WCCP
From the System > WCCP sub-menu, you can configure the WCCP (Web Cache Communication Protocol).
WCCP is a Cisco-developed content-routing protocol that provides a mechanism to redirect traffic flows in real-time. FortiADC supports Version 2 (WCCPv2).
With WCCP, FortiADC can forward client traffic to WCCP compatible devices where additional actions will be performed (that are not native to the FortiADC), and then, after undergoing these processes, the traffic will be sent back to the FortiADC.
To configure a WCCP object:
- Go to System > WCCP.
- Click Create New to display the configuration editor.
- Configure the following settings:
Settings Description Service ID
Name of the service group. Range 0-255.
Authentication
- Disable—No password is required. Default.
- Enable—Opens up a text box. Specify the password.
Forward Method
- GRE—Encapsulates the intercepted packet in an IP GRE header with a source IP address of the WCCP server and a destination IP address of the target WCCP client. This allows the WCCP server to be multiple Layer 3 hops away from the WCCP client.
- L2—Rewrites the destination MAC address of the intercepted packet to equal the MAC address of the target WCCP client. L2 forwarding requires that the WCCP server is Layer 2 adjacent to the WCCP client.
- any—Cache server determines the method.
Return Method
- Defines how a cache server declines a redirected packet, and returns it to the FortiADC (see forward-method above for option descriptions).
Assignment Method
Defines which assignment method the FortiADC prefers:
- HASH—A hash key based on any combination of the source and destination IP and port of the packet.
- MASK—A mask value specified with a maximum of 7 bits and, like the hash key, can be configured to cover both the source and destination address space.
- any—Cache server determines the method.
Group Address IP multicast address used by the cache routers. The default, 0.0.0.0, means the FortiADC will ignore multicast WCCP traffic. Otherwise, set the address between 244.0.0.0 to 239.255.255.255.
Router ID
IP address known to all cache engines, and identifies an interface on the FortiADC to the cache engines. If all cache engines connect to the same FortiADC interface, use the default address of 0.0.0.0. However, if the cache engines can connect to different FortiADC interfaces, you must set router-id to a specific IP address, which must then be added to the configuration of the cache engines that connect to that interface.
Server List
IP address and netmask for up to four cache servers.
- Click Save.
- Enable WCCP in an interface.
- Go to Networking > Interface. Select an interface and open the dialogue.
- Under Mode Specifics, enable WCCP (default is disable).
- Click Save.
- Enable WCCP in a virtual server for monitoring.
Only Layer 7 Virtual Servers are supported. - Go to Server Load Balance > Virtual Server.
- Select a virtual server. Click the Monitoring tab.
- Enable WCCP (default is disable).
- Click Save.