[squid-users] Squid with ASR9001
Yuri Voinov
yvoinov at gmail.com
Mon Oct 24 19:01:25 UTC 2016
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Well, if we're talking about squid-based appliances.....
http://wiki.squid-cache.org/ConfigExamples/Intercept/CiscoIOSv15Wccp2
In this article descrived approx. half-year experimental experience with
various LAN topologies, and Cisco devices.
More common:
http://www.cisco.com/c/en/us/td/docs/ios/12_2/configfun/configuration/guide/ffun_c/fcf018.html
https://supportforums.cisco.com/document/143961/understanding-wccp-redirection-and-assignment-methods-waas
Cisco has not best-in-the-world documentation, yes, but everything
depends on an understanding of network protocols and basic architecture.
25.10.2016 0:44, Eliezer Croitoru пишет:
> Well I do agree on most of the things but it seems that CPU is missing in
> some devices and there for a simpler protocol is better but…. CPU…
Yessssss. Router has CPU. :) Not only ASIC. :) PBR is problem, because
of EVERY policy/ACL match handles on CPU.
This brings us to the other side - the rules / policies must be
carefully optimized - that too few people do, until the router does not
choke on CPU overload.
> Admins in many cases do not use their own to understand the complexity but
> from what I do see in the jobs market employers expect the unexpected.
Admins, in most cases, understand nothing and do not bother trying to
grasp and understand more deeply than in the first three-five seconds. ;)
About the present, of course, do not tell. :)
> Or if to be more accurate: They expect a mage which knows and understand
> every single protocol language and piece of hardware.
>
> Can you gather me what ever documentation on the WCCP protocol?
> I want to see how simple it would be to implement the same concepts
with an
> HTTP\tcp interface.
There's really just all. The main thing to understand how the network
works on L2 and L3 in OSI. And a bit network hardware knowledge.
>
> Eliezer
>
> ----
> Eliezer Croitoru <http://ngtech.co.il/lmgtfy/>
> Linux System Administrator
> Mobile: +972-5-28704261
> Email: eliezer at ngtech.co.il
>
>
> From: Yuri Voinov [mailto:yvoinov at gmail.com]
> Sent: Monday, October 24, 2016 21:07
> To: Eliezer Croitoru <eliezer at ngtech.co.il>; 'Garth van Sittert | BitCo'
> <garth at bitco.co.za>; squid-users at lists.squid-cache.org
> Subject: Re: [squid-users] Squid with ASR9001
>
>
> No.
>
> 24.10.2016 23:40, Eliezer Croitoru пишет:
> > And why would you want this
> exactly?
>
> > The most simple thing is to use routing policy and to monitor
> the proxy in
>
> > a much higher level then WCCP.
> Based on my personal experience with WCCP (over 6 years). PBR is VERY
> router's CPU consumpted.
> WCCP - is not (L2, not GRE. GRE performs on CPU, L2 on control-plane and
> hardware-accelerated).
>
> However, using edge router for WCCP is not so good idea by another reason.
> It breaks good network architecture in most cases. I'm not CCA, but
ever for
> me it's obvious.
>
> So, underlying aggregations switches is more appropriate target for WCCP,
> because of they can be uses L2 WCCP - which is extremely fast.
>
> > For example fetch a web page or
> a statistics page every 10 seconds.
>
> > It’s considered pretty right in the industry.
>
> > For routers it’s a whole another story but for a rock solid
> system I do not
>
> > believe WCCP is a must.
> Depending of router. Branch router must have. Just take a look on whole
> Cisco's router's range. Just for interest.
>
> > Any juniper and Cisco + others
> these days do not rely on WCCP since it’s
>
> > considered a hassle to maintain.
> Cats delicious. You just do not know how to cook them :)
>
> WCCP is a very simple protocol. While there may be poorly documented.
There
> is another problem - very few people well versed in networking
technologies,
> few details delves into what makes. The vast majority simply copy-paste
> configs without a single thought in his head, not bothering to understand.
>
> What is there to maintain? Just configure it once and sit on the ass
> straight.
>
>
> > Eliezer
>
>
>
> > ----
>
> > Eliezer Croitoru <http://ngtech.co.il/lmgtfy/>
> <http://ngtech.co.il/lmgtfy/>
>
> > Linux System Administrator
>
> > Mobile: +972-5-28704261
>
> > Email: eliezer at ngtech.co.il <mailto:eliezer at ngtech.co.il>
>
>
>
>
>
> > From: squid-users
> [mailto:squid-users-bounces at lists.squid-cache.org] On
>
> > Behalf Of Yuri
>
> > Sent: Monday, October 24, 2016 14:06
>
> > To: Garth van Sittert | BitCo <garth at bitco.co.za>
> <mailto:garth at bitco.co.za> ;
>
> > squid-users at lists.squid-cache.org
> <mailto:squid-users at lists.squid-cache.org>
>
> > Subject: Re: [squid-users] Squid with ASR9001
>
>
>
> > Ha, it seems ASR9000 really does not support WCCP exactly.
> You right.
>
>
>
> > WCCP supported on Nexus, on ASR1000... So, your router only
> can use PBR or
>
> > analoquie.
>
>
>
> > The only idea is to buy 3750 as aggregation switch, config
> WCCP on it and
>
> > connect to your ASR by fiber trunk.
>
> > 24.10.2016 16:30, Garth van Sittert | BitCo пишет:
>
>
>
> > By Cisco employee - “Correct, there is no WCCP and no plans
> for it
>
> > either... :(”
>
>
> https://supportforums.cisco.com/discussion/12227051/ios-xr-and-wccp
>
>
>
> > WCCP supported platforms –
>
>
>
>
>
https://supportforums.cisco.com/document/133201/wccp-platform-support-overv
> i
>
> > ew
>
>
>
> > Our ASR9001 has no commands that support wccp anywhere…
>
>
>
>
>
>
>
>
>
>
>
> > Garth van Sittert | Chief Executive Officer
>
> > (BSC Physics & Computer Science)
>
> > Tel: 087 135 0000 Ext: 201
>
> > garth at bitco.co.za <mailto:garth at bitco.co.za>
> <mailto:garth at bitco.co.za> <mailto:garth at bitco.co.za>
>
> > bitco.co.za <http://www.bitco.co.za/> <http://www.bitco.co.za/>
>
>
>
>
> > From: Yuri [mailto:yvoinov at gmail.com]
>
> > Sent: Monday, 24 October 2016 12:12 PM
>
> > To: Garth van Sittert | BitCo <garth at bitco.co.za>
> <mailto:garth at bitco.co.za>
>
> > <mailto:garth at bitco.co.za> <mailto:garth at bitco.co.za> ;
> squid-users at lists.squid-cache.org
> <mailto:squid-users at lists.squid-cache.org>
>
> > <mailto:squid-users at lists.squid-cache.org>
> <mailto:squid-users at lists.squid-cache.org>
>
> > Subject: Re: [squid-users] Squid with ASR9001
>
>
>
>
>
>
>
> > 24.10.2016 13:16, Garth van Sittert | BitCo пишет:
>
> > Yes, it looks like all of the ASR9000 range which makes use
> of IOS XR no
>
> > longer supports WCCP.
>
> > Please, provide prooflink from Cisco.
>
>
>
>
>
>
>
> > Policy Based Routing has been replaced by ACL Based
> Forwarding or ABF.
>
> > So? This is therminology difference, if any.
>
>
>
>
>
>
>
>
>
>
>
>
>
> > From: squid-users
> [mailto:squid-users-bounces at lists.squid-cache.org] On
>
> > Behalf Of Yuri Voinov
>
> > Sent: Sunday, 23 October 2016 9:35 PM
>
> > To: squid-users at lists.squid-cache.org
> <mailto:squid-users at lists.squid-cache.org>
>
> > <mailto:squid-users at lists.squid-cache.org>
> <mailto:squid-users at lists.squid-cache.org>
>
> > Subject: Re: [squid-users] Squid with ASR9001
>
>
>
>
>
>
>
>
>
> > 23.10.2016 23:16, Garth van Sittert | BitCo пишет:
>
>
>
>
>
>
>
>
>
> > > Good day all
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> > > Has anyone had any experience setting up Squid
> with any IOS
>
> > XR Cisco routers? The Cisco ASR9000 range doesn’t
> support WCCP
>
> > and I cannot find any examples online.
>
>
>
>
>
>
>
>
>
> > Seriously, the entire range?
>
>
>
> > Who said that it does not support WCCP? It is obligation to
> support, if
>
> > only because it is not a home dish soap. That's when Cisco
> write the
>
> > documentation that does not support - and then we cry.
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> > > I have also found quotes regarding PBR on the
> ASR9000… “With
>
> > IOS XR traditional policy-based routing (PBR) is
> history”
>
>
>
>
>
>
>
>
>
> > It's crazy city a forum talking about? PBR - is a fundamental
> functionality
>
> > for the router. Especially for the router at this level. I
> somehow difficult
>
> > to imagine a company that completely cuts down the business
> by releasing
>
> > incompatible with what device. This is only possible in the
> OpenSource. But
>
> > not in huge IT-business company. AFAIK.
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> > > I plan to use this on our 10Gbps ISP traffic to
> improve
>
> > customer experience…
>
>
>
>
>
>
>
>
>
> > There is no examples because the solutions of such a level
> rarely use
>
> > Squid. Personally, I do not have a machine to play and write
> an example to
>
> > Squid's wiki. As you know, Christmas is not the wife of a
> router is present
>
> > as trinkets.
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> > > Garth
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> > > BitCo Email Footer
>
>
>
<https://www.google.co.za/maps/place/Wedgewood+Office+Park/@-26.04982,28.01
>
>
>
96914,17z/data=!3m1!4b1!4m5!3m4!1s0x142989bce6c63b3:0xc0b44878907297f4!8m2!
> 3
>
> > d-26.04982!4d28.0218801>
>
>
>
<https://www.google.co.za/maps/place/Wedgewood+Office+Park/@-26.04982,28.01
> 9
>
>
>
6914,17z/data=%213m1%214b1%214m5%213m4%211s0x142989bce6c63b3:0xc0b448789072
> 9
>
> > 7f4%218m2%213d-26.04982%214d28.0218801>
>
>
>
>
>
>
>
> > > The information contained in this message is
> intended solely
>
> > for the individual to whom it is specifically and
> originally
>
> > addressed. This message and its contents may contain
> confidential
>
> > or privileged information from BitCo. If you are not
> the intended
>
> > recipient, you are hereby notified that any disclosure
> or
>
> > distribution, is strictly prohibited. If you receive
> this email in
>
> > error, please notify BitCo immediately and delete it.
> BitCo does
>
> > not accept any liability or responsibility if action is
> taken in
>
> > reliance on the contents of this information.
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> > > _______________________________________________
>
>
>
>
>
>
>
> > > squid-users mailing list
>
>
>
>
>
>
>
> > > squid-users at lists.squid-cache.org
> <mailto:squid-users at lists.squid-cache.org>
>
> > <mailto:squid-users at lists.squid-cache.org>
> <mailto:squid-users at lists.squid-cache.org>
>
>
>
>
>
>
>
> > > http://lists.squid-cache.org/listinfo/squid-users
>
>
>
>
>
>
>
<https://www.google.co.za/maps/place/Wedgewood+Office+Park/@-26.04982,28.01
> 9
>
>
>
6914,17z/data=%213m1%214b1%214m5%213m4%211s0x142989bce6c63b3:0xc0b448789072
> 9
>
> > 7f4%218m2%213d-26.04982%214d28.0218801>
>
> > The information contained in this message is intended solely
> for the
>
> > individual to whom it is specifically and originally
> addressed. This message
>
> > and its contents may contain confidential or privileged
> information from
>
> > BitCo. If you are not the intended recipient, you are hereby
> notified that
>
> > any disclosure or distribution, is strictly prohibited. If
> you receive this
>
> > email in error, please notify BitCo immediately and delete
> it. BitCo does
>
> > not accept any liability or responsibility if action is taken
> in reliance on
>
> > the contents of this information.
>
>
>
>
>
>
>
<https://www.google.co.za/maps/place/Wedgewood+Office+Park/@-26.04982,28.01
> 9
>
>
>
6914,17z/data=%213m1%214b1%214m5%213m4%211s0x142989bce6c63b3:0xc0b448789072
> 9
>
> > 7f4%218m2%213d-26.04982%214d28.0218801>
>
> > The information contained in this message is intended solely
> for the
>
> > individual to whom it is specifically and originally
> addressed. This message
>
> > and its contents may contain confidential or privileged
> information from
>
> > BitCo. If you are not the intended recipient, you are hereby
> notified that
>
> > any disclosure or distribution, is strictly prohibited. If
> you receive this
>
> > email in error, please notify BitCo immediately and delete
> it. BitCo does
>
> > not accept any liability or responsibility if action is taken
> in reliance on
>
> > the contents of this information.
>
>
>
- --
Cats - delicious. You just do not know how to cook them.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQEcBAEBCAAGBQJYDlqFAAoJENNXIZxhPexGTskIAIhaOEvGtlNhdCZCuU9zcbvI
HZmPXZ+s2Wqnh8ui2ptkMrhilLaS8S+1paFOpMqxk5CcweSnJKXiaBNAGyaD6fAg
IB6DuaMwp5bCUZvUcSkXoHtiGaiQifbo5E/ueSpZ6xe2zhfkAFH4OkFeZ23nY3kV
QHd1I557zB0MlVr7f5Oqm9csN7TQKFn5oqDmLxtTKyrNUusGBNjRLxSSMY5VEmQ4
+z8D5fbMfm7M5vY0oDQqa8rEUjYuMFDFAVDOZoSgIPTk79eTi+3hD/BCuJrrLNUX
FlHcshMno22xceddOlBigfMQO/V2v1Zrj2ZPCKKpC1I4XwKvyFkG3qkqzXeOiPQ=
=gCZT
-----END PGP SIGNATURE-----
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20161025/ee3034da/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0x613DEC46.asc
Type: application/pgp-keys
Size: 2437 bytes
Desc: not available
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20161025/ee3034da/attachment-0001.key>
More information about the squid-users
mailing list