Transcription
Deploying Riverbed Cascade and SteelheadsA Best Practices Whitepaper
DEPLOYING RIVERBED CASCADE AND STEELHEADSContents1.Introduction . 12.Steelhead Releases . 23.Steelhead Appliance Deployment Scenarios . 24.Configuring Steelhead Appliances for Flow Data Export . 3Overview . 3RiOS v5.5.1 and v5.5.3 . 3RiOS v6.0 . 55.Additional Steelhead Configuration Steps . 8Overview . 8Simplified Routing . 8LAN Subnets . 9ifIndex Persistence . 106.Configuring Cascade Profiler . 11Overview . 11SNMP Configuration . 11WAN Configuration . 13Interface Groups . 147.WAN Optimization Reports . 16Standard Reporting Templates . 16WAN Optimization Site Reporting . 17WAN Optimization Intersite Reporting . 18WAN Optimization Overall Reporting . 198.Additional Profiler Capabilities . 21Application Performance (w/ RTT) . 21User-defined Policy for Response Time. 22Application Fingerprinting. 23User Identity . 23Logical Path Association . 23Integrations and Extensible API . 239.Summary . 24 2010 Riverbed Technology. All rights reserved.
DEPLOYING RIVERBED CASCADE AND STEELHEADS1. IntroductionBusinesses large and small rely upon the network to ensure availability of critical business services. There are seeminglyconflicting requirements to deploy new, more complex applications while decreasing transaction time to make employees andcustomers more efficient while driving costs out of the infrastructure. The Riverbed Steelhead appliance provides significantadvantages to companies wanting to optimize their infrastructure and provide reliable and faster connectivity between sites. Thereis an associated cost, however, as visibility into the WAN is reduced. As a result, troubleshooting and performance analysis canbe more difficult. Riverbed Cascade Profiler ensures this visibility is not lost and provides real-time and historical views of theinfrastructure and associated host conversations, both locally and across the optimized and non-optimized WAN infrastructure.All the benefits that Cascade Profiler delivers – including real-time and historical reporting, automatic and custom behavioralanalytics, and configurable dashboards – are available to support the optimized network infrastructure. As a result, organizationscan: Better understand their network for planning purposes Be alerted to meaningful changes in network, application, user, and host behavior Quickly triage issues by understanding the impact to the business Compare current behavior to typical or historical behavior, expediting root cause analysis Maintain information for audit purposesThis document describes how to deploy Riverbed Steelhead appliances in conjunction with Cascade Profiler. It is written fornetwork administrators who are familiar with the NetFlow functionality of the two products.This document provides a high level overview of the operation of the Riverhead Steelhead and Cascade Profiler appliances and isnot intended as a step-by-step guide or a replacement for the respective products’ documentation. Readers should refer toindividual product documentation for more details. 2010 Riverbed Technology. All rights reserved.1
DEPLOYING RIVERBED CASCADE AND STEELHEADS2. Steelhead ReleasesThis document describes features that are in RiOS v5.5.1, RiOS 5.5.3 and RiOS 6.0. It also covers Cascade Profiler releases 8.3and 8.4. The table below provides a summary of the features available in each release.FeatureRiOS v5.5.1RiOS v5.5.3RiOS 6.0NetFlow Supportv5v5v5 and v9Enhanced NetFlow SupportN/Av5.1CascadeFlow (v9 based) andCascadeFlow-compatible (v5based)WAN optimization reportingCascade Profiler v8.3 and v8.4Cascade Profiler v8.3 and v8.4Cascade Profiler v8.3 and v8.4Automatic identification ofoptimizing Steelhead pairsN/AAvailable with NetFlow v5.1Available with CascadeFlow orCascadeFlow-compatibleSensor-VERequires Cascade Profiler v8.4Requires Cascade Profiler v8.4Requires Cascade Profiler v8.43. Steelhead Appliance Deployment ScenariosThere are multiple deployment models to consider when architecting a monitoring solution for the Riverbed environment, includingin-path, virtual in-path, and out-of-path configurations. There are also variants of these deployment models. This documentfocuses on the in-path and virtual in-path deployment models. Refer to the Riverbed Steelhead Deployment Guide for additionaldetails on deployment models.In-pathIn this configuration, the Steelhead appliances are placed in the physical path of the client and server, where they see all traffic.You enable flow data export and use the primary/auxiliary interface to export the data to the Cascade Profiler. Select All to exportall traffic received by the Steelhead appliance to Cascade Profiler, ensuring all optimized and non-optimized traffic is exported. Inthis mode, the traffic on the LAN interface is non-optimized while traffic on the WAN interface is optimized.Virtual in-pathIn a virtual in-path deployment, the Steelhead appliances are placed physically out of the path but virtually in the path between theclients and servers. Clients and servers continue to see the real client and server IP addresses. This deployment differs from aphysical in-path deployment in that a packet redirection mechanism is used to direct packets to the Steelhead appliance.Redirection mechanisms include PBR (Policy Based Routing) and WCCP (Web Cache Communication Protocol).In this configuration, you enable NetFlow on the WAN interface and export flow data for only the optimized traffic from theSteelhead. You use the router to export the pass-through flow data.In a virtual in-path configuration, the Steelhead appliances do not have sufficient information to determine the flow direction ofpass-through traffic. Therefore, it is necessary to enable NetFlow export on the router to capture information about the passthrough traffic.Enabling NetFlow on the router will allow for reporting traffic on the actual WAN link. If the Steelhead is using correct addressing,the optimized connections will be reported using the Steelheads as the end-points of the flow, not the original client/server. Thereis the potential for some double counting in reports under certain circumstances. Note, however, that the router’s WAN interfacemust not be included in the WAN Optimized group, as it is not an endpoint in optimization.Additionally, the following command must be run on the Steelhead appliance that is running virtually in-path:enableconfig termip flow-export destination ip address port interface wan0 0 fakeindex onThis enables the Steelhead appliance to determine the flow of optimized traffic on the WAN interface in a virtual in-path set up. 2010 Riverbed Technology. All rights reserved.2
DEPLOYING RIVERBED CASCADE AND STEELHEADSIf reports are showing abnormally large bandwidth on the Steelhead WAN interface, it is an indication that either fakeindex wasnot enabled or LAN subnets were not properly configured. (See additional detail below.) A flow list on such traffic would showflows with both the ingress and egress interfaces of the Steelhead as the WAN, such as wan0 0.To get information on only the non-optimized traffic, create a report using a host subnet (or host address) with the Steelhead clientIP address.In this configuration, the Steelhead does not see all traffic passing from the LAN to the WAN. It sees only traffic that the router isconfigured to redirect to the Steelhead. This typically is selective of only flows that have a good chance for optimization, such asCIFS. As a result, it is not generally possible to report on the actual WAN-link utilization based on the Steelhead reports.Out-of-pathAn out-of-path deployment is a network configuration in which the Steelhead appliance is not in the direct physical path betweenthe client and the server. In an out-of-path deployment, the Steelhead appliance acts as a proxy. An out-of-path configuration issuitable for data center locations where physical in-path or virtual in-path configurations are not possible. The out-of-path solutionuses NAT (Network Address Translation) thus there is no direct correlation between the client/server conversation and the trafficover the WAN. It is still possible to create valuable reports with this configuration. However, the operator will be unable to view thebenefit of optimization.In this configuration, you enable NetFlow on the primary/auxiliary interface and export flow data for only the optimized traffic fromthe Steelhead appliance. Similar to the virtual in-path deployment, you configure the router to export the pass-through flow data,as the Steelhead appliance will see only optimized data in this configuration. Steelhead appliances are unable to determine theflow of the optimized data in this configuration and are therefore unable to split traffic based on the source (e.g., LAN or WAN).Similar to the virtual in-path deployment, fakeindex must be enabled in order to properly report on the direction of the optimizedtraffic through the Steelhead appliance. Configuration of the LAN subnets is not necessary, because the out-of-path Steelheadsees only optimized traffic and is never passing through any traffic.4. Configuring Steelhead Appliances for Flow Data ExportOverviewThis paper specifically addresses the configuration of flow data export in Ri
WAN optimization reporting Cascade Profiler v8.3 and v8.4 Cascade Profiler v8.3 and v8.4 Cascade Profiler v8.3 and v8.4 Automatic identification of optimizing Steelhead pairs
