to create:
-
Source/Destination IP
—Matches traffic for a particular application based on an access list of source and/or destination IP addresses and/or ports. Continue with Step 9.
-
Protocol
—Matches traffic for a particular Microsoft RPC application identifier (for applications that use dynamic port allocation). Continue with Step 10.
-
Peer
—Matches traffic from particular WAAS peer devices, for site affinity. Continue with Step 11.
The match conditions shown in the lower part of the pane change depending on the condition type.
Step 9 (Optional) For a Source/Destination IP match condition type, enter one or more access control entries (ACEs). You can perform the following tasks in this pane:
-
Edit an ACE by selecting it and clicking the
Edit
taskbar icon.
-
Delete one or more ACEs by selecting them and clicking the
Delete
taskbar icon.
-
Move one or more selected ACEs to a new position by clicking the
Move To
taskbar icon. After moving the ACEs, click
Save Moved Rows
to save the change.
-
Move one or more selected ACEs up or down one position by clicking the
Up
or
Down Arrow
taskbar icons, then click
Save Moved Rows
to save the change.
-
Save ACEs that you have moved with the Move To or Up and Down Arrow functions by clicking the
Save Moved Rows
taskbar icon.
-
Insert a new ACE before the selected row by clicking the
Insert
taskbar icon. The workflow for inserting is the same as for adding (described in the following steps).
-
Add a new ACE as described in the steps that follow.
a. Click the
Add ACE
taskbar icon.
b. From the Action drop-down list, choose Permit or Deny, which determines whether this ACE permits or denies matched traffic.
c. Enter values in one or more fields to create an ACE for a specific type of traffic. Enter any in the IP address fields to specify any IP address.
d. You can use the IP address wildcard fields to specify a range of IP addresses using a wildcard subnet mask in dotted decimal notation (such as 0.0.0.255 for /24).
e. You can use the Source/Destination Port Operator drop-down lists to choose an operator and behavior for the port fields:
– None—Port field is not used.
– eq—Match requires traffic port to be equal to the Port field.
– gt—Match requires traffic port to be greater than the Port field.
– lt—Match requires traffic port to be less than the Port field.
– neq—Match requires traffic port to be not equal to the Port field.
– Range—Match requires traffic port to be within the range of ports from the Start Port field through the Port End field.
In the port fields, you can choose the port from a drop-down list or enter a numeric value.
f. Click
OK
to save the ACE.
g. Add additional ACEs as needed and click
OK
to save the match condition and return to the match conditions list.
Step 10 (Optional) For a Protocol match condition type, follow these steps:
a. From the Select Protocol drop-down list, choose the Microsoft RPC application identifier that identifies the traffic you want to match. For example, to match Microsoft Exchange Server traffic that uses the MAPI protocol, choose
mapi
.
b. Click
OK
to save the match condition and return to the match conditions list.
Step 11 (Optional) For a Peer match condition type, select one or more peer devices. Follow these steps to create the match condition:
a. Use the filter settings in the Show drop-down list to filter the device list as needed. You can use a quick filter, show all devices, or show all assigned devices.
b. Check the box next to each device that you want to match traffic from. You can check the box next to the column title to select all devices and uncheck it to deselect all devices.
c. Click
OK
to save the match condition and return to the match conditions list.
Step 12 Click
OK
to save the class map and return to the class maps configuration window.
Configuring Rules Within an AppNav Policy
See the topic for the type of AppNav cluster you have:
Configuring WAAS Appliance Policy Rules
To configure AppNav policy rules on a WAAS appliance AppNav cluster, follow these steps:
Step 1 From the WAAS Central Manager menu, choose
AppNav Clusters >
cluster-name
.
Step 2 Choose
Configure > AppNav Cluster > AppNav Policies
.
The AppNav Policy window appears.
Step 3 Choose the policy to configure from the
AppNav Policy
drop-down list at the top.
You can click
Manage
to create or delete a policy or configure the ANCs to which a policy is applied. For details see the “Managing WAAS Appliance Policies” section.
From the AppNav Policy Rules area, you can perform the following tasks:
-
Use the filter settings in the Show drop-down list to filter the rule list as needed. You can use a quick filter or show all rules.
-
Edit a rule by selecting it and clicking the
Edit
taskbar icon.
-
Delete one or more rules by selecting them and clicking the
Delete
taskbar icon.
-
Move one or more selected rules to a new position by clicking the
Move To
taskbar icon. After moving the rows, click
Save Moved Rows
to save the change.
-
Move one or more selected rules up or down one position by clicking the
Up
or
Down Arrow
taskbar icons, then click
Save Moved Rows
to save the change.
-
Save rows that you have moved with the Move To or Up and Down Arrow functions by clicking the
Save Moved Rows
taskbar icon.
-
Insert a new rule before the selected row by clicking the
Insert
taskbar icon. The workflow for inserting is the same as for adding (described in the following steps).
-
Add a new rule at the end of the list as described in the steps that follow. (The class-default rule is always pushed to the last position.)
Step 4 Click the
Add Policy Rule
taskbar icon.
Step 5 From the AppNav Class-Map
drop-down list, choose the class map to which this policy rule applies.
If you want to edit the class map, click
Edit
, or if you want to create a new class map, click
Create New
. The workflow is the same as described in the “Configuring a WAAS Appliance AppNav Class Map” section.
Step 6 From the Distribute To
drop-down list, choose the distribution action to apply to the class map. The list includes all defined WNGs and the choices (None), for no action, and (Passthrough), to pass through this type of traffic. The meaning of (None) is context dependent: in a top level policy it means pass through and if this policy is nested, it means inherit the parent policy rule action.
When you choose a WNG, other settings appear. If you want create a new WNG, click
Create New
. The workflow is the same as described in the “Adding a New WAAS Node Group to the Cluster” section. The newly created WNG appears in both the Distribute To and Backup drop-down lists.
Step 7 (Optional) From the Backup drop-down list, choose the backup WNG to use for distribution if the primary WNG is unavailable.
Step 8 (Optional) From the Monitor drop-down list, choose the application accelerator to monitor. When you monitor an application accelerator, the ANC checks for overload on that application accelerator and does not send new flows to a WN that is overloaded. If you choose None, a specific application accelerator is not monitored, only the maximum connection limit of the device is monitored.
Step 9 (Optional) If you want to apply a nested policy within this rule, click
Nested Actions (Advanced)
to expand this area.
Step 10 (Optional) From the Nested Policy drop-down list, choose the policy to nest, or choose
None
to select no policy. When you choose a policy, the policy rules are displayed in a table.
If there are policies that are ineligible to be specified as a nested policy, click
Show Ineligible Policies
to display them and the reasons they are ineligible. A policy is ineligible if it already has a nested policy, because only one level of nesting is allowed.
To edit the chosen policy, click
Edit
, or to create a new policy for nesting, click
Create New
. The workflow for both editing and creating is the same.
a. In the Name field enter the policy name. This field is not editable for the waas_app_default policy.
b. Click the
Add Policy Rule
taskbar icon.
A new row is added, showing fields for configuring the rule.
c. From the Class-Map drop-down list, choose the class map to which this rule applies.
d. From the Distribute To drop-down list, choose the distribution action to apply to the class map. The list includes all defined WNGs and the choices (Inherit), to inherit this action from the parent policy, and (Passthrough), to pass through this type of traffic.
e. (Optional) From the Backup drop-down list, choose the backup WNG to use for distribution if the primary WNG is unavailable.
f. (Optional) From the Monitor drop-down list, choose the application accelerator to monitor.
g. Click
OK
to save the policy rule and return to the AppNav Policy Rule pane for the primary policy rule you are creating.
Step 11 Click
OK
to create the policy rule and return to the policy configuration window.
Note If all AppNav policies have been deleted and you add a new policy rule, the policy rule is added to a new appnav_default policy, which is created automatically.
Configuring AppNav-XE Policy Rules
To configure AppNav policy rules on an AppNav-XE cluster, follow these steps:
Step 1 From the WAAS Central Manager menu, choose
AppNav Clusters >
cluster-name
.
Step 2 Choose
Configure > AppNav Cluster > AppNav Policies
.
The AppNav Policy window appears.
Step 3 Click the radio button next to the policy to configure in the AppNav Policies table at the top of the window.
From the AppNav Policies table, you can perform the following tasks:
-
Use the filter settings in the Show drop-down list to filter the rule list as needed. You can use a quick filter or show all rules.
-
Edit a policy by selecting it and clicking the
Edit
taskbar icon.
-
Delete a policy by selecting it and clicking the
Delete
taskbar icon.
-
Unassign a policy by selecting it and clicking the
Unassign Policy
taskbar icon.
-
Add a policy by clicking the
Add Policy
taskbar icon.
For details on these tasks see the “Managing AppNav-XE Policies” section.
The AppNav Policy Rules table in the lower part of the window shows the rules in the policy that is selected in the AppNav Policies table. From the AppNav Policy Rules table, you can perform the following tasks:
-
Use the filter settings in the Show drop-down list to filter the rule list as needed. You can use a quick filter or show all rules.
-
Edit a rule by selecting it and clicking the
Edit
taskbar icon.
-
Delete one or more rules by selecting them and clicking the
Delete
taskbar icon.
-
Move one or more selected rules to a new position by clicking the
Move To
taskbar icon. After moving the rows, click
Save Moved Rows
to save the change.
-
Move one or more selected rules up or down one position by clicking the
Up
or
Down Arrow
taskbar icons, then click
Save Moved Rows
to save the change.
-
Save rows that you have moved with the Move To or Up and Down Arrow functions by clicking the
Save Moved Rows
taskbar icon.
-
Insert a new rule before the selected row by clicking the
Insert
taskbar icon. The workflow for inserting is the same as for adding (described in the following steps).
-
Add a new rule at the end of the list as described in the steps that follow. (The class-default rule is always pushed to the last position.)
Step 4 Click the
Add Policy Rule
taskbar icon.
Step 5 From the AppNav Class-Map
drop-down list, choose the class map to which this policy rule applies.
If you want to edit the class map, click
Edit
, or if you want to create a new class map, click
Create New
. The workflow is the same as described in the “Configuring an AppNav-XE Class Map” section.
Step 6 From the Distribute To
drop-down list, choose the distribution action to apply to the class map. The list includes WNGs and the choices (None), for no action, and (Passthrough), to pass through this type of traffic. The meaning of (None) is the same as (Passthrough). For the default policy map, the WNG list includes the default WNG and any custom WNG that is part of the assigned context. For a custom policy map, the WNG list includes default and custom WNGs that are not already assigned to another context.
When you choose a WNG, other settings appear. If you want create a new WNG, click
Create New
. The workflow is the same as described in the “Adding a New WAAS Node Group to the Cluster” section. The newly created WNG appears in the Distribute To drop-down list.
Step 7 (Optional) From the Monitor drop-down list, choose the application accelerator to monitor. When you monitor an application accelerator, the ANC checks for overload on that application accelerator and does not send new flows to a WN that is overloaded. If you choose None, a specific application accelerator is not monitored, only the maximum connection limit of the device is monitored.
Step 8 Click
OK
to create the policy rule and return to the policy configuration window.
Managing AppNav Policies
See the topic for the type of AppNav cluster you have:
Managing WAAS Appliance Policies
To create or delete AppNav policies or configure the ANCs to which policies apply in a WAAS appliance AppNav cluster, follow these steps:
Step 1 From the WAAS Central Manager menu, choose
AppNav Clusters >
cluster-name
.
Step 2 Choose
Configure > AppNav Cluster > AppNav Policies
.
The AppNav Policy window appears.
Step 3 Choose the policy to view from the AppNav Policy drop-down list at the top.
For details on using the AppNav Policy Rules area see the “Configuring WAAS Appliance Policy Rules” section.
Step 4 Click
Manage
.
From the Manage AppNav Policies pane, you can perform the following tasks:
-
Use the filter settings in the Show drop-down list to filter the policy list as needed. You can use a quick filter or show all policies.
-
Edit a policy and configure the ANCs to which it applies by selecting it and clicking the
Edit
taskbar icon.
-
Delete a policy by selecting it and clicking the
Delete
taskbar icon.
-
Add a new policy as described in the steps that follow.
Step 5 Click the
Add Policy
taskbar icon.
Step 6 In the Name field enter a name for the policy, with up to 40 alphanumeric characters and underscore.
Step 7 (Optional) In the Description field enter a description for the policy, with up to 200 alphanumeric characters, underscore, and space.
Step 8 (Optional) Check the box next to each ANC that you want to assign to this policy. To unassign any assigned devices, uncheck the box.
Assigning the policy to an ANC makes the policy active on that ANC (only one policy can be active on an ANC) and removes the association of any previously active policy on that ANC. It is not necessary to assign the policy to an ANC if you want to create the policy as an alternate. You can assign it to ANCs later as needed.
Step 9 Click
OK
to save the policy and return to the Manage AppNav Policies pane.
Step 10 Click
Close
to return to the policy configuration window.
Step 11 Add policy rules to the new policy as described in the “Configuring WAAS Appliance Policy Rules” section.
If you want to restore the default class maps and policy maps to your cluster, you can click the
Restore Default
taskbar icon at the top of the AppNav Policies window. This action removes all existing class and policy map configurations and restores the default class and policy maps. All WAAS nodes assigned to WNGs are moved to the default WNG and other WNGs are removed.
Managing AppNav-XE Policies
To create or delete AppNav policies or unassign a policy from a context in an AppNav-XE cluster, follow these steps:
Step 1 From the WAAS Central Manager menu, choose
AppNav Clusters >
cluster-name
.
Step 2 Choose
Configure > AppNav Cluster > AppNav Policies
.
The AppNav Policy window appears.
Step 3 Click the radio button next to the policy to act on in the AppNav Policies table at the top of the window.
From the AppNav Policies table, you can perform the following tasks:
-
Use the filter settings in the Show drop-down list to filter the rule list as needed. You can use a quick filter or show all rules.
-
Edit a policy by selecting it and clicking the
Edit
taskbar icon.
-
Delete a policy by selecting it and clicking the
Delete
taskbar icon.
-
Unassign a policy from a context by selecting it and clicking the
Unassign Policy
taskbar icon. Unassigning a policy from a context also disables the context and unassigns all WNGs from the context. You must click OK again to confirm that you want to proceed.
-
Add a new policy as described in the steps that follow.
For details on using the AppNav Policy Rules area see the “Configuring AppNav-XE Policy Rules” section.
Step 4 Click the
Add Policy
taskbar icon.
Step 5 In the Name field enter a name for the policy, with up to 227 characters, not including a space or question mark (?). Do not use a name of the form APPNAV-
n
-PMAP, which is used for default policy maps.
Step 6 (Optional) In the Description field enter a description for the policy, with up to 200 characters, not including a question mark (?).
Step 7 In the Assign to AppNav Context drop-down list, choose the context to which to assign the new policy.
Assigning the policy to a context makes the policy active on all the ANCs that are part of the context. Only contexts that do not already have an assigned policy are listed.
For default policy maps, only one context is displayed, based on the context ID. For example, for APPNAV-4-PMAP, only waas/4 is displayed (in case it is not already assigned).
Step 8 Click
OK
to save the policy and return to the AppNav Policies window.
Step 9 Add policy rules to the new policy as described in the “Configuring AppNav-XE Policy Rules” section.
If you want to restore the default class maps and policy maps to your cluster, you can click the
Restore Default
taskbar icon at the top of the AppNav Policies window. This action removes all existing class and policy map configurations and restores the default class and policy maps. All WAAS nodes assigned to each context are moved to their respective default WNGs and all unassigned WNGs are removed.
Configuring WAAS Node Optimization Policy
The WAAS node optimization policy controls how traffic that is distributed to the WAAS nodes is optimized. The optimization policy is configured on the WNs and any ANCs that are also acting as optimizing nodes.
All WNs in one WNG must have an identical optimization policy configured on them. Otherwise, optimization of flows is not predictable. The optimization policy can be different for different WNGs.
For information on how to configure the optimization policy, see Chapter13, “Configuring Application Acceleration”
The default optimization policy is listed in
Appendix A, “Predefined Optimization Policy.”
Configuring AppNav Controller ACLs
An AppNav Controller ACL controls what traffic is intercepted by a WAAS appliance ANC. You may want to configure an ANC interception ACL for each WAAS appliance ANC in an AppNav Cluster.
For information on how to configure an ANC interception ACL, see the “Configuring Interception Access Control Lists” section.
Configuring AppNav Cluster Settings
To configure AppNav Cluster settings for the AppNav cluster, follow these steps:
Step 1 From the WAAS Central Manager menu, choose
AppNav Clusters > All AppNav Clusters
.
The Manage AppNav Clusters window appears, which shows the status of each cluster.
From this window, you can perform the following tasks:
-
Create a new AppNav Cluster. The workflow is the same as described in the “Creating a New AppNav Cluster with the Wizard” section.
-
Delete an AppNav Cluster by selecting an AppNav Cluster and clicking the
Delete
icon in the taskbar of the Manage AppNav Clusters area.
-
View an AppNav Cluster topology and edit its settings as described in the steps that follow.
Step 2 Click the name of the cluster whose settings you want to edit.
The cluster topology diagram appears.
Step 3 Choose
Configure > AppNav Cluster > AppNav Cluster
.
The Cluster Configuration window appears.
Step 4 In the Name field, enter a new name for the cluster if you want to rename it. (Not available on AppNav-XE clusters.)
Step 5 (Optional) In the Description field, enter the cluster description. Use only letters and numbers, up to a maximum of 200 characters. (Not available on AppNav-XE clusters.)
Step 6 (Optional) In the Authentication Key and Confirm Authentication Key fields, enter an authentication key that is used to authenticate communications between the WAAS devices in the cluster. Use only letters and numbers, up to a maximum of 64 characters.
Step 7 (Optional) In the Shutdown Wait Time field, enter the number of seconds that WNs in the cluster should wait for all connections to terminate before shutting down. The default is 120 seconds.
Step 8 (Optional) To configure cluster distribution and off-loading of pass-through connections, expand the
Advanced Settings
section by clicking it.
Step 9 (Optional) To enable distribution of traffic from the ANCs in the cluster to WNs, ensure that the
Enable distribution of traffic on AppNav Controllers
check box is checked. To disable distribution of traffic, uncheck this box. When distribution is disabled, the cluster operates in monitoring mode where it continues to intercept traffic and, instead of distributing it to WNs, passes it through. This mode can be useful for monitoring traffic statistics without optimizing the traffic. (Not available on AppNav-XE clusters.)
Step 10 (Optional) To configure offloading of pass-through connections from WNs to ANCs, check the check boxes in the
Enable offload of pass-through connections from WAAS nodes to AppNav Controllers for following reasons
section. This feature allows pass-through connections to be passed through at the ANC instead of being distributed to the WN and then passed-through. Configure pass-through offload as follows:
a. To offload all pass-through connections, which includes connections passed through due to error conditions, check the
All pass-through connections
check box. Check this box only if you do not need application visibility on the WNs into pass-through traffic due to error conditions. The default is unchecked.
b. To offload connections passed through due to missing policy configuration, check the
Due to missing policy configuration
check box. The default is checked.
c. To offload connections passed through due to no peer WN, check the
Due to no peer WAAS node
check box. The default is checked.
d. To offload connections passed through due to an intermediate WN, check the
Due to intermediate WAAS node
check box. The default is checked.
e. If some of the WNs use different pass-through offload settings, you can synchronize the settings on all WNs to match the configuration shown here by checking the
Synchronize settings on all devices
check box. This check box is shown only if the settings on some WNs are different. The default is unchecked.
Step 11 Click
Submit
.
The lower part of this window includes tabs that show lists of the ANCs, WNs, and WNGs that are part of the cluster. On AppNav-XE devices, there is an additional AppNav Contexts tab that displays contexts. The controls in these parts of this window work as described in the following sections:
To configure AppNav Cluster settings for an individual WN, see the “Configuring AppNav Cluster Settings for a WAAS Node” section. If you are using an authentication key to authenticate communications, you must configure the cluster and each WN with the same key.
Configuring AppNav Controller Settings
See the topic for the type of AppNav cluster you have:
Configuring WAAS Appliance AppNav Controller Settings
To configure ANC settings for a WAAS appliance, follow these steps:
Step 1 From the WAAS Central Manager menu, choose
AppNav Clusters >
cluster-name
.
Step 2 Click the
AppNav Controllers
tab below the topology diagram.
All ANCs in the cluster are listed, showing the name, location, IP address, interface used for intra-cluster traffic, and enabled status.
From this list, you can perform the following tasks:
-
Edit the interface settings for an ANC by choosing the ANC and clicking the
Edit
taskbar icon, as described in the following steps.
-
Delete an ANC by choosing the ANC and clicking the
Delete
taskbar icon.
-
Add a new ANC to the cluster by clicking the
Add AppNav Controller
taskbar icon. See the “Adding an ANC to a Cluster” section.
-
Enable a disabled ANC by choosing the cluster and clicking the
Enable
taskbar icon.
-
Disable an ANC by choosing the ANC and clicking the
Disable
taskbar icon.
Step 3 Click the radio button next to the ANC that you want to edit and click the
Edit
taskbar icon.
The Edit AppNav Controller pane appears.
Step 4 Configure the internal WAAS node settings:
a. If you want to enable optimization on the ANC, check the
Enable WAN optimization (Internal WAAS Node)
check box.
b. If you enabled WAN optimization, from the
WAAS Node Group
drop-down list, choose the WNG to which the internal WN should belong.
c. Click
Next
.
Step 5 (Optional) Configure the WCCP settings for the ANC. This screen does not appear if the ANC is configured for inline interception. For more information on the WCCP fields, see the “Configuring or Viewing the WCCP Settings on ANCs” section.
When finished with the WCCP settings, click
Next
. The graphical interface wizard appears.
Step 6 Configure the interception and cluster interface settings:
a. In the graphical interface view, configure interception interfaces on the AppNav Controller Interface Module as needed. For details on how to use the wizard, see the “Configuring Interfaces with the Graphical Interface Wizard” section.
b. From the Cluster Interface drop-down list, choose the interface to be used for intra-cluster traffic.
c. (Optional) To enable swapping of client and WAAS device source IP address fields in intra-cluster traffic, check the
Enable swapping of source IP address in intra-cluster traffic
check box.
You may want to enable this option if you are using a port channel for the cluster interface or there is a load balancing device between the ANC and WN. This option may improve the load balancing of traffic that the ANC distributes to WNs for optimization because it load balances based on the client IP address rather than the ANC IP address. (For traffic from the server to the client, it swaps the server IP address with the ANC IP address.) The Central Manager enables this feature automatically if any existing ANCs have port channel cluster interfaces.
Step 7 Click
Finish
.
Configuring AppNav-XE Controller Settings
To configure ANC settings for an AppNav-XE device, follow these steps:
Step 1 From the WAAS Central Manager menu, choose
AppNav Clusters >
cluster-name
.
Step 2 Click the
AppNav Controllers
tab below the topology diagram.
All ANCs in the cluster are listed, showing the name, location, IP address, interface used for intra-cluster traffic, and enabled status.
From this list, you can perform the following tasks:
-
Edit the interface settings for an ANC by choosing the ANC and clicking the
Edit
taskbar icon, as described in the following steps.
-
Delete an ANC by choosing the ANC and clicking the
Delete
taskbar icon.
-
Add a new ANC to the cluster by clicking the
Add AppNav Controller
taskbar icon. See the “Adding an ANC to a Cluster” section.
Step 3 Click the radio button next to the ANC that you want to edit and click the
Edit
taskbar icon.
The Edit AppNav Controller pane appears.
Step 4 On an AppNav-XE cluster, configure the interception and cluster interface settings:
a. Choose the WAN interfaces on which traffic interception is to be enabled. Interfaces must already be configured on the AppNav-XE devices and only those on which service insertion can be enabled are listed.
b. From the Cluster Interface drop-down list, choose the interface to be used for intra-cluster traffic.
Step 5 Click
Finish
.
Configuring AppNav Contexts
An AppNav-XE cluster can have up to 32 contexts. A WAAS appliance AppNav cluster can have only one context, which is defined by the cluster settings; the ability to add contexts is not available.
To configure AppNav contexts, follow these steps:
Step 1 From the WAAS Central Manager menu, choose
AppNav Clusters >
cluster-name
.
Step 2 Click the
AppNav Contexts
tab below the topology diagram.
All AppNav contexts in the cluster are listed, showing the name, associated WNGs, VRFs, the AppNav policy, and enabled status.
From this list, you can perform the following tasks:
-
Edit a context by choosing the context and clicking the
Edit
taskbar icon.
-
Delete a context by choosing the context and clicking the
Delete
taskbar icon.
-
Enable a disabled context by choosing the context and clicking the
Enable
taskbar icon.
-
Disable a context by choosing the context and clicking the
Disable
taskbar icon.
-
Add a new context as described in the steps that follow. (Not allowed for WAAS appliance clusters.)
Step 3 Click the
Add AppNav Context
taskbar icon.
Step 4 From the WAAS Cluster Id drop-down list, choose the cluster ID to assign to this context. The first available ID is initially selected.
Step 5 (Optional) In the AppNav Policy Name field, specify the name of the AppNav policy to associate with the cluster. A default suggested policy name initially appears in the field, which you can change if desired. If you enter the name of a policy that does not exist, it is created.
You cannot specify a name that uses the same form as the default name but with a number different than the context ID, because such names are reserved for the default policy maps associated with contexts.
Step 6 (Optional) In the WAAS Node Group field, specify the name of the WNG to associate with the context. A default suggested WNG name initially appears in the field, which you can change if desired. If you enter the name of a WNG that does not exist, it is created. To associate a WNG with a context, the WNG must be used in policy rules that are used in the context.
You cannot specify a name that uses the same form as the default name but with a number different than the context ID, because such names are reserved for the default WNGs associated with contexts.
Step 7 Click
Next
.
Step 8 Select one or more VRFs to associate with the context. Follow these steps:
a. Use the filter settings in the Show drop-down list to filter the VRF list as needed. You can use a quick filter or show all VRFs. The lower part of the pane lists ineligible VRFs, along with the reason each is ineligible.
b. Check the box next to each VRF that you want to associate with the context.
c. Click
Next
.
Step 9 Choose the WN devices that you want to be part of the WNG associated with the context:
a. Choose WNs in the WAAS Nodes device list by clicking the check box next to the device names. You can use the filter settings in the taskbar to filter the device list.
If there are devices that are ineligible to join the cluster, click
Show Ineligible Devices
to see them and the reasons why they are ineligible. You can use the filter settings to filter the list.
b. Click
Next
.
Step 10 Configure the cluster interface settings for each WN device in the context. The Cluster Interface Wizard appears, with one screen for each WN in the context:
a. Configure individual interfaces as needed on the device by using the graphical interface wizard. For details on how to use the wizard, see the “Configuring Interfaces with the Graphical Interface Wizard” section.
b. From the Cluster Interface drop-down list, choose the interface to be used for intra-cluster traffic.
c. Click
Next
. If you are configuring multiple WNs, a similar screen is shown for each device.
Step 11 Click
Finish
to save the context configuration.
Configuring WAAS Node Settings
All WNs in a WAAS appliance cluster must be configured with application-accelerator device mode and appnav-controller interception mode. If you created the cluster with the Central Manager AppNav Wizard, both of these settings are already done. (The wizard sets the interception mode and the device mode would have been set before running the wizard.)
From within the AppNav Cluster, you can configure the following settings for a WN:
-
WNG to which a WN belongs
-
AppNav Controller Interface Module interface settings (including configuring port channel, standby, and bridge group interfaces)
-
Choose the cluster interface used for intra-cluster traffic
To configure WN settings, follow these steps:
Step 1 From the WAAS Central Manager menu, choose
AppNav Clusters >
cluster-name
.
Step 2 Click the
WAAS Nodes
tab below the topology diagram.
All WNs in the cluster are listed, showing the name, location, IP address, interface in use, WNG to which the node belongs, and enabled status.
From this list, you can perform the following tasks:
-
Edit the settings for a WN by choosing the WN and clicking the
Edit
taskbar icon.
-
Delete a WN by choosing the WN and clicking the
Delete
taskbar icon.
-
Add a new WN to the cluster by clicking the
Add WAAS Node
taskbar icon. See the “Adding a New WAAS Node to the Cluster” section.
-
Enable a disabled WN by choosing the node and clicking the
Enable
taskbar icon.
-
Disable a WN by choosing the node and clicking the
Disable
taskbar icon.
Step 3 Click the radio button next to the WN that you want to edit and click the
Edit
taskbar icon.
The WAAS Node pane appears.
Step 4 From the WAAS Node Group drop-down list, choose the WNG to which you want to assign the node.
Step 5 In the graphical interface view, configure interfaces on the device as needed. For details on how to use the wizard, see the “Configuring Interfaces with the Graphical Interface Wizard” section.
Step 6 From the Cluster Interface drop-down list, select the interface to be used for intra-cluster traffic.
Step 7 (Optional) To enable swapping of client and WAAS device source IP address fields in intra-cluster traffic, check the
Enable swapping of source IP address in intra-cluster traffic
check box. (This option is not available for WNs used in an AppNav-XE cluster.)
You may want to enable this option if you are using a port channel for the cluster interface or there is a load balancing device between the ANC and WN. This option may improve the load balancing of traffic that the ANC distributes to WNs for optimization because it load balances based on the client IP address rather than the ANC IP address. (For traffic from the server to the client, it swaps the server IP address with the ANC IP address.) The Central Manager enables this feature automatically if any existing ANCs have port channel cluster interfaces.
Step 8 Click
OK
to save the settings.
Configuring WAAS Node Group Settings
To configure WNG settings, follow these steps:
Step 1 From the WAAS Central Manager menu, choose
AppNav Clusters >
cluster-name
.
Step 2 Click the
WAAS Node Groups
tab below the topology diagram.
All WNGs in the cluster are listed, showing the name, description, and the WNs contained in the group. In an AppNav-XE cluster, the list also shows the WAAS cluster ID.
From this list, you can perform the following tasks:
-
Edit the settings for a WNG by choosing the WNG and clicking the
Edit
taskbar icon.
-
Delete a WNG by choosing the WNG and clicking the
Delete
taskbar icon.
-
Add a new WNG to the cluster by clicking the
Add WAAS Node Group
taskbar icon. See the “Adding a New WAAS Node Group to the Cluster” section.
Step 3 Click the radio button next to the WNG that you want to edit and click the
Edit
taskbar icon.
Step 4 (Optional) In the Description field, enter a description of the WNG, with up to 32 alphanumeric characters on a WAAS appliance cluster. For an AppNav-XE cluster, you can enter up to 241 characters, not including a space.
Step 5 Click
OK
to save the settings.
To associate a newly created WNG with the desired context in an AppNav-XE cluster, you must use it in the AppNav policy rules of the context. For one or more rules, choose the WNG for the Distribute To action of the policy rule.
Configuring AppNav Cluster Settings for a WAAS Node
The WAAS Node Configuration window is available for a WN only if the device mode is configured as appnav-controller and this window is editable only if the WN is running WAAS version 5.2.1 or later and is not part of an AppNav cluster.
To configure AppNav Cluster settings at the WAAS node level, follow these steps:
Step 1 From the WAAS Central Manager menu, choose
Devices >
device-name
.
Step 2 Choose
Configure > AppNav Cluster > AppNav Cluster
.
The WAAS Node Configuration window appears.
Step 3 (Optional) To enable this WN to handle traffic distributed by the ANC, check the
Enable WAAS Node
check box.
Step 4 (Optional) In the Description field, enter the WN description. Use only letters and numbers, up to a maximum of 200 characters.
Step 5 (Optional) In the Authentication Key and Confirm Authentication Key fields, enter an authentication key that is used to authenticate communications between the WN and the ANC. Use only letters and numbers, up to a maximum of 64 characters.
Step 6 (Optional) In the Shutdown Wait Time field, enter the number of seconds that the WN should wait for all connections to terminate before shutting down. The default is 120 seconds.
Step 7 (Optional) To enable automatic discovery of this WN by the ANC, check the
Enable WAAS Node Auto Discovery
check box. (Not used on WNs with WAAS version 5.1 and earlier.)
This setting is intended to allow an AppNav-XE ANC to discover WNs that are to participate in a cluster that is created by the CLI and not configured by the Central Manager.
Step 8 From the WAAS Node Auto Discovery Interface drop-down list, choose the WN interface that is to be used for auto discovery. (Not used on WNs with WAAS version 5.1 and earlier.)
Step 9 Click
Submit
.
To configure AppNav Cluster settings at the cluster level, see the “Configuring AppNav Cluster Settings” section. If you are using an authentication key to authenticate communications, you must configure the cluster and each WN with the same key.
Note Do not use both automatic node discovery and the Central Manager to add a WN to an AppNav-XE cluster. We recommend that you disable automatic node discovery in AppNav-XE and then register the device and add it to the cluster with the Central Manager.
Adding and Removing Devices from the AppNav Cluster
This section includes these topics:
Adding an ANC to a Cluster
To add a new ANC to an AppNav Cluster, follow these steps:
Step 1 Configure basic device and network settings on each new ANC, and ensure that the device mode is set to appnav-controller on a WAAS appliance.
Step 2 From the WAAS Central Manager menu, choose
AppNav Clusters >
cluster-name
.
Step 3 Click the
AppNav Controllers
tab below the topology diagram.
Step 4 Click the
Add AppNav Controller
taskbar icon.
The Add AppNav Controllers pane appears.
Step 5 Choose the ANC devices to add:
a. Select one or more ANCs in the AppNav Controller device list by checking the check boxes next to the device names. You can use the filter settings in the taskbar to filter the device list.
If there are devices that are ineligible to join the cluster, you can click
Show Ineligible Devices
to see them and the reasons why they are ineligible. You can use the filter settings to filter the list.
b. Click
Next
.
Step 6 Configure the interception method, policy, WCCP settings (if using WCCP interception), VRFs, and interfaces for each ANC device you are adding (different screens and options appear for WAAS appliance and AppNav-XE clusters):
a. From the Interception Method drop-down list, choose
WCCP
or
Inline
. (Not used on AppNav-XE clusters.)
b. From the AppNav Policy-Map drop-down list, choose the AppNav policy to apply to the ANC. (Not used on AppNav-XE clusters.)
c. (Optional) If you want to enable optimization on the ANC devices, check the
Enable WAN optimization (Internal WAAS Node)
check box. (Not used on AppNav-XE clusters.)
d. (Optional) If you enabled WAN optimization, from the WAAS Node Group drop-down list, choose the WNG to which the internal WN should belong. (Not used on AppNav-XE clusters.)
e. Click
Next
.
f. (Optional) If you chose WCCP interception, configure the WCCP settings on the WCCP settings pane that appears. For details on WCCP settings, see the “Configuring or Viewing the WCCP Settings on ANCs” section. Remember to check the
Enable WCCP Service
check box to enable WCCP.
g. If you configured WCCP settings, click
Next
.
h. On an AppNav-XE cluster, choose the VRF instances to associate with the service context by checking the box next to each VRF instance that you want to use. If you choose the VRF default, you cannot choose other VRFs. If you choose multiple VRFs, they must not have overlapping source IP addresses. Only VRFs that are available on all ANCs are listed.
Click
Next
.
i. Configure the ANC interception interfaces. On a WAAS appliance cluster, you use the Cluster Interface Wizard graphical interface and on an AppNav-XE cluster you choose from a list of router interfaces. If you chose inline interception on a WAAS appliance, you must configure a bridge group interface. For details on using the wizard, see the “Configuring Interfaces with the Graphical Interface Wizard” section.
j. From the Cluster Interface drop-down list, select the interface to be used for intra-cluster traffic.
k. (Optional) To enable swapping of client and WAAS device source IP address fields in intra-cluster traffic, check the
Enable swapping of source IP address in intra-cluster traffic
check box. (Not available on AppNav-XE clusters.)
You may want to enable this option if you are using a port channel for the cluster interface or there is a load balancing device between the ANC and WN. This option may improve the load balancing of traffic that the ANC distributes to WNs for optimization because it load balances based on the client IP address rather than the ANC IP address. (For traffic from the server to the client, it swaps the server IP address with the ANC IP address.) The Central Manager enables this feature automatically if any existing ANCs have port channel cluster interfaces.
l. Click
Next
to save the settings and continue with the next ANC you are adding. If this is the last ANC being added, click
Finish
.
After a convergence waiting period of up to two minutes, the new ANCs are available in the cluster for traffic interception and distribution. Traffic interception on the new ANCs is prevented until the devices have fully joined the cluster. You can monitor the ANC status as described in the “Monitoring an AppNav Cluster” section.
Removing an ANC from a Cluster
To gracefully remove an ANC from an AppNav Cluster, follow these steps:
Step 1 Disable the traffic interception path on the ANC. For an inline ANC, shut down the in-path interfaces, and for an ANC using WCCP, disable WCCP.
Traffic previously routed to this ANC is rerouted to other ANCs in the cluster.
Step 2 Disable the ANC (not necessary on an AppNav-XE cluster):
a. From the WAAS Central Manager menu, choose
AppNav Clusters >
cluster-name
.
b. Click the
AppNav Controllers
tab below the topology diagram.
c. Click the radio button next to the ANC that you want to disable and then click the
Disable
taskbar icon.
The ANC is disabled and the service unreachable alarm is raised on the other ANCs in the cluster.
Step 3 (Optional) To permanently remove the ANC, click the radio button next to the ANC that you want to remove and then click the
Delete
taskbar icon.
This action removes the ANC from the ANCG on all other ANCs and clears the service unreachable alarm on the other ANCs. If the ANC is configured for WCCP interception, all WCCP settings on the device are removed. If the ANC is also configured as a WN, the WN is removed from the cluster.
Step 4 (Optional) Power down the ANC.
Adding a New WAAS Node to the Cluster
To add a new WAAS node (WN) to a cluster, follow these steps:
Step 1 From the WAAS Central Manager menu, choose
AppNav Clusters >
cluster-name
.
Step 2 Click the
WAAS Nodes
tab below the topology diagram.
Step 3 Click the
Add WAAS Node
taskbar icon.
The Add WAAS Nodes pane appears.
Step 4 Select one or more WNs in the WAAS Nodes device list by checking the check boxes next to the device names. You can use the filter settings in the taskbar to filter the device list.
If there are devices that are ineligible to join the cluster, click
Show Ineligible Devices
to see them and the reasons why they are ineligible. You can use the filter settings to filter the list.
Step 5 Click
Next
.
Step 6 Configure the WNG and interfaces for each WN device you are adding.
a. From the WAAS Node Group
drop-down list, choose the WNG to which you want to add the new WNs. The list shows defined WNGs.
b. Click
Next
.
c. Use the Cluster Interface Wizard graphical interface to configure the WN interfaces. For details on using this wizard, see the “Configuring Interfaces with the Graphical Interface Wizard” section.
d. From the Cluster Interface drop-down list, select the interface to be used for intra-cluster traffic.
e. (Optional) To enable swapping of client and WAAS device source IP address fields in intra-cluster traffic, check the
Enable swapping of source IP address in intra-cluster traffic
check box. (Not available for AppNav-XE clusters.)
You may want to enable this option if you are using a port channel for the cluster interface or there is a load balancing device between the ANC and WN. This option may improve the load balancing of traffic that the ANC distributes to WNs for optimization because it load balances based on the client IP address rather than the ANC IP address. (For traffic from the server to the client, it swaps the server IP address with the ANC IP address.) The Central Manager enables this feature automatically if any existing ANCs have port channel cluster interfaces.
f. Click
Next
to save the settings and continue with the next WN you are adding. If this is the last WN being added, click
Finish
.
Step 7 Configure and enable optimization on the WNs. For details on configuring optimization, see Chapter13, “Configuring Application Acceleration”
After a convergence waiting period of up to two minutes, the new WNs are available on all the ANCs for optimization.
Removing a WAAS Node from a Cluster
To remove a WAAS node (WN) from a cluster, follow these steps:
Step 1 From the WAAS Central Manager menu, choose
AppNav Clusters >
cluster-name
.
Step 2 Click the
WAAS Nodes
tab below the topology diagram.
Step 3 Choose the node and click the
Disable
taskbar icon.
This causes a graceful exit of the WN from the cluster, where the ANCs stop sending new flows to the WN but continue to distribute existing flows to it until the connection count reaches zero or the maximum shutdown wait time expires.
Note The default shutdown wait time is 120 seconds. You can configure it from the Shutdown Wait Time field in the AppNav Cluster tab.
Step 4 (Optional) When the graceful exit process on the WN is complete (all existing connections have terminated), remove the WN from the WNG on the ANCs by choosing the node and clicking the
Delete
taskbar icon.
You can monitor the node status in the topology diagram in the upper part of the window. The colored status light indicator on the device turns gray when the node is no longer processing connections.
Step 5 (Optional) Power down the WN.
Adding a New WAAS Node Group to the Cluster
To add a new WNG to a cluster, follow these steps:
Step 1 From the WAAS Central Manager menu, choose
AppNav Clusters >
cluster-name
.
Step 2 Click the
WAAS Node Groups
tab below the topology diagram.
Step 3 Click the
Add WAAS Node Group
taskbar icon.
The Add WAAS Node Group pane appears.
Step 4 In the Name field, enter the name of the WNG, with up to 32 alphanumeric characters on a WAAS appliance cluster. For an AppNav-XE cluster, you can enter up to 64 characters, not including a space..
Step 5 (Optional) In the Description field, enter a description of the WNG, with up to 200 alphanumeric characters, including ' | \ ; ` on a WAAS appliance cluster. For an AppNav-XE cluster, you can enter up to 241 characters, not including a space.
Step 6 Click
OK
to save the settings.
Step 7 Add one or more WNs to the new WNG. To add a new WN, see the “Adding a New WAAS Node to the Cluster” section, or to reassign an existing WN to the new WNG, see the “Configuring WAAS Node Settings” section.
After a convergence waiting period of up to two minutes, the new WNG is available on all the ANCs for optimization.
Removing a WAAS Node Group from a Cluster
To remove a WAAS node group (WNG) from a cluster, follow these steps:
Step 1 From the WAAS Central Manager menu, choose
AppNav Clusters >
cluster-name
.
Step 2 Click the
WAAS Nodes
tab below the topology diagram.
Step 3 For each WN in the WNG, click the radio button next to the node name and click the
Disable
taskbar icon. This causes a graceful exit of each WN from the cluster.
Step 4 After all WNs have completed a graceful exit from the cluster, click the
WAAS Node Groups
tab.
You can monitor the node status in the topology diagram in the upper part of the window. The colored status light indicator on a device turns gray when the node is no longer processing connections.
Step 5 (Optional) Choose the WNG you want to remove and click the
Delete
taskbar icon.