WCCP Restrictions on Catalyst 4500

Ran into an issue today with a customer trying to configure WCCP on a couple Cisco Catalyst 4500’s.

As per other switches in their environment, they had Catalyst 3750’s running WCCP as well. The 3750’s were filtering incoming client traffic using the Redirect-List ACL feature, to filter what traffic was being sent off to the caching servers.
However, when trying to do the same thing on a few 4500’s, they ran into this:

C4506(config)#ip wccp 0 ?
accelerated Enable hardware acceleration
group-address Set the multicast group
group-list Set the access-list used to permit group membership
password Authentication password (key)

This was across two seperate 4500 chassis, one running 12.2(58) and the other running 15.0(2). It stumped me for a second, as you would think the 4500 switches would be a little more feature-rich than the 3750’s.

Cisco documentation came through though, and in both release notes I found this under “Limitations and Restrictions” (duh):

For Supervisor Engines II+Plus through V-10GE

• For WCCP version 2, the following are not supported:

–GRE encapsulation forwarding method
–Hash bucket based assignment method
–Redirection on an egress interface (redirection out)
Redirect-list ACL

Catalyst 4500 Series Switch 15.0(2)SG Release Notes

These were on Supervisor IV’s so that explains the limitations. Unfortunately, you can’t be granular with your WCCP filtering, which requires the newer Supervisor 6-E’s at minimum.

On an unrelated note, I’ve been racking my brain trying to visualize and materialize (à la Dynamips) what an ISP backbone looks like from a logical perspective. By that, I mean how does an ISP look like in regards to its addressing scheme and the protocols it uses end-to-end. BGP? Yes, obviously. MPLS? Yes, but I don’t know enough to implement it yet. An IGP in the core? EBGP or IBGP to CPE routers? What about connecting to upstream providers like AT&T and L3? Where do Internet Exchanges come into play?

I realize there’s still gaps that need to be filled, most likely with experience. I’m still feeling like an empty cup when it comes to the network world so I hope that is filled (fuller? I doubt there’s such as thing as “full” of all that you need to know) in the coming years.

I’ll be posting my current mock ISP lab shortly with some Brocade-to-Cisco interoperability with BGP. Those who know SP, please let me know what you think.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: