Post on 25-Mar-2018
Application Optimization
Anthony Lockhart, WAAS Product Manager
BRKRST-2514
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco Spark
Questions? Use Cisco Spark to chat with the speaker after the session
1. Find this session in the Cisco Live Mobile App
2. Click “Join the Discussion”
3. Install Spark or go directly to the space
4. Enter messages/questions in the space
How
cs.co/ciscolivebot#BRKRST-2514Cisco Spark spaces will be available until July 3, 2017.
• How is the WAN Changing
• Application Optimization
• How WAAS Works
• Leveraging Akamai Connect
• Deploying Application Optimization
• Central Manager Overview
• Interception Overview
• Branch Deployment
• Data Center Deployment
Agenda
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Which of the following impacts user experience?
WAAS Quiz
Packet lossBandwidth Latency
All of the above
BRKRST-2514 5
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Which top SaaS app customer inquire about?
WAAS Quiz
BRKRST-2514 6
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
In which of the following public cloud, Cisco WAAS is available?
WAAS Quiz
BRKRST-2514 7
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Which of the following HW platforms supports WAAS?
WAAS Quiz
ENCS
UCS-C
ISR4000
UCS-E
All of the above
BRKRST-2514 8
How is the WAN Changing
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Why are enterprises thinking about SD-WAN?
Have either 2 or 3 WAN
connections/branch
70%
of Apps accessed via
Internet
50%
Cite poor application
performance and latency as
corporate WAN concern
48.6%
Cite management of
connectivity at branch as a
challenge
32.4%
Source: IDC Worldwide SD-WAN Survey Special Report (May 2016) BRKRST-2514 10
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
IT Priorities Focused on Business Outcomes
BRKRST-2514 11
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Application Performance Impacts Business Productivity
REVENUE LOSS
Source: Walmart Source: Akamai
EMPLOYEE PRODUCTIVITY
Conversion Rate Abandonment Rate
Abandonm
ent
Rate
(%
)
>150-1 3-4 7-8 11-12
Page Load Time (sec)
Population % Conversion Rate
Page Load Time (sec)
iPhone
Employee Experience
Source: Aberdeen Group
Decreased employee satisfaction
58%
Lost Revenue opportunity
50%
Decreased responsiveness to needs
47%
Damage to brand reputation
32%
Decreased effectiveness of IT staff
31%
Slower Pages Low Conversion RateEmployee
Experience
BRKRST-2514 12
Application Optimization (WAAS)
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Building Blocks of WAAS
Bandwidth
Object
Cache
Latency Application Behavior
DRE LZTCP Flow
OptimizationAO AO AO
BRKRST-2514 14
Leveraging Akamai Connect
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Transport
Independent
DMVPN/IPSec Performance Routing (PfR)
Intelligent
Path Control
Application Visibility and Control (AVC)
Akamai Connect
WAAS
Application
Optimization
IOS Firewall/IPS
Cloud Web Security
Secure
Connectivity
Akamai Connect Part of Cisco Intelligent WANCisco Intelligent WAN
AKAMAI Connect
Transparent
CacheDynamic URL Cache
Akamai
Connected Cache
Content
Pre-positioning
CISCO WAAS
LZ Compression
TCP Optimization
Data De-duplication
Application Specific Acceleration
BRKRST-2514 16
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Akamai HTTP/S Object Caching Technology & Intelligence Integrated Into Cisco ISR-AX Routers & WAVE Appliances
Akamai Connect accelerates HTTP/HTTPS applications, video and content
in the branch, while maximizing existing enterprise network bandwidth
Branch
End-UserAkamai Connect
integrated into
Cisco ISR-AX
routers
ISR-AX+AC INTERNET
Akamai Intelligent Platform
Data Center
WAAS
WAN
BRKRST-2514 17
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
WAAS and Akamai Connect Integration
BRKRST-2514 18
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Challenges
• Delivering corporate live video over the enterprise network - serving 70K+ end users across 250 branches globally
• End-users in South America and Asia suffer from WAN congestion and video quality issues with frequent re-buffering and slow load times
Benefits
• Cisco IWAN with Akamai Connect caches live and on-demand HTTP video fragments
• Resulted in significant WAN offload while improving video quality & end-user experiences
• Reduced IT tickets related to corporate video webcast quality/performance issues
Use Case - Accelerate Live Video and Offload the WAN
WAN/Internet
Private/Public Cloud
Branch
ISR-AX+AC
Private/Public Cloud
Branch
RouterWAN/Internet
Without Cisco IWAN with Akamai Connect
With Cisco IWAN with Akamai Connect
BRKRST-2514 19
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 20BRKRST-2514
Software Updates Are Overwhelming The Enterprise Network
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Updating 3 iPads resulted in
2.67GB of WAN offload
Software updates keep growing and consuming more enterprise network bandwidth
iOS 7 Update = ~700MB; iOS 8 Update = ~ 1.1GB
Windows 10 update = ~2.7GB
Akamai Connect can help by caching iOS, OSX, and Windows Updates updates locally
Improving performance
Offloading the enterprise network
Akamai Connect Use Case – Software Downloads
0
50
100
150
200
250
300
350
400
450
WAN response(MB)
LAN response(MB)
Content requested from
download.windowsupdate.com
Microsoft software
updates delivered from
the router in the branch
BRKRST-2514 21
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Object Versus Byte Caching – 1st Pass
Byte caching
End-user
Data Center
WAAS
Branch
WAAS
Object 1 Object 1
Data transferred over link
WAN
Symmetric deployment over WAN/MPLS
Functions at TCP layer
WAN / Internet
Object caching
End-user
Data Center
WAAS
Branch
WAAS+AC
Object 1 Object 1Data transferred
over link
Both symmetric & asymmetric deployment over WAN/MPLS & Internet
Functions at HTTP layer
BRKRST-2514 22
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Object Versus Byte Caching – 2nd Pass
Byte caching
End-user
Data Center
WAAS
Branch
WAAS
Object 1 Object 1Data transferred over link
WAN
Symmetric deployment over WAN/MPLS
Functions at TCP layer
WAN / Internet
Object caching
End-user
Data Center
WAAS
Branch
WAAS+AC
Object 1
No data transferred over link
Both symmetric & asymmetric deployment over WAN/MPLS & Internet
Functions at HTTP layer
BRKRST-2514 23
Cisco WAAS Form Factors
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Router Integrated Virtual AppliancePhysical Appliance
WAAS Form Factors
BRKRST-2514 25
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco Application Optimization Form Factors
Cisco
WAAS
WAAS Appliance Application acceleration
Scalable platforms for range of
deployments
200 – 150,000 optimized flows
ISR-WAAS on ISR4K Zero footprint integration on ISR 4000
Identical features and management as other WAAS options
Simple installation has you up and running in 7 minutes
Seamlessly add capacity with AppNav
Included in Cisco One Foundation and AX
Virtual WAAS on UCS-E
Ideal for hosting on UCS-E on ISR 4K
with other apps
Flexible hardware options for WAAS & other apps
Software on-demand provisioning
No forklift upgrade
Included with Cisco and AX on ISR4K router
Virtual WAAS in the cloud For public Cloud and SaaS acceleration
200 Connection to 12K Connections
Hourly or BYOL
Solution template for ease of deployment
WAAS NFV on ENCS Scale as you grow
WAAS 200 Conn-12K conn
Interop/Service Chaining with other NFVs
Included in WAN Foundation
BRKRST-2514 26
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Appliance FamilyP
erf
orm
an
ce
Scalability
WAVE-294
WAVE-594
WAVE-694
WAVE-7541
WAVE-7571
WAVE-8541
2 Gbps
1 Gbps
500 Mbps
200 Mbps
100 Mbps
20Mbps
400
1,300
6,000
60,000
18,000
150,000
BRKRST-2514 27
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
• Hypervisors supported: Microsoft HyperV, VMWare ESXI, and KVM
(RHEL and CentOS), NFVIS
vWAAS FamilyP
erf
orm
an
ce
Scalability
vWAAS 750
vWAAS 6000
vWAAS 12000
vWAAS 150
vWAAS 50000
vWAAS 1300
vWAAS 2500
vWAAS 200
BRKRST-2514 28
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Router Integrated OptionsUCS-E
ISR-WAAS
ISR-4xxx Series
BRKRST-2514 29
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
ISR-WAAS on ISR4K
Delivering a High Quality Experience Across All Branches
ISR 4321ISR-WAAS 200
ISR 4331ISR-WAAS 750
ISR 4351 ISR-WAAS 750
ISR 4431 ISR-WAAS 1300
ISR 4451-X ISR-WAAS 2500
ISR-WAAS is virtualized WAAS running
within a VM container on ISR-4K
BRKRST-2514 30
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Branch IT Device & Maintenance Consolidation
ServerAppl AccelADSL ServiceMPLS + VoicePoE Switch • MPLS + DIA
• App Server• App Acceleration• Voice GW• PoE Switch• Security
- Lower Maintenance –One Support Contract
- Less Space, Less Power, Less Noise
• 5 Power Sockets
• 5 Support Contracts
BRKRST-2514 31
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco WAAS & Akamai Connect Deployment Models
Data Center or
Private CloudWAAS
Appliances
VMware ESXi
vWAAS
Appliances
Server VMs
Branch OfficeISR-WAAS
on ISR 4000
WAN
Internet
vWAASServer
VMs
VMware ESXi Server
Nexus 1000v
UCS /x86 Server/CSP 2100
FC SAN
Virtual Private Cloud
Branch OfficeWAAS
Appliance
Branch Office
WAAS
Appliance
Branch Office
WAAS
Service
Module/ UCSe
CSR1000v +
AppNav-XE
ASR1K +
AppNav-XE
BRKRST-2514 32
Sizing
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Factors Influencing Application Optimization Design
Business drivers
a) New application role out (video, SaaS apps, digital signage, etc.)?
b) WAN Bandwidth upgrade avoidance?
c) Solve existing application performance challenge?
d) BYOD / VDI initiative?
Network Considerations
a) Number of locations and WAN Bandwidth and Latency
b) Hub and spoke or full/ partial mesh topology from an application access perspective?
c) Direct Internet Access?
d) Existing network devices and software versions (e.g. routers, switches, etc.)
e) HA requirements
BRKRST-2514 34
Deploying Application Optimization
The WAAS Central Manager (CM)
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Comprehensive Management
Central Configuration
Device Grouping
Monitoring & Alerts
Easy-to-use Interface
Graphical U/I, Wizards
IOS CLI
Roles-based admin
Proven Scalability
Up to 2,000 nodes
Redundancy and recovery
Centralized Management
BRKRST-2514 37
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
• Available for ESXi, Hyper-V or RHEL KVM
WAAS VIRTUAL CM FamilyP
erf
orm
an
ce
Scalability
vCM 1000
vCM 100
vCM 2000
vCM 500
BRKRST-2514 38
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Appliance CM FamilyP
erf
orm
an
ce
Scalability
WAVE-294
WAVE-594
WAVE-694
2000 Nodes
1000 Nodes
250 Nodes
BRKRST-2514 39
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Manage All Devices from a Centralized Location
BRKRST-2514 40
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Device Dashboard
BRKRST-2514 41
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Real Time Statistics
BRKRST-2514 42
Interception Methods
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
WAN
Branch office1Branch Office2
Branch Office3
WAE1
WAE2
WAE3
Mask based flow distribution• Source/Destination IP and port• Calculated Mask
Mask Value Result
00:00:03:00 00:00:00:00 WAE-1
00:00:03:00 00:00:01:00 WAE-2
00:00:03:00 00:00:02:00 WAE-3
Redirect ACL
Several Hundred ACL Entries
TCA
M E
ntr
ies
CP
U u
tiliz
atio
n
• Traditional In-Line has limited scale • Heavy administration for redirect ACLs
• TCAM memory and high CPU utilization
WAN
Pre-AppNav Deployment Challenges
Traditional WCCP:
BRKRST-2514 44
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Data Center
AppNav Solution
Data Center
AppNav
Interception
Load
Dis
trib
ution
Optimization
Redirection
Asymmetric Traffic and H.A.
AppNav-XE
BRKRST-2514 45
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
AppNav policyFlow distribution policy (AppNav -> WAAS)• AppNav Classmap traffic classification
• Per peer OR 3 tuple SRC/DST IP and DST port• Mix one peer + SRC/DST IP and DST port
• AppNav Policy• Primary (& backup WNGs)• Monitoring of Aos• Nested policy
Optimization policyOptimization/accelration associated with given traffic (WAAS)• Optimization Classmap identifying traffic• Optimization/acceleration tied to the traffic
• TFO• LZ• DRE (Uni, Bi, Adaptive)• AO
AppNavpolicy
WN1 WN2 WN3
Unclassifiedtraffic
WN4 WN5
WN6 WN7 WN8
SN9
Pass-through
AppNav Controller
Optimizationpolicy
Unoptimizedtraffic
Unoptimized
HTTP AO
HTTPS AO
CIFS AO
MAPI AO
WAAS
Where do I send the Packets What do I do with the Packets
AppNav and WAAS Policy Engine
BRKRST-2514 46
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
TFO and AO Load-Based Optimization Data Center
WAAS1
WAAS2
CiscoAppNav
WAN
Branch Office
OverloadFeedback
• AO Not running (not configured, not licensed or disabled)
AO running but no new connections accepted due to:
• Its connection/resource thresholds exceeded
• It is losing keepalives with policy engine (may be overloaded)
• Overall device connection/resource thresholds exceeded
• DRE processing latency is above threshold
If AO is not monitored, load
refers to the maximum TFO-
optimized connection limit of
the WN
BRKRST-2514 47
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
AppNav Affinity Features
• AppNav’s powerful policy engine allows for easy separation of branch traffic
• No knowledge of IP addresses or ACLs requiredBr1_WAAS
Br2_WAAS
Br3_WAAS
Branch1 Traffic
Branch2 Traffic
Branch3 Traffic
DataCenter
Cisco AppNav
Branch Office_1
Branch Office_3
Branch Office_2
WAN
Other Cluster
SSL Cluster
HTTP Cluster Cisco
AppNav
Branch Office
Branch Office
Branch Office
WAN
HTTP Traffic
SSL Traffic
Other Traffic
• Split traffic into separate application clusters
• Allows WAAS to easily adapt to application traffic increases and changes.
BRKRST-2514 48
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
WAN
WAAS_1
WAAS_2
Data Center
WAAS_3
Branch Office
Cisco WAAS device down
WAN
Branch Office
Cisco WAAS device up
WAAS_1
WAAS_2
Data Center
WAAS_3
WAAS Node High Availability
BRKRST-2514 49
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
AppNav Form Factors
Both part of WAAS no explicit license needed
AppNav IOM
AppNav Appliance
AppNav-XE on CSR, part of AX
AppNav-XE on ISR 4xxx, part of AX
AppNav-XE on ASR 1K, part of AES or AIS
BRKRST-2514 50
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
AppNav-XE (AppNav on IOS-XE)
Software Based
Intercepts network traffic as a feature on an interface
Supports VRF
Up to 32 Service Contexts
Can interoperate with many features
No extra external equipment and cabling
AppNav appliance (Hardware Module)
Hardware based
Intercepts network traffic inline or via WCCP
Does not support VRF
Single Service Context
AppNav-XE vs AppNav Appliance
BRKRST-2514 51
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Key Benefits of AppNav-XE
• No extra external equipment and cabling
• No other interception protocol needed such as WCCP or PBR
• VRF Aware
WCCP/PBR
BRKRST-2514 52
Deploying Application Optimization -Branch
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Configuring a Single AppNav-XE on ISR-4K
54TECCRS-2004
Step 2: Configure the AppNav Controller Group (IP address of the ANC)
service-insertion service-node-group sng1
service-node 2.43.182.34
Step 3: Configure the Service Node Group (IP address of the SN)
service-insertion appnav-controller-group ancg
appnav-controller 2.43.183.133
Step 1: Choose an interface (or create an interface) for the AppNav-XE
interface Loopback0
ip address 2.43.183.133 255.255.255.255
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Configuring a Single AppNav-XE on ISR-4K
55TECCRS-2004
Step 5: Configure the AppNav Class Map(s)
policy-map type appnav AppNav-policy
class default
distribute service-node-group sng1
Step 6: Configure the Policy Map(s)
class-map type appnav match-any AppNav-default-class
match access-group name AppNav-default-ACL
Step 4: Configure the AppNav Access Control List(s)
ip access-list extended AppNav-default-ACL
permit tcp any any
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Configuring a Single AppNav-XE on ISR-4K
56TECCRS-2004
Step 8: Enable AppNav Interception
interface wan_interface
service-insertion appnav
Step 7: Configure the Service Context
service-insertion service-context appnav/1
appnav-controller-group ancg
service-node-group sng1
service-policy AppNav-policy
enable
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 57TECCRS-2004
Configuring AppNav-XE and ISR-WAAS (EZConfig)
rtr97-02#service waas enable
**************************************************************************
**** Entering WAAS service interactive mode. ****
**** You will be asked a series of questions, and your answers ****
**** will be used to modify this device's configuration to ****
**** enable a WAAS Service on this router. ****
**************************************************************************
Continue? [y]: y
At any time: ? for help, CTRL-C to exit.
Prerequisites
• Copy an ISR-WAAS image to the bootflash before
• Need two routable addresses
• Need the address of the CM
• Automatically creates the AppNav configuration, installs ISR-WAAS with a basic configuration, and registers to the CM
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 58TECCRS-2004
AppNav-XE EZConfig ACLsip access-list extended AUTOWAAS
permit tcp any any
ip access-list extended CIFS
permit tcp any any eq 139
permit tcp any any eq 445
ip access-list extended Citrix-CGP
permit tcp any any eq 2598
ip access-list extended Citrix-ICA
permit tcp any any eq 1494
ip access-list extended EPMAP
permit tcp any any eq msrpc
ip access-list extended HTTP
permit tcp any any eq www
permit tcp any any eq 3218
permit tcp any any eq 8000
permit tcp any any eq 8080
permit tcp any any eq 8088
ip access-list extended HTTPS
permit tcp any any eq 443
ip access-list extended NFS
permit tcp any any eq 2049
ip access-list extended RTSP
permit tcp any any eq 554
permit tcp any any eq 8554
ip access-list extended SN_OR_WCM
permit tcp host 2.43.182.50 any
permit tcp any host 2.43.182.50
permit tcp host 2.43.183.230 any
permit tcp any host 2.43.183.230
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 59TECCRS-2004
AppNav-XE EZConfig class-maps
class-map type appnav match-any RTSP
match access-group name RTSP
class-map type appnav match-any AUTOWAAS
match access-group name AUTOWAAS
class-map type appnav match-any MAPI
match protocol mapi
class-map type appnav match-any HTTP
match access-group name HTTP
class-map type appnav match-any CIFS
match access-group name CIFS
class-map type appnav match-any Citrix-CGP
match access-group name Citrix-CGP
class-map type appnav match-any EPMAP
match access-group name EPMAP
class-map type appnav match-any HTTPS
match access-group name HTTPS
class-map type appnav match-any SN_OR_WCM
match access-group name SN_OR_WCM
class-map type appnav match-any NFS
match access-group name NFS
class-map type appnav match-any Citrix-ICA
match access-group name Citrix-ICA
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 60TECCRS-2004
AppNav-XE EZConfig policy-mappolicy-map type appnav AUTOWAAS
description AUTOWAAS global policy
class SN_OR_WCM
pass-through
class HTTP
distribute service-node-group AUTOWAAS-SNG
monitor-load http
class MAPI
distribute service-node-group AUTOWAAS-SNG
monitor-load mapi
class HTTPS
distribute service-node-group AUTOWAAS-SNG
monitor-load ssl
class CIFS
distribute service-node-group AUTOWAAS-SNG
monitor-load cifs
class Citrix-ICA
distribute service-node-group AUTOWAAS-SNG
monitor-load ica
class Citrix-CGP
distribute service-node-group AUTOWAAS-SNG
monitor-load ica
class EPMAP
distribute service-node-group AUTOWAAS-SNG
monitor-load MS-port-mapper
class NFS
distribute service-node-group AUTOWAAS-SNG
monitor-load nfs
class RTSP
distribute service-node-group AUTOWAAS-SNG
monitor-load video
class AUTOWAAS
distribute service-node-group AUTOWAAS-SNG
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 61TECCRS-2004
AppNav-XE EZConfig service-insertionservice-insertion service-node-group AUTOWAAS-SNG
description "AUTOWAAS”
service-node 2.43.182.50
no node-discovery enable
!
service-insertion appnav-controller-group AUTOWAAS-SCG
description "AUTOWAAS”
appnav-controller 2.43.182.49
!
service-insertion service-context waas/1
appnav-controller-group AUTOWAAS-SCG
service-node-group AUTOWAAS-SNG
service-policy AUTOWAAS
vrf default
enable
We recommend you disable node-discovery.
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 62TECCRS-2004
AppNav-XE EZConfig VirtualPortGroup
interface VirtualPortGroup31
ip address 2.43.182.49 255.255.255.240
no mop enabled
no mop sysid
interface GigabitEthernet0/0/0.921
description Vlan921
encapsulation dot1Q 921
ip address 2.43.183.163 255.255.255.224
no cdp enable
service-insertion waas
The service-insertion is added to the WAN interfaces you designated during the EZConfig
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
ISR 4K’s Branch Use-Case Dual Router
• Challenges/Needs: Dual router, asymmetrical in the branch, router redundancy
• Solution: ISR4K integrated AppNav and WAAS, form single cluster
• Benefit: Eliminate complex configuration with integrated AppNav
AppNav
communication
WAAS
communication
Branch
LAN WAN
MPLS
INTERNET
TECCRS-2004 63
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 64TECCRS-2004
Dual ISR 4K Deployment – Configure CLI mode• Run EZConfig on both Routers
• Modify the service-node-group on each router to include the other ISR-WAAS
• Modify the appnav-controller group on each router to include the other ISR-4K
• Benefit = Saves resources on your WCM
• Disadvantage = CLI administration for changes and troubleshooting
Router 1
service-insertion service-node-group AUTOWAAS-SNG
description "AUTOWAAS"
service-node 192.168.2.10
service-node 192.168.2.11
node-discovery enable
!
service-insertion appnav-controller-group AUTOWAAS-SCG
description "AUTOWAAS"
appnav-controller 192.168.2.2
appnav-controller 192.168.2.3
Router 2
service-insertion service-node-group AUTOWAAS-SNG
description "AUTOWAAS"
service-node 192.168.2.11
service-node 192.168.2.10
node-discovery enable
!
service-insertion appnav-controller-group AUTOWAAS-SCG
description "AUTOWAAS"
appnav-controller 192.168.2.2
appnav-controller 192.168.2.3
Assign 4K to AppNav
Controller group on each other
Assign ISR-WAAS to WAAS
Node Group on each other
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 65TECCRS-2004
Dual ISR 4K Deployment – Verify CLI mode
Router-1#show service-insertion appnav-controller-group
All AppNav Controller Groups in service context
Appnav Controller Group : AUTOWAAS-SCG
Member Appnav Controller Count : 2
Members:
IP Address
192.168.2.2
192.168.2.3
AppNav Controller : 192.168.2.2
Local AppNav Controller : Yes
Current status of AppNav Controller : Alive
Time current status was reached : Mon Apr 6 01:15:32 2015
Cluster protocol ICIMP version : 1.1
Cluster protocol Incarnation Number : 1
Cluster protocol Last Sent Sequence Number : 0
Cluster protocol Last Received Sequence Number : 0
Current AC View of AppNav Controller
IP Address
192.168.2.2
192.168.2.3
Current SN View of AppNav Controller
IP Address
192.168.2.10
192.168.2.11
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 66TECCRS-2004
Dual ISR 4K Deployment – GUI mode• Run EZConfig on both Routers to install ISR-WAAS (don’t specify interface for intercept)
• Register Both Routers to WCM (enable http secure server & ssh on routers)
• Run AppNav Wizard
• Benefit = Single view of interception & optimization, easier troubleshooting & customization
• Disadvantage = Consumes resources on WCM (Max = 300 AppNav Clusters)
ip domain-name cisco.local
username admin privilege 15 password 0 default
ip http secure-server
ip http authentication local
line vty 0 15
transport input ssh
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Dual ISR 4K Deployment – GUI mode
• After the routers are registered, the routers and the ISR-WAAS running on those routers will both show as devices in the Devices list
• Now, you can use the AppNav Cluster Wizard to build the AppNav Cluster
Be sure to select the correct interfaces for WAN interface, Cluster interface for each device.
67TECCRS-2004
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 68TECCRS-2004
Verify WAAS Operation
• For AppNav-XE, check…show service-insertion appnav-controller-group
show service-insertion service-node-group
show service-insertion statistics service-node-group
• For AppNav Controller (AIOM), check…show wccp statistics
show service-insertion appnav-controller-group
show service-insertion service-node-group
show statistics service-insertion service-node-group
• For AppNav Service Node (SN), check…show service-insertion service-node
show statistics service-insertion data-path
AppNav Health
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 69TECCRS-2004
Verify WAAS Operation
• Is WAAS optimizing connections, how, and how many?
• Are the connections optimized as expected?
• Are connections passed-through that should be optimized?
• From the GUI, Monitor -> Optimization -> Connection Statistics
‘show statistics connection’
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 70TECCRS-2004
Verify WAAS Operation
• AppNav Clusters -> (cluster name)
WAAS Central Manager GUI
Deploying Application Optimization -DC
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
AppNav XE Deployment (ASR or CSR)
BRKRST-2514 72
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
AppNav XE Deployment (ASR or CSR)
BRKRST-2514 73
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
AppNav XE Deployment (ASR or CSR)
BRKRST-2514 74
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
AppNav XE Deployment (ASR or CSR)
BRKRST-2514 75
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
AppNav XE Deployment (ASR or CSR)
BRKRST-2514 76
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
AppNav XE Deployment (ASR or CSR)
BRKRST-2514 77
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
AppNav XE Deployment (ASR or CSR)
BRKRST-2514 78
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
AppNav XE Deployment (ASR or CSR)
BRKRST-2514 79
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
AppNav XE Deployment (ASR or CSR)
BRKRST-2514 80
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
AppNav XE Deployment (ASR or CSR)
BRKRST-2514 81
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
AppNav XE Deployment (ASR or CSR)
BRKRST-2514 82
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
AppNav XE Deployment (ASR or CSR)
BRKRST-2514 83
Akamai Connect
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 85TECCRS-2004
Akamai Connect
• Go to Configure Caching Akamai Connect
• Check the Enable box
• Accept the EULA
• Load the Akamai Connect License file
• If the device doesn’t have direct access to the Internet, specify a Proxy
• Watch status (up to 2 hours to become completely active)
Enable Akamai feature
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 86TECCRS-2004
Akamai Connect
• Connected cache delivers content through the Akamai CDN
• Transparent caching (standard mode) enabled by default
• Works in both dual-sided and single-sided
Connected cache and transparent caching
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 87TECCRS-2004
Akamai Connect
• WAAS optimizations are performed across the WAN between peers, and the content is cached near the client
• Includes Intranet content
Dual-sided
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 88TECCRS-2004
Akamai Connect
• Generic Internet content with proxy-specific HTTP cache-control headers
• No WAAS peer, so other WAAS optimizations (e.g. TFO, DRE, LZ, HTTP AO, SSL AO) are not used
• Content is cached near the client
Single-sided
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Recommended Reading
BRKRST-2514 89
Q & A
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
• Give us your feedback to be entered into a Daily Survey Drawing. A daily winner will receive a $750 gift card.
• Complete your session surveys through the Cisco Live mobile app or on www.CiscoLive.com/us.
Complete Your Online Session Evaluation
Don’t forget: Cisco Live sessions will be available for viewing on demand after the event at www.CiscoLive.com/Online.
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Continue Your Education
• Demos in the Cisco campus
• Walk-in Self-Paced Labs
• Lunch & Learn
• Meet the Engineer 1:1 meetings
• Related sessions
92BRKRST-2514
Thank you