On Mon, Jun 22, 2009, Adrian Chadd wrote: > G'day, > > I'm trying to configure up bi-directional WCCPv2 on a Cisco 3750 > with redirect lists to limit the traffic being redirected. > I'm trying it on 12.2(50)SE2 ipservicesk9. > > If I add a redirect list to the wccpv2 service definitions the > traffic becomes CPU processed. > > If I remove the redirect lists, the traffic is 100% hardware processed. > > Is there some bug or platform caveat which isn't mentioned anywhere?
Two things: http://www.cisco.com/en/US/docs/switches/lan/catalyst3750/software/release/12.2_37_se/configuration/guide/swwccp.html at least mentions the redirect ACL but apparently has it backwards: "To disable caching for specific clients, servers, or client/server pairs, you can use a WCCP redirect access control list (ACL). Packets that match the redirect ACL bypass the cache and are forwarded normally." The redirect ACL is "match == redirect", rather than "match == bypass." Secondly, I can't see any mention of what is/isn't permitted in the redirect ACL. Only in this article: http://wireless.itworld.com/networking/55658/wccp-refresh where the author mentions that only permit entries are supported. Sure enough, removing the explicit deny entries from the ACLs removes the CPU punting and I'm happily fully transparently intercepting a gigabit of HTTP. My question is - where in the Cisco documentation is this configuration caveat mentioned? thanks, Adrian _______________________________________________ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
