Cisco Cisco Web Security Appliance S670 Betriebsanweisung
25-19
Cisco IronPort AsyncOS 7.0 for Web User Guide
OL-23079-01
Chapter 25 Configuring Network Settings
Configuring Transparent Redirection
•
Mask. This method relies on masking to make redirection decisions. WCCP
routers make decisions using hardware in the router. This method can be very
efficient because the hardware redirects the packets. You might want to
choose mask to reduce CPU cycles on the router which can increase router
performance. You can only use mask with WCCP routers that support mask
assignment.
routers make decisions using hardware in the router. This method can be very
efficient because the hardware redirects the packets. You might want to
choose mask to reduce CPU cycles on the router which can increase router
performance. You can only use mask with WCCP routers that support mask
assignment.
Note
AsyncOS chooses the mask value to use with the router. You cannot
configure the mask value.
configure the mask value.
•
Hash. This method relies on a hash function to make redirection decisions.
You might want to use Hash when the WCCP router does not support
masking.
You might want to use Hash when the WCCP router does not support
masking.
You can also configure a WCCP service to allow either mask or hash load
balancing. When a WCCP service allows both mask and hash, AsyncOS
communicates with the router to determine whether or not the router supports
mask. If the router supports mask, then AsyncOS uses masking in the service
group, if the router does not support mask, then AsyncOS uses hashing in the
service group.
balancing. When a WCCP service allows both mask and hash, AsyncOS
communicates with the router to determine whether or not the router supports
mask. If the router supports mask, then AsyncOS uses masking in the service
group, if the router does not support mask, then AsyncOS uses hashing in the
service group.
Working with the Forwarding and Return Method
WCCP defines the forwarding method as the method by which redirected packets
are transported from the router to the web proxy. Conversely, the return method
redirects packets from the web proxy to the router.
are transported from the router to the web proxy. Conversely, the return method
redirects packets from the web proxy to the router.
You configure the forwarding and return methods for a WCCP service in the
Forwarding Method and Return Method fields under the Advanced section when
you create or edit a WCCP service.
Forwarding Method and Return Method fields under the Advanced section when
you create or edit a WCCP service.
You can configure WCCP services to use either of the following methods:
•
Layer 2 (L2). This method redirects traffic at layer 2 by replacing the
packet’s destination MAC address with the MAC address of the target web
proxy. This method requires that the target web proxy be directly connected
to the router at layer 2. WCCP routers only allow L2 negotiation when the
appliance is directly connected to the router at layer 2. The L2 method
redirects traffic at the router hardware level, and typically has better
performance than Generic Routing Encapsulation (GRE). You might want to
packet’s destination MAC address with the MAC address of the target web
proxy. This method requires that the target web proxy be directly connected
to the router at layer 2. WCCP routers only allow L2 negotiation when the
appliance is directly connected to the router at layer 2. The L2 method
redirects traffic at the router hardware level, and typically has better
performance than Generic Routing Encapsulation (GRE). You might want to