Junos
Reply
Contributor
Arzo
Posts: 171
Registered: ‎11-12-2007
0

WCCP cache engine protocol

can anyone help me to configure WCCP protocol on JUNOS, does Junos support it ?
Tariq Morad
Distinguished Expert
rkim
Posts: 755
Registered: ‎11-06-2007
0

Re: WCCP cache engine protocol

I assume that you are referring to Web cache communications protocol. JUNOS does not support WCCP. I'd recommend instead looking at URL filtering options on Juniper SSG/NetScreen firewalls running ScreenOS which support redirect web filtering with Websense or SurfControl. Going forward, JUNOS with Enhanced Services for the J-series routers will someday support UTM such as web filtering. But as of today, only ScreenOS supports it.

 

-Richard

Contributor
Arzo
Posts: 171
Registered: ‎11-12-2007
0

Re: WCCP cache engine protocol

thank you richard for the answer, but i dont have firewall installed in the site, can you please confirm this to me.

 

someone told me that i can use Policy-Based Routing to act like WCCP protocol, do you have any idea how to implement it, as i understand the WCCP protocol, the request should go to the cache engine and check if it can provide the site, if it is not cached then it will be back to the router to bring it from the internet.

Tariq Morad
Trusted Contributor
gdavies
Posts: 115
Registered: ‎11-05-2007
0

Re: WCCP cache engine protocol

Hi,

 

Yes, you can use Filter Based Forwarding to direct certain traffic towards a local cache.  You would do this using a routing-instance with the interface to the cache.  On receipt of a packet from the 'client side' of the router, you apply a filter to identify traffic to be forwarded to the cache (HTTP(S), RTP, etc) and you tell the router to use the alternate routing-instance to forward the packet.  The cache will either return the cached content or it will proxy the request to the actual server.

 

Packets returning from the cache towards the subscriber (the client) are identified and forwarded back to the subscriber using the main routing-instance.  Packets destined for an 'Internet' address are forwarded to the Internet direct from the 'cache' routing-instance.  Return packets come back into cache routing-instance because it is where the cache is located.  The cache then caches a copy (if it's cacheable content) and returns the response to the subscriber using the mechanism described above.

 

Rgds,

 

Guy 

---
Guy Davies
Contributor
Arzo
Posts: 171
Registered: ‎11-12-2007
0

Re: WCCP cache engine protocol

hi guy, sorry for this late answer, i'm facing this problem now, and i have some questions...

 

i did the routing instance configuration, but the customer claimed that its not working, and i need to configure only the traffic that leaving toward the default route (internet) to be cached, some traffic going through another interfaces i dont want them to redirected to the cache engine !! can you or anyone please help me in this !!

Tariq Morad
Trusted Contributor
gdavies
Posts: 115
Registered: ‎11-05-2007
0

Re: WCCP cache engine protocol

Hi Arzo,

 

OK, so you have an input filter applied to the interface from which you wish to receive traffic that needs to be redirected?  You match all traffic arriving on that port destined for TCP/80.  That's your web traffic :-)  The 'action' associated with traffic that matches that filter is "routing-instance WCCP".  You then configure routing-instance WCCP with an interface to your cache engine (directly attached).  There has to be a default route pointing to the cache engine.

 

If the cache engine has multiple interfaces, then place the second interface in the main routing-instance.  It will send requests for data not already cached out via the second interface towards the Internet with a source of the cache engine's own address.  The response comes back to the cache engine and is matched to a request from the original client.  That is routed out of the first interface back into routing-instance WCCP.  You need an input filter on that interface that pushes *everything* into the main routing-instance (table inet.0).  That then looks at table inet.0 and finds a return path to the original requester.

 

Any interfaces without the input filter should ignore the second routing-instance and so traffic will never go to the cache. 

 

Rgds,

 

Guy 

---
Guy Davies
Contributor
Arzo
Posts: 171
Registered: ‎11-12-2007
0

Re: WCCP cache engine protocol

thank you guy for the response, i configured the filter and the instance, but how do i apply and specify it on the interface that is connected to the cache engine!! what is the commands plz.
Tariq Morad
Trusted Contributor
gdavies
Posts: 115
Registered: ‎11-05-2007

Re: WCCP cache engine protocol

[ Edited ]

Hi Arzo,

 

Something like this...

 

interfaces {

    ge-0/0/0 {

        description "connection to subscribers";

        unit 0 {

            family inet {

                filter {

                    input web-check;

                }

            }

        }

    }

    ge-1/0/0 {

        description "connection to subscriber interface on web cache";

    }

    ge-2/0/0 {

        description "connection to public interface on web cache"; 

    } 

    ge-3/0/0 {

        description "connection to the world";

    } 

}

firewall {

    family inet {

        filter web-check {

            term match-http {

                from {

                    protocol tcp;

                    port 80;

                }

                then {

                   routing-instance web-cache;

                } 

            }

            term other {

                  then accept;

            }

        }

    }

}

routing-options {

    static {

        route 0.0.0.0/0 next-hop /*out of ge-3/0/0.0*/; 

    }

routing-instances {

    web-cache {

        instance-type virtual-router;

        interface ge-1/0/0.0;

        routing-options {

            static {

                route 0.0.0.0/0 next-hop /*out of ge-1/0/0.0*/;

                route /*subscriber blocks*/ next-table inet.0; 

            }

        } 

    }

 

Corrected by GuyD :-) 

 

 

Rgds,

 

Guy 

Message Edited by gdavies on 07-23-2008 10:51 AM
---
Guy Davies
Regular Visitor
yudo
Posts: 8
Registered: ‎10-28-2010
0

Re: WCCP cache engine protocol

hi, gdavies

 

can the config you'r posting work for  https traffic ?

Contributor
papageno
Posts: 91
Registered: ‎07-08-2011
0

Re: WCCP cache engine protocol

Yes - just change port 80 to port 443 (or add it for both).

Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.