Messages

586

General Discussion / Re: Wanos Setup - only one single Edge

« on: June 18, 2014, 10:03:15 AM »

Hi there,

Thanks for submitting the question. Unfortunately due to the way the devices work, two devices across a link are required, one on each side.

587

Deployment / Re: WANOS Over DmVPN (IPSEC)

« on: June 16, 2014, 01:34:51 AM »

Thanks, I'll send the info through during the course of the day via email.

Regarding 1.0.2, the features that will be useful in this scenario:
MultiCore on the edges based on subnet configuration is go-live ready.
The byte store has been increased to 14GB which will come in handy at the larger HQ site, is also go-live ready.
Low -> High, High <-> High, Low <-> Low optimization are all implemented.

Updated.

588

Deployment / Re: WANOS Over DmVPN (IPSEC)

« on: June 15, 2014, 01:10:21 PM »

Hi Muhammad,

That is a very interesting solution to get two Cores into the network. If the routing works as intended, then the solution should work.

Edit: removed outdated info

589

Troubleshooting / Re: wanos on kvm

« on: June 12, 2014, 10:14:38 AM »

Hi Peter,

Thanks for testing wanos on KVM. It is difficult to say, but I suspect it could be due to the network driver. We can test this theory by switching off optimization e.g. place the device in Edge mode and then do a test to see how much traffic it can handle. Then in the second test change the network adapters to virtio and redo the test to see if throughput is increased.

590

Configuration / Re: Port 443

« on: June 10, 2014, 08:26:11 PM »

Hi Cliff,

Yes agree, it is possible to remove the rule, but compression and deduplication on the encrypted traffic is unlikely to produce any benefits. The bypass rule also helps to keep the encrypted bytes out of the datastore since it has a low hit probability. HTTPS optimization will involve doing a decrypt and re-encrypt, which is the standard way.

Note:
HTTPS Caching added in v4.1
HTTPS QoS added in v.4.0 e.g. de-prioritize Facebook, Youtube

591

Features / Re: Traffic Selection by Vlan

« on: June 05, 2014, 03:50:10 PM »

Hi Nick,

The concept of optimizing certain vlans while bypassing other vlans with a PVST config is actually quite clever. Like it and agree its probably something that needs to be done with a lot of care and consideration. Which is true for all bridged in-path wanop devices though.

592

Deployment / Re: WANOS Over DmVPN (IPSEC)

« on: June 05, 2014, 03:14:13 PM »

Thanks Muhammad, good points on the board sections. I have made some changes to accommodate this.

The design is very interesting. All sites can be configured in high mode. Bidirectional optimization on by default.

Edited to reflect current info at Feb-2015

593

Installation / Re: ESX vSwitch Topologies without physical NIC's

« on: June 05, 2014, 12:58:09 PM »

Also see http://wanos.org/wan-optimization/?p=1324 for configuration without physical interfaces

594

Features / Re: Traffic Selection by Vlan

« on: June 01, 2014, 02:43:57 PM »

Hi Nick,

It would be technically be possible to create such a feature that inspects/filters based on vlan tags. Would a Core VM for each client/overlapping address space not work for your scenario?

595

Installation / Re: Test lab inside ESXi

« on: May 29, 2014, 05:46:08 PM »

Hi Cliff,

Thanks for posting this interesting scenario. In fact I will make a new blog post about the ESXi lab scenario.

Ok, first things first. Scenario-2 is the way to build the test lab. I think you have it about 99% configured correctly. All that is needed is to enable promiscuous mode on the vswitches (if you used separate ones) or on the port groups level (if you used vlans). To enable promiscuous configure the vswitch and then edit the security settings and select accept promiscuous.

Another way to build a lab is to use three VLANs in the same offline vswitch. In the image below I created three port groups, each with a VLAN. Like in your example I used WAN (Vlan10) Local1 (Vlan11) and Local2 (Vlan12). The topology then looks the same:

server1--[Local1]--wanos-core--[WAN]--wanos-edge--[Local2]--PC2

The vSwitch configuration for this topology:


Just for the record here is also a screenshot of the promiscuous mode configuration:


A diagram of the virtual network:


Since the devices have a software link between them consider enabling the WAN Simulation for testing purposes.

For more detailed steps the ESXi Lab Guide is available http://wanos.org/wanop/?p=1324

596

Installation / Installation Guides

« on: May 26, 2014, 07:05:13 PM »

Note: Please see full configuration guide at: Admin Guide

The Quick Configuration Guide be found at: Quick Config Guide

If you have any trouble with any of the steps, please create a new forum post and together we will figure it out.

597

Features / Re: Hardware load balancing

« on: May 20, 2014, 05:05:55 PM »

Hi Muhammad,

Yes, this type of design will always be required at one stage or another. To make one Core fail over to another is the easy part, it can happen already. The challenge is to make one of the Cores go down and come back online safely so that they don't disrupt the network. There are always going to be conditions in a dynamic network where the Cores will go up and down e.g. network/IOS/Software upgrades. So a bit of intelligence between the two Cores is required to make it a supported safe feature e.g. A keep-alive link between the Cores need to be established which will signal and sync state between the two Cores. The design will then look something similar to the attached image. In essence all wan traffic (both routers) is handled by the primary Core. If the primary Core fails the standby Core takes over. The communication between the two Cores will then ensure that the primary Core can safely rejoin.

598

Features / Re: Advanced Logging

« on: May 18, 2014, 07:46:30 PM »

The summary and detailed level reporting will be available.

For fully customizable reports the first method available is to generate these reports based on data from SNMP, NetFlow or CSV. If there is sufficient demand, similar functionality like BlueCoat's XML custom reports can be introduced in the Central Manager device, which is currently scheduled for Q4.

599

Features / Re: Advanced Logging

« on: May 18, 2014, 02:22:52 PM »

Hi Muhammad,

I sent a mail with more detail, but essentially yes. The Plus version will have a lot more detailed reporting like QoS / traffic policy graphs, traffic sessions and network top talkers.

600

Troubleshooting / Re: MACFLAP_NOTIF

« on: May 12, 2014, 06:43:18 PM »

Hi, yes, for the higher volumes the 20 GB datastore per Edge of the plus version would be better suited.