Author Topic: WanOS complex setup  (Read 7039 times)

spoonzw

  • V.I.P
  • Member
  • ***
  • Posts: 4
    • View Profile
WanOS complex setup
« on: March 28, 2014, 09:44:08 AM »
Hi Team

First and foremost well done for a great product. I have been waiting for some competition to the big brands for ages. We use one of the "Big brands" at the office and there is nothing out there for the small companies that cant afford the "big brands".

I have a question re the setup of WanOS. Do you need to hard wire the "traffic policies"? I have as i am not sure the optimization is working.

Please see my setup attached as well as the screen shots of the traffic policies. Its over an ipsec vpn. Both wanos boxes can ping each other. It would be useful to have a "current connections" list to see whats being optimized, whats connected and whats bypassed etc.

Looking forward to the Pro version

Thanks

Wanos

  • Team Wanos
  • Administrator
  • Full Member
  • *****
  • Posts: 56
    • View Profile
Re: WanOS complex setup
« Reply #1 on: March 28, 2014, 10:08:22 AM »
Hi there,

Ok, since there are only two devices, in a point to point configuration, the traffic policies are not essential. Also the by-pass rules apply only to the Core. That said, the policies looks right according to the diagram.

To verify that optimization is working, the free traffic graph can be viewed. When copying the same file (10mb) a second time this graph must display a saving if all is well and the protocol used is not encrypting the traffic. Careful with CIFS/SMB since the newer operating systems can sign/encrypt this traffic as well.

Would it be possible to upload the /tce/etc/wanos/wanos.click file? Interestingly someone else experienced the exact same issue when enabling a similar policy.

Also ensure to reset the service under Configure > Reset > Reset Service after making changes to the policy. Also just ensure the optimization mode on the Core is set to 'Core'.

Graphs of the optimized vs by-pass traffic and graphs of the QoS classes will be available soon.

A session stats table will be available soon after introducing NetFlow which is ready as well.
 
Note: Forum posts may be outdated. Please see the latest documentation at wanos.co/docs

spoonzw

  • V.I.P
  • Member
  • ***
  • Posts: 4
    • View Profile
Re: WanOS complex setup
« Reply #2 on: March 28, 2014, 10:35:48 AM »
Hi

Thanks for the quick response. Both wanos devices are setup correctly as core and edge. Everytime i updated the rules i did reset the services. The 0.0.0.0/0 bypass rules on both sides are there to bypass connections to the internet. Without them no traffic flowed out. Just an FYI on the VMWARE end i did set the network interfaces to "Promiscuous" and the servers are on a Vmswitch "LAN" and the wanos core is on both segments "LAN" and "WAN" (was the only was to simulate the layer 2 inpath)

Attached is a copy of wanos.click file from both ends

thanks for all your help, great stuff this wanos
thanks

Wanos

  • Team Wanos
  • Administrator
  • Full Member
  • *****
  • Posts: 56
    • View Profile
Re: WanOS complex setup
« Reply #3 on: March 28, 2014, 12:52:23 PM »
Hi, pleasure, hope we can figure it out. The configs looks perfect for the setup and should work if traffic that match the policies flow through the device. The by-pass makes sense for the Internet traffic. The multisite config is also configured right, although only required if there are multiple edge sites.

Some info that might point us in the right direction:
Does the wan0 network traffic (Reports > Network > Traffic) reflect the same network traffic that you expect going over the router? (E.g is it possible that traffic towards the Edge site is missing the Core)
Also just to be sure, traffic is directly between the 192.168.1.0/24 and 192.168.111.0/24 range? Or in other words no special NAT addresses? If for example the servers have a public addresses that are translated to the internal range.
On the dashboard is the datastore growing? (Shows that the policies are matching the subnets and the database is growing)
Is the free traffic graph showing any savings on a second transfer?
Protocol used not encrypted? (Datastore will grow, but traffic saving stats will remain low)
+-Speed throughput of the IPsec VPN? (If throughput is higher than the hardware specs can handle, the free traffic stats will show savings, but throughput test might not show throughput gains.
Any interface errors under Reports > Network > Interface Statistics?



Note: Forum posts may be outdated. Please see the latest documentation at wanos.co/docs

ahenning

  • Team Wanos
  • Administrator
  • Full Member
  • *****
  • Posts: 629
    • View Profile
Re: WanOS complex setup
« Reply #4 on: April 10, 2014, 11:21:14 PM »
Anyone else interested in setting up ESX/ESXi on a single NIC as well can have a look at: Configure Single Physical NIC for VMware vSphere (ESXi)
« Last Edit: September 26, 2016, 01:09:34 PM by lmolina »
CCIE RS, CCIE SP, Mnet&sys

Note: Forum posts may be outdated. Please see the latest documentation at wanos.co/docs