[Last Call] Learn about multicloud storage options and how to improve your company's cloud strategy. Register Now

x
?
Solved

Riverbed SteelHead Deployment

Posted on 2012-03-16
7
Medium Priority
?
1,347 Views
Last Modified: 2012-03-20
Hello, Experts! I've a 2 riverbed devices. SH1050 and SH550. Also our company have a high latency and slow speed satellite link. I would like to deploy RB devices to optimize WAN traffic. I think I need in-path config like this: LAN<->RB<->EDGE-ROUTER<->WAN<->EDGE-ROUTER<->RB<->LAN. Could everybody give me any configuration examples or RB docs. It is true that RB appliance work transparency from LAN to EDGE-ROUTER or RB it is like L3 ROUTER? I can not mind, how i need to configure routing, from which segment should be in-path ip adress?
0
Comment
Question by:Khitrov
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 
LVL 10

Accepted Solution

by:
wdurrett earned 1500 total points
ID: 37730108
Your setup as described is correct for an in-path deployment.  You will not need to change any routing at all - The RVBD devices simply pass through the traffic.  If you put them in place and do nothing else, your traffic will continue to flow as it did before.

To select the traffic that is optimized, you can either set up fixed target rules in the RVBDs or allow the units to auto-select the traffic to optimize.  I prefer the fixed target rules, as I want to control what the unit is optimizing.

Please note, depending on your edge router, you may need to make a config change.  TCP has provision for optional header fields identified by an option type field. Options 0 and 1 are exactly one octet which is their type field. All other options have their one octet type field, followed by a one octet length field, followed by length-2 octets of option data.

The standard TCP options are Type 0 (End of Option List), 1 (No-Operation), 2 (Maximum Segment Size, len 4), 3 (WSOPT - Window Scale, len 3), 4 (SACK Permitted, len 2), 5 (SACK, len N), and 8 (TSOPT - Time Stamp Option, len 10).

Type 6-7, and 9-255 have no widespread use and are usually blocked by firewall policies. In fact, Cisco recommends blocking these TCP option types in PIX.

Riverbed uses Type 76 which falls in the Unassigned Type range 28-252.

Some firewall configurations will strip TCP options or else drop packets with these options. (For example, Cisco PIX Firewall IOS 7.0 may block the auto-discovery probe.)

Commands:

access-list tcp-traffic permit tcp any any
class-map tcp-traffic
match access-list tcp-traffic
tcp-map allow-probes
tcp-options range 76 78 allow
policy-map global_policy
class tcp-traffic
set connection advanced-options allow-probes


Also ensure that the service policy is applied globally.


service-policy global_policy global


Now the Steelheads auto-discover each other and work as expected.

You will get the following error if the policy was already applied globally.  This is to be expected.


WARNING: Policy map global_policy is already configured as a service policy
0
 

Author Comment

by:Khitrov
ID: 37732136
My network schemeI've the trouble with optimization. My scheme is on the picture. It is my RB test lab. When I download test file by NetBIOS CIFS on host A from host B second time, it is absolutely like first time. License on Windows File sharing is exists on all RB appliances, but in reports->networking i see that is my connection passtrought, not optimized. Also, in connected appliances i can not see each other from both ends. Both RB health status is ok. All optimization rules by default. What is wrong?
0
 
LVL 10

Expert Comment

by:wdurrett
ID: 37732620
Please see the post above and check that you are allowing tcp probes.
0
Are You Ready for GDPR?

With the GDPR deadline set for May 25, 2018, many organizations are ill-prepared due to uncertainty about the criteria for compliance. According to a recent WatchGuard survey, a staggering 37% of respondents don't even know if their organization needs to comply with GDPR. Do you?

 

Author Comment

by:Khitrov
ID: 37732739
I am sure that my hq router does not drop or filter anything, it Linux machine. But i sm not sure about branch router. It is a cisco 2811, not previosly configured, i took it from box, assigned ip and add static routes. Nothing else. Should i do something with tcp probe settings? Ios version is 12.4. Ipbase. If you know what to do with this, let me know. I will try it at monday at my workplace. Thank you and sorry for my newbie.
0
 

Author Comment

by:Khitrov
ID: 37738112
I have check anything and testing once again. No results. Then I've rebooted both appliances and everyrhing goes well. But it is strange: if I restart optimization service at RB web console, it restarted successfully, health is ok, but scheme still not work until full reboot both appliance. What does it mean?
0
 
LVL 10

Expert Comment

by:wdurrett
ID: 37738160
I am not sure about the 2811.  But if they are optimizing traffic, you are all set.

I am also not sure why you graded my answer as a "B."  I gave you a complete answer on how to setup your RVBDs and even included commands for your router if you needed them.  What would an "A" be for you?
0
 

Author Comment

by:Khitrov
ID: 37742813
Oh, Wdurret! I am so sorry. It was a mistake, I have visit this site from my smartphone and I was missed. Youe answer is very helphull and absolutely for me. Now, both RVBDs optimizing traffic. Tomoroow i will studying about out of path configuration.
0

Featured Post

What’s Wrong with Your Cloud Strategy ?

Even as many CIOs are embracing a cloud-first strategy, the reality is that moving to the cloud is a lengthy process and the end-state is likely to be a blend of multiple clouds—public and private. Learn why multicloud solutions matter in this webinar by Nimble Storage.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Broadband over Power Lines Broadband over Power Lines is the technology of transmitting computer data through power lines. This method of connectivity allows the user to have access to the internet without having to rely on additional cables, suc…
Before I go to far, let's explain HA (High Availability) and why you should consider it.  High availability is the mechanism used to provide redundancy to any service at the same site and appears as a single service to the users of that service.  As…
This course is ideal for IT System Administrators working with VMware vSphere and its associated products in their company infrastructure. This course teaches you how to install and maintain this virtualization technology to store data, prevent vuln…
In this video you will find out how to export Office 365 mailboxes using the built in eDiscovery tool. Bear in mind that although this method might be useful in some cases, using PST files as Office 365 backup is troublesome in a long run (more on t…
Suggested Courses

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question