Solved

How do I set up Riverbed Steal head on the "inside" of a Cisco 3560 switch that is acting as a router/switch

Posted on 2008-10-28
10
3,349 Views
Last Modified: 2012-05-05
Normal Riverbed Steal head is connected inline between the routers ethernet interface and the switch that the router would connect to to distribute data packets.  However, I need to connect a Riverbed Stealhead to a Cisco 3560 L3 switch that has one of it's ports connected to a MetroE connection for internet/server farm access.  

What is the best way to redirect traffic from the inbound MetroE connection to all devices connected to this switch (client computers, viop phones, etc).  We to have a host of vlans as well for viop, wireless, data.  
0
Comment
Question by:tonymopar440
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
10 Comments
 
LVL 20

Expert Comment

by:RPPreacher
ID: 22821482
Use the Riverbed out of path configuraton detailed here

http://www.riverbed.com/products/deployment/remote.php
0
 
LVL 43

Expert Comment

by:JFrederick29
ID: 22821867
WCCP is also an option for your deployment with a 3560 as long as you are running 12.2(37)SE or greater.
0
 

Author Comment

by:tonymopar440
ID: 22821916
for WCCP.  what would be a basic configuration example.  
0
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

 
LVL 43

Accepted Solution

by:
JFrederick29 earned 500 total points
ID: 22822052
Here is a basic config for the 3560 (Using 12.2(46)SE).

ip access-list ext wccp70
permit ip <lan subnet> <remote subnet>
permit ip <lan subnet> <remote subnet>
permit ip <lan subnet> <remote subnet>
permit ip <remote subnet> <lan subnet>
permit ip <remote subnet> <lan subnet>
permit ip <remote subnet> <lan subnet>


ip wccp 70 redirect-list wccp70

int <VLAN interface for LAN>
ip wccp 70 redirect in

int <VLAN interface for LAN>
ip wccp 70 redirect in

int <VLAN interface for LAN>
ip wccp 70 redirect in

int <VLAN interface for WAN>
ip wccp 70 redirect in

WCCP configuration also needs to be done on the Riverbed appliances.  The 3560 only supports L2 Forwarding/Return and Mask assignment.  I'm not sure what Riverbed supports but they need to match up.  The 3560 doesn't support GRE and Hash assignment.
0
 

Author Comment

by:tonymopar440
ID: 22822885
JFrederick29,

for the remote site, can I just do a 0.0.0.0 (for remote network address) 0.0.0.0 (for remote subnet). or do I have to add all the subnets from remote site.
0
 

Author Comment

by:tonymopar440
ID: 22822958
the previous question is regarding the permit ip statements within the access list.
0
 
LVL 43

Expert Comment

by:JFrederick29
ID: 22822961
I just threw that out there if you wanted to specifically define traffic, i.e. if you don't want the Riverbed to see Internet traffic or traffic that doesn't need to be optimized, etc...

You can simply use "ip wccp 70" without the access-list so all traffic is redirected to the Riverbed.
0
 

Author Comment

by:tonymopar440
ID: 22823424
JFrederick29
so basically all I would be doing is this:

ip wccp 70

int vlan1
ip wccp 70 redirect in

int vlan10
ip wccp 70 redirect in

int vlan22
ip wccp 70 redirect in

int vlan100
ip wccp 70 redirect in

int vlan101
ip wccp 70 redirect in

int vlan102
ip wccp 70 redirect in

int vlan103
ip wccp 70 redirect in

int vlan104
ip wccp 70 redirect in

int vlan105
ip wccp 70 redirect in

int vlan107
ip wccp 70 redirect in

int vlan200
ip wccp 70 redirect in

so how does this apply to the port on the switch that is being used by Riverbed appliance?  also do I plug in the two ports that normally would go in line, the lan and wan ports? or can I just get by with one or the other?
0
 
LVL 43

Expert Comment

by:JFrederick29
ID: 22823451
You would only be using one port on the Riverbed if doing WCCP.  The appliance port simply needs to be reachable via layer2 to the 3560 so it can simply reside in a VLAN.  I would create a new VLAN/Subnet for it as it can't be in a VLAN doing redirection.  But again, the Riverbed itself needs WCCP configuration as well.
0
 
LVL 4

Expert Comment

by:th3w01f
ID: 22947507
Did you get this working or are you still having issues?
0

Featured Post

Save the day with this special offer from ATEN!

Save 30% on the CV211 using promo code EXPERTS30 now through April 30th. The ATEN CV211 connects a laptop directly to any server allowing you instant access to perform data maintenance and local operations, for quick troubleshooting, updating, service and repair.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Security is one of the biggest concerns when moving and migrating your data from your on-premise location to the Public Cloud.  Where is your data? Who can access it? Will it be safe from accidental deletion?  All of these questions and more are imp…
If you are thinking of adopting cloud services, or just curious as to what ‘the cloud’ can offer then the leader according to Gartner for Infrastructure as a Service (IaaS) is Amazon Web Services (AWS).  When I started using AWS I was completely new…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question