Applies To:

Show Versions Show Versions

Manual Chapter: Basic BIG-IP WOM Setup
Manual Chapter
Table of Contents   |   Next Chapter >>

About WAN optimization using BIG-IP WOM

The BIG-IP® WAN Optimization Manager™ systems work in pairs on opposite sides of the WAN to optimize the traffic that flows between them. A simple point-to-point configuration might include WAN Optimization Manager (WOM®) running on a BIG-IP system in one data center, and a second BIG-IP WOM running in another data center on the other side of the WAN. Other configuration possibilities include point-to-multipoint (also called hub and spoke) and mesh deployments.

The following illustration shows an example of the flow of traffic across the WAN through a pair of BIG-IP WOMs. In this example, traffic can be initiated on both sides of the WAN.

Example of a traffic flow through a BIG-IP WOM pair

The BIG-IP WOM as an endpoint. From the standpoint of each BIG-IP WOM, it is the local endpoint. Any BIG-IP WOM with which the local endpoint interacts is a remote endpoint. After you identify the endpoints, communication between the WOM pair takes place in an iSession™ connection between the two devices. When you configure the local WOM, you also identify any advertised routes, which are subnets that can be reached through the local endpoint. When viewed on a remote system, these subnets appear as remote advertised routes.

To optimize traffic, you select the applications you want to optimize, and BIG-IP WOM sets up the necessary virtual servers and associated profiles. The system creates a virtual server on the initiating side of the WAN, with which it associates a profile that listens for TCP traffic of a particular type (HTTP, CIFS, MAPI, FTP). The local BIG-IP WOM also creates a virtual server, called an iSession listener, to receive traffic from the other side of the WAN, and it associates a profile that terminates the iSession connection and forwards the traffic to its destination. For some applications, the system creates an additional virtual server to further process the application traffic.

The default iSession profile, which the system applies to application optimization, includes symmetric adaptive compression. Also by default, symmetric data deduplication is enabled.

About the WAN Optimization Quick Start screen

The Quick Start screen for WAN optimization provides all the settings you need to configure WAN Optimization Manager™ (WOM®) on one side of the WAN. After you have set up the BIG-IP® WOM® systems on both sides of the WAN, you can begin optimizing the application traffic you specify. An important advantage of configuring WOM using the Quick Start screen is that the system automatically selects TCP parameter settings based on the hardware. If you do not use the Quick Start screen, the system uses the generalized default TCP settings, which might not be optimal for your hardware.

Setting up WAN optimization using the Quick Start screen

You cannot view the Quick Start screen until you have defined at least one VLAN and at least one self IP on a configured BIG-IP® system that has been provisioned for WOM®.
Use the Quick Start screen to quickly set up WAN Optimization Manager™ on a single screen of the BIG-IP system using the default settings. To optimize WAN traffic, you must configure BIG-IP WOM on both sides of the WAN.
  1. Log on to the BIG-IP WOM system that you want to configure. The default logon value for both user name and password is admin.
  2. In the navigation pane, click WAN Optimization > Quick Start.
  3. In the WAN Self IP Address field, type the local endpoint IP address. This IP address must be in the same subnet as a self IP address on the BIG-IP system. To make sure that dynamic discovery properly detects this endpoint, the IP address must be the same as a self IP address on the BIG-IP WOM system.
  4. Change the Discovery setting to Enabled. If you leave the Discovery setting disabled, you must manually configure any remote endpoints and advertised routes.
  5. Specify the VLANs on which the virtual servers on this system receive incoming traffic.
    Option Description
    LAN VLANs Select the VLANs on which the virtual servers that initiate application traffic through an iSession connection receive incoming LAN traffic destined for the WAN.
    WAN VLANs Select the VLANs on which the virtual servers on the receiving side receive application traffic from the WAN through an iSession connection.
  6. In the Authentication area, for the Outbound iSession to WAN setting, select the SSL profile to use for all encrypted outbound iSession connections. To get WAN optimization up and running, you can use the default selection serverssl, but you need to customize this profile for your production environment.
  7. For the Inbound iSession from WAN setting, select the SSL profile to use on the incoming iSession connection. To get WAN optimization up and running, you can use the default selection wom-default-clientssl.
    Note: If you configure the iSession connection to not always encrypt the traffic between the endpoints, this profile must be a client SSL profile for which the Non-SSL Connections setting is enabled, such as wom-default-clientssl.
  8. In the IP Encapsulation area, specify an additional method of encryption for outbound iSession traffic, if any.
    1. If you select IPsec, select an IPsec policy from the IPSEC Policy list that appears, or leave the default, default-ipsec-policy-isession.
    2. If you select GRE, select a GRE profile from the GRE Profile list that appears, or leave the default, gre.
  9. Select the applications you want to optimize by selecting the adjacent check boxes in the Create Optimized Applications list. For each application you select, also specify whether to enable or disable data encryption of the application traffic over the WAN.
  10. Click Apply.
The system creates the necessary virtual servers and associated profiles to optimize the selected application traffic, as indicated by the green check marks in the Optimizations Enabled column on the Quick Start screen. For some applications, such as HTTP and MAPI, the system creates a virtual server only for initiating traffic. For other applications, such as CIFS and FTP, the system creates two virtual servers: one to initiate traffic destined for the other side of the WAN and another to receive traffic from the other side of the WAN, after the traffic has been terminated by the iSession terminating virtual server.
Note: If you are using a one-arm deployment, you must manually create the virtual servers to receive CIFS and FTP traffic, because the system detects only one VLAN.
To complete the setup, repeat this task on the BIG-IP system on the other side of the WAN.
Table of Contents   |   Next Chapter >>

Was this resource helpful in solving your issue?




NOTE: Please do not provide personal information.



Incorrect answer. Please try again: Please enter the words to the right: Please enter the numbers you hear:

Additional Comments (optional)