___________
You must configure R1 to leverage the two Content Engines. R1 must ensure that it can only communicate with 192.168.0.100 and 192.168.0.101 content engines. Hosts on 10.0.2.0/24 should not use the content engines and should be able to surf the internet without being redirected. Hosts on 10.0.1.0/24 should be redirected to the content engines. The configuration should only be completed on R1. Note: You must use the latest version of the technology and it must support authentication.
R1
__
interface FastEthernet0/0
ip address 10.0.0.1 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 192.168.0.1 255.255.255.0
duplex auto
speed auto
no keepalive
!
interface Serial1/0
ip address 200.0.0.1 255.255.255.0
serial restart-delay 0
!
router ospf 1
router-id 1.1.1.1
log-adjacency-changes
redistribute static metric 5 subnets
network 10.0.0.1 0.0.0.0 area 0
network 192.168.0.1 0.0.0.0 area 0
network 200.0.0.1 0.0.0.0 area 0
!
ip route 0.0.0.0 0.0.0.0 200.0.0.2
R2
__
interface FastEthernet0/0
ip address 10.0.0.2 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 10.0.1.1 255.255.255.0
duplex auto
speed auto
no keepalive
!
interface FastEthernet1/0
no switchport
ip address 10.0.2.1 255.255.255.0
no keepalive
!
router ospf 1
router-id 2.2.2.2
log-adjacency-changes
network 10.0.0.2 0.0.0.0 area 0
network 10.0.1.1 0.0.0.0 area 0
network 10.0.2.1 0.0.0.0 area 0
R3
__ -- Acting as the hext hop to the internet
interface Serial1/0
ip address 200.0.0.2 255.255.255.0
serial restart-delay 0
!
ip route 10.0.0.0 255.255.255.0 200.0.0.1
ip route 10.0.1.0 255.255.255.0 200.0.0.1
ip route 10.0.2.0 255.255.255.0 200.0.0.1
ip route 192.168.0.0 255.255.255.0 200.0.0.1
Good Luck!
2 comments:
Here is what I came up with for the WCCP configuration using an inbound redirect on R1 F0/0. Obviously we are pretending to have a web-cache and I have no HTTP clients!! Let me know your thoughts...
access-list 1 permit 192.168.0.100
access-list 1 permit 192.168.0.101
access-list 1 deny any log
access-list 101 deny ip 10.0.2.0 0.0.0.255 any
access-list 101 permit ip any any
.
ip wccp version 2
ip wccp web-cache password ccie group-list 1 redirect-list 101
interface FastEthernet0/0
ip wccp web-cache redirect in
R1(config-if)#do sh ip wccp web-cache
Global WCCP information:
Router information:
Router Identifier: -not yet determined-
Protocol Version: 2.0
Service Identifier: web-cache
Number of Service Group Clients: 0
Number of Service Group Routers: 0
Total Packets s/w Redirected: 0
Process: 0
Fast: 0
CEF: 0
Redirect access-list: 101
Total Packets Denied Redirect: 0
Total Packets Unassigned: 0
Group access-list: 1
Total Messages Denied to Group: 0
Total Authentication failures: 0
Total Bypassed Packets Received: 0
Good Stuff!
Here is the configuration I had
R1
__
ip wccp web-cache redirect-list 10 group-list 20 password cisco
!
interface FastEthernet0/0
ip wccp web-cache redirect in
!
access-list 10 permit 10.0.1.0 0.0.0.255
access-list 20 permit 192.168.0.100
access-list 20 permit 192.168.0.101
I have included a couple of show commands but without having the content
engines avaiable the results are limtited.
R1#sh ip wccp interfaces detail
WCCP interface configuration details:
FastEthernet0/0
Output services: 0
Input services: 1
Static: Web-cache
Dynamic: None
Mcast services: 0
Exclude In: FALSE
R1#sh ip wccp
Global WCCP information:
Router information:
Router Identifier: -not yet determined-
Protocol Version: 2.0
Service Identifier: web-cache
Number of Service Group Clients: 0
Number of Service Group Routers: 0
Total Packets s/w Redirected: 0
Process: 0
Fast: 0
CEF: 0
Redirect access-list: 10
Total Packets Denied Redirect: 0
Total Packets Unassigned: 0
Group access-list: 20
Total Messages Denied to Group: 0
Total Authentication failures: 0
Total Bypassed Packets Received: 0
Post a Comment