Web Cache Communication Protocol
Encyclopedia
Web Cache Communication Protocol (WCCP) is a Cisco-developed content-routing protocol that provides a mechanism to redirect traffic flows in real-time. It has built-in load balancing
, scaling, fault tolerance, and service-assurance (failsafe) mechanisms. Cisco IOS
Release 12.1 and later releases allow the use of either Version 1 (WCCPv1) or Version 2 (WCCPv2) of the protocol.
WCCP allows utilization of Cisco Cache Engines (or other caches running WCCP) to localize web traffic patterns in the network, enabling content requests to be fulfilled locally. Traffic localization reduces transmission costs and download time.
WCCPv2
's Content Cache appliance they have since added support to other products, including:
Other vendors have also implemented WCCP support into their products, as it allows clustering and transparent deployment on networks using Cisco routers/switches without additional hardware. WCCP is of particular use to vendors of web cache/proxy/security appliances for redirection of web traffic. A list includes:
Load balancing (computing)
Load balancing is a computer networking methodology to distribute workload across multiple computers or a computer cluster, network links, central processing units, disk drives, or other resources, to achieve optimal resource utilization, maximize throughput, minimize response time, and avoid...
, scaling, fault tolerance, and service-assurance (failsafe) mechanisms. Cisco IOS
Cisco IOS
Cisco IOS is the software used on the vast majority of Cisco Systems routers and current Cisco network switches...
Release 12.1 and later releases allow the use of either Version 1 (WCCPv1) or Version 2 (WCCPv2) of the protocol.
WCCP allows utilization of Cisco Cache Engines (or other caches running WCCP) to localize web traffic patterns in the network, enabling content requests to be fulfilled locally. Traffic localization reduces transmission costs and download time.
Protocol Versions
WCCPv1- Only a single router services a cluster of systems
- Supports HTTP (TCPTransmission Control ProtocolThe Transmission Control Protocol is one of the core protocols of the Internet Protocol Suite. TCP is one of the two original components of the suite, complementing the Internet Protocol , and therefore the entire suite is commonly referred to as TCP/IP...
port 80) traffic flows only - Provides generic routing encapsulation (GREGeneric Routing EncapsulationGeneric Routing Encapsulation is a tunneling protocol developed by Cisco Systems that can encapsulate a wide variety of network layer protocols inside virtual point-to-point links over an Internet Protocol internetwork.-Overview:...
) to prevent packet modification - Routers and cache engines communicate to each other via a control channel based on UDPUser Datagram ProtocolThe User Datagram Protocol is one of the core members of the Internet Protocol Suite, the set of network protocols used for the Internet. With UDP, computer applications can send messages, in this case referred to as datagrams, to other hosts on an Internet Protocol network without requiring...
port 2048
WCCPv2
- Allows for use across up to 32 routers (WCCP servers)
- Supports up to 32 engines/accelerators (WCCP clients)
- Supports any IP protocol including any TCP or UDP
- Supports up to 256 service groups (0-255)
- Adds MD5MD5The MD5 Message-Digest Algorithm is a widely used cryptographic hash function that produces a 128-bit hash value. Specified in RFC 1321, MD5 has been employed in a wide variety of security applications, and is also commonly used to check data integrity...
shared secret security
Registration
- Accelerator or Engine is a WCCP client
- Registers WCCP services (0-255) with “Here I Am” if application is operational
- Registration announces WCCP client on service group, provides availability notification, requests interesting traffic
- Transmits “Here I Am” every 10 seconds
- Lead WCCP client (lowest IP address) instructs routers on protocol/port, assignment, forwarding, and return methods
- Router is a WCCP server
- Accepts service group registration (0-255)
- Acknowledges “Here I Am” with “I See You”
- Waits 30 (3x10) seconds before declaring engine failed
- Announce engines to other engines
- Router id is highest interface IP or highest loopback IP if one exists
- Redirects traffic to engine
Assignment
- Selects an engine in the cluster
- Hash 256 buckets
- Mask 128 buckets represented by 7 bit mask of the source or destination IP/Port
Redirect from Router to Cache Engine
- Redirect list allows router to permit/deny traffic to intercept
- Two methods of redirection:
- WCCP L2Data link layerThe data link layer is layer 2 of the seven-layer OSI model of computer networking. It corresponds to, or is part of the link layer of the TCP/IP reference model....
: Local subnet only, little overhead. Rewrites packet MAC address to that of the local Engine - WCCP GRE: Any IP-Subnet, more overhead. Creates tunnel from router to local or remote Engine.
- WCCP L2
Return from Cache Engine to Router
- WCCP GRE return
- WCCP L2 return
- Engine can optionally return traffic any other way including routing
Products that implement WCCP
Whilst originally designed for CiscoCisco
Cisco may refer to:Companies:*Cisco Systems, a computer networking company* Certis CISCO, corporatised entity of the former Commercial and Industrial Security Corporation in Singapore...
's Content Cache appliance they have since added support to other products, including:
- Application & Content Networking System (ACNS)
- Wide Area Application Servcies (WAAS)
- ASA/PIX Firewalls
- Some IOS versions
- IronPortIronPortIronPort Systems, Inc., headquartered in San Bruno, California, was a company that designed and sold products and services that protect enterprises against Internet threats. It was best known for IronPort AntiSpam, the SenderBase email reputation service, and email security appliances...
S-Series Web Security Appliance
Other vendors have also implemented WCCP support into their products, as it allows clustering and transparent deployment on networks using Cisco routers/switches without additional hardware. WCCP is of particular use to vendors of web cache/proxy/security appliances for redirection of web traffic. A list includes:
- Aladdin/SafeNet eSafe Web
- ApplianSysApplianSysApplianSys, founded in 2000, is a privately held venture capital-backed technology company based in London, United Kingdom. It designs, builds and markets Internet server appliances that are deployed in more than 80 countries...
CACHEbox - Barracuda NetworksBarracuda NetworksBarracuda Networks, Inc. is a privately held company providing security, networking and storage solutions based on appliances and cloud services. The company’s security products include solutions for protection against email, web surfing, web hackers and instant messaging threats such as spam,...
Barracuda Web Filter - Blue CoatBlue Coat SystemsBlue Coat Systems Inc. is a network security and network management company based in Sunnyvale, California, United States.It identifies itself as an application delivery network specialist...
ProxySG - Branch Repeater (formerly known as "WANScaler") Citrix Systems, Inc.
- CensorNet Ltd CensorNet Professional web filter
- CYAN Network Security CYAN Secure Web
- Cymphonix Corp. Network Composer/Conductor
- ExindaExindaExinda is a United States technology company that provides computer networking products and services. Headquartered in Andover, Massachusetts, Exinda delivers WAN optimization and network bandwidth management solutions to small and medium-sized enterprises....
WCCPv2 support for Web Cache - F5 NetworksF5 NetworksF5 Networks, Inc. is a networking appliances company. It is headquartered in Seattle, Washington and has development and marketing offices worldwide. It originally manufactured and sold some of the very first load balancing products...
Wan Optimization Module - FortinetFortinetFortinet is headquartered in Sunnyvale, California and specializes in network security appliances. Fortinet’s flagship product line is sold under the brand name of FortiGate.-Corporate Overview:...
FortiOS4.0 - M86 SecurityM86 SecurityM86 Security is a privately-owned Internet threat protection company that specializes in Web and email security products and content filtering appliances...
Secure Web Gateway - McAfeeMcAfeeMcAfee, Inc. is a computer security company headquartered in Santa Clara, California, USA. It markets software and services to home users, businesses and the public sector. On August 19, 2010, electronics company Intel agreed to purchase McAfee for $7.68 billion...
McAfee Web Gateway Formerly Webwasher - Microdasys SCIP SSL Content Proxy
- NetApp NetCacheNetCacheNetCache is a former web cache software product which was owned and developed by NetApp between 1997 and 2006, and a hardware product family incorporating the NetCache software.-History:...
(no longer available) - PerfTech, Inc. Bulletin System
- Replify Accelerator
- Riverbed TechnologyRiverbed TechnologyRiverbed Technology is a technology company that specializes in improving the performance of networks and networked applications. It was founded May 23, 2002 by Jerry Kennelly and Steve McCanne in San Francisco, California where its world headquarters remains...
Steelhead - Silver Peak NX Series
- Apache Traffic Server
- SmoothWall LtdSmoothWallSmoothwall is a Linux distribution designed to be used as an open source firewall. Designed for ease of use, Smoothwall is configured via a web-based GUI, and requires little or no knowledge of Linux to install or use....
Guardian Web Content Filters - SophosSophosSophos is a developer and vendor of security software and hardware, including anti-virus, anti-spyware, anti-spam, network access control, encryption software and data loss prevention for desktops, servers, email systems and other network gateways....
Web Appliance - Squid
- Stampede Technologies Stampede Application Acceleration Series
- Trend MicroTrend MicroTrend Micro Inc. is a computer security company. It is headquartered in Tokyo, Japan and markets Trend Micro Internet Security, Trend Micro Worry-Free Business Security, OfficeScan, and other related security products and services...
IWSVA 3.x and 5.x - WebsenseWebsenseWebsense is a San Diego-based company specializing in Web security gateway software. It enables clients to block access to chosen categories of websites.-History:Websense was founded by Phil Trubey in 1994...
Web Security Gateway - WebTitan WebTitan Web Filtering Appliance
- Wedge Networks BeSecure
- XipLink XA Optimizers
External links
- Cisco
- Section WCCP Network Caching in the Cisco DocWiki (formerly known as the "Internetworking Technology Handbook")
- Section Configuring Web Cache Services Using WCCP in the "Cisco IOS Configuration Fundamentals Configuration Guide, Release 12.2"
- Section WCCPv2 and WCCP Enhancements in the feature guide for "Cisco IOS Software Releases 12.0 S"
- Configure WCCP on your Cisco IOS router on TechRepublic
- Web Cache Communication Protocol V2.0 on IETF Web Site
- How to setup WCCP on your Barracuda Web Filter on Barracuda Networks site