(→Overview:) |
|||
| (One intermediate revision by one other user not shown) | |||
| Line 1: | Line 1: | ||
| + | <font size=5> Document migrated. An updated [http://wanos.co/docs/docs/wanos-admin-guide/deployment/router-mode/ Router Mode Guide] can be found in the [http://wanos.co/docs Wanos Documentation site] </font> | ||
| + | <font color=#dddddd> | ||
| + | |||
==Router Mode== | ==Router Mode== | ||
The Router mode feature can be enabled and configure in Express, but support is only available for Plus since routing, policy based routing, gateways and high availability can get complicated and unique to each case. | The Router mode feature can be enabled and configure in Express, but support is only available for Plus since routing, policy based routing, gateways and high availability can get complicated and unique to each case. | ||
| + | |||
===Overview:=== | ===Overview:=== | ||
In router mode, only the wan0 interface is used. In this mode Wanos supports two or more ip addresses on the same interface. Primary wan0, Secondary virtual lan0. Both addresses bind to the wan0 interface. | In router mode, only the wan0 interface is used. In this mode Wanos supports two or more ip addresses on the same interface. Primary wan0, Secondary virtual lan0. Both addresses bind to the wan0 interface. | ||
| − | Traffic from the wan should be directed to the standard wan0 ip address. | + | Traffic from the '''wan''' should be directed to the standard '''wan0''' ip address. |
| − | Traffic from the lan should be directed to the virtual lan0 ip address. | + | |
| + | Traffic from the '''lan''' should be directed to the virtual '''lan0''' ip address. | ||
All sites can be in router mode or a mix of router mode and bridge mode. | All sites can be in router mode or a mix of router mode and bridge mode. | ||
| + | |||
===Basic Configuration:=== | ===Basic Configuration:=== | ||
| − | In bridge mode (Layer2), the inside and outside interfaces indicate the source of the traffic. In router mode (Layer3) , | + | In bridge mode (Layer2), the inside and outside interfaces indicate the source of the traffic. In router mode (Layer3) , the same concept applies, but two IP addresses are used on the same physical wan0 interface. In router mode, only the wan0 physical interface is used. Both inside virtual lan0 and outside wan0 IP addresses bind to the physical wan0 interface. |
| − | To enable router mode, the lan0 | + | To enable router mode, select router mode and configure the secondary virtual lan0 IP Address and mask e.g. 172.16.1.201/24 |
| − | + | ||
| − | + | ||
| − | + | ||
| − | + | ||
| − | + | ||
| − | + | ||
| − | + | http://wanos.co/wan-optimization/wp-content/uploads/2015/12/router-mode-configuration.png | |
| + | |||
| + | After applying the change, the virtual IP address will be accessible on the wan0 interface along with the primary address. Traffic from the lan needs to be directed to the lan0 virtual ip address. Traffic from the wan needs to be redirected to the primary wan0 address. | ||
The secondary ip address can be on the same range as the primary e.g.: | The secondary ip address can be on the same range as the primary e.g.: | ||
Wan0 = 172.16.1.200 | Wan0 = 172.16.1.200 | ||
Lan0 = 172.16.1.201 | Lan0 = 172.16.1.201 | ||
| + | |||
===Verification=== | ===Verification=== | ||
| Line 36: | Line 39: | ||
Remember to enable promiscuous / mac spoofing or equivalent. | Remember to enable promiscuous / mac spoofing or equivalent. | ||
| − | ''''' | + | |
| + | '''''STOP HERE''''' for the initial configuration. The secondary virtual lan0 IP address is the only Wanos configuration required. | ||
| + | |||
| + | |||
===Advance setup with multiple subnets: (Optional)=== | ===Advance setup with multiple subnets: (Optional)=== | ||
| Line 47: | Line 53: | ||
All these networks will be available as secondary virtual IP addresses to be used as gateways for the workstations or servers. | All these networks will be available as secondary virtual IP addresses to be used as gateways for the workstations or servers. | ||
| + | |||
===Example 1:=== | ===Example 1:=== | ||
In the diagram the Wan Accelerator is deployed out of path at the main site. Traffic from the wan is directed to the wan0 address 10.0.0.2. Traffic from the lan that needs to be optimized is directed to the virtual lan address 10.0.0.1 <br /> | In the diagram the Wan Accelerator is deployed out of path at the main site. Traffic from the wan is directed to the wan0 address 10.0.0.2. Traffic from the lan that needs to be optimized is directed to the virtual lan address 10.0.0.1 <br /> | ||
http://wanos.co/wan-optimization/wp-content/uploads/2015/03/wan-optimizer-pbr-policy-based-routing-out-of-path.jpg | http://wanos.co/wan-optimization/wp-content/uploads/2015/03/wan-optimizer-pbr-policy-based-routing-out-of-path.jpg | ||
| + | |||
===Example 2:=== | ===Example 2:=== | ||
In the following diagram the data center wan accelerator primary address shares a segment with the gateway router. Traffic from the wan is directed to the wan0 address 10.0.0.2. Devices on the lan have their default gateways set to be the wan accelerator virtual lan addresses 10.1.1.1 and 10.2.2.1. High availability is possible by configuring secondary routes.<br /> | In the following diagram the data center wan accelerator primary address shares a segment with the gateway router. Traffic from the wan is directed to the wan0 address 10.0.0.2. Devices on the lan have their default gateways set to be the wan accelerator virtual lan addresses 10.1.1.1 and 10.2.2.1. High availability is possible by configuring secondary routes.<br /> | ||
http://wanos.co/wan-optimization/wp-content/uploads/2015/03/wan-optimizer-router-out-of-path.jpg | http://wanos.co/wan-optimization/wp-content/uploads/2015/03/wan-optimizer-router-out-of-path.jpg | ||
| + | |||
===Example 3:=== | ===Example 3:=== | ||
| Line 65: | Line 74: | ||
The Wanos addresses can be tracked to disable the policy redirect. Remember to not enable PBR on the same router (sub-)interface that Wanos is connected to, else traffic from Wanos will be redirected to itself. Since Router mode requires routing on the network, it is recommended to use the simple bridge mode where possible. | The Wanos addresses can be tracked to disable the policy redirect. Remember to not enable PBR on the same router (sub-)interface that Wanos is connected to, else traffic from Wanos will be redirected to itself. Since Router mode requires routing on the network, it is recommended to use the simple bridge mode where possible. | ||
| + | |||
| + | </font> | ||
Latest revision as of 19:27, 14 February 2017
Document migrated. An updated Router Mode Guide can be found in the Wanos Documentation site
Contents
Router Mode
The Router mode feature can be enabled and configure in Express, but support is only available for Plus since routing, policy based routing, gateways and high availability can get complicated and unique to each case.
Overview:
In router mode, only the wan0 interface is used. In this mode Wanos supports two or more ip addresses on the same interface. Primary wan0, Secondary virtual lan0. Both addresses bind to the wan0 interface.
Traffic from the wan should be directed to the standard wan0 ip address.
Traffic from the lan should be directed to the virtual lan0 ip address.
All sites can be in router mode or a mix of router mode and bridge mode.
Basic Configuration:
In bridge mode (Layer2), the inside and outside interfaces indicate the source of the traffic. In router mode (Layer3) , the same concept applies, but two IP addresses are used on the same physical wan0 interface. In router mode, only the wan0 physical interface is used. Both inside virtual lan0 and outside wan0 IP addresses bind to the physical wan0 interface.
To enable router mode, select router mode and configure the secondary virtual lan0 IP Address and mask e.g. 172.16.1.201/24
After applying the change, the virtual IP address will be accessible on the wan0 interface along with the primary address. Traffic from the lan needs to be directed to the lan0 virtual ip address. Traffic from the wan needs to be redirected to the primary wan0 address.
The secondary ip address can be on the same range as the primary e.g.: Wan0 = 172.16.1.200 Lan0 = 172.16.1.201
Verification
While pinging a host at the remote site. tcpdump should produce the following output on wan0:
sudo tcpdump -i wan0 host x.x.x.x
Remember to enable promiscuous / mac spoofing or equivalent.
STOP HERE for the initial configuration. The secondary virtual lan0 IP address is the only Wanos configuration required.
Advance setup with multiple subnets: (Optional)
Multiple secondary lan0 networks are also supported, if the workstations will direct their default gateways directly to the virtual gateways configured on Wanos. To configure these multiple additional virtual lan0 networks, these extra networks can be added to /tce/etc/wanos/virtual_lan.
e.g:
10.1.1.1/24
10.2.2.1/24
10.3.3.1/24
All these networks will be available as secondary virtual IP addresses to be used as gateways for the workstations or servers.
Example 1:
In the diagram the Wan Accelerator is deployed out of path at the main site. Traffic from the wan is directed to the wan0 address 10.0.0.2. Traffic from the lan that needs to be optimized is directed to the virtual lan address 10.0.0.1
Example 2:
In the following diagram the data center wan accelerator primary address shares a segment with the gateway router. Traffic from the wan is directed to the wan0 address 10.0.0.2. Devices on the lan have their default gateways set to be the wan accelerator virtual lan addresses 10.1.1.1 and 10.2.2.1. High availability is possible by configuring secondary routes.
Example 3:
Another PBR example.
The router has an IP address of 10.0.0.254. Wanos has 10.0.0.1 for wan0 and secondary virtual address 10.0.0.2. Both bind on the physical wan0.
Here the router is used to channel IP traffic from the WAN interface to 10.0.0.1.
The router has a second policy to channel IP traffic from the lan servers to 10.0.0.2.
The Wanos addresses can be tracked to disable the policy redirect. Remember to not enable PBR on the same router (sub-)interface that Wanos is connected to, else traffic from Wanos will be redirected to itself. Since Router mode requires routing on the network, it is recommended to use the simple bridge mode where possible.