Applies To:

Show Versions Show Versions

Manual Chapter: Configuring Optimization Policies
Manual Chapter
Table of Contents   |   << Previous Chapter   |   Next Chapter >>

You use optimization policies to specify where and how you want the WAN Optimization Module to optimize traffic. Optimization policies on the initiating side designate the TCP ports on which the WAN Optimization Module applies symmetric data deduplication optimization algorithms or symmetric adaptive compression. On the other side of the WAN, an iSession-terminating virtual server completes the connection.
On the WAN Optimization Module, an optimization policy is a virtual server with an iSession profile and other relevant WAN Optimization profiles associated with it. The optimization policies generally manage different types of application traffic for specific services or ports. For example, a default policy, or virtual server, called http_optimize optimizes HTTP traffic on port 80.
Actually, the optimization policies are virtual servers that handle application traffic (such as HTTP, CIFS, or MAPI) on the initiating (client) side WAN Optimization Module. You need to create a virtual server called isession-virtual on the system as a terminating virtual server; it handles activity on the receiving (server) side WAN Optimization Module. You can configure the system so it automatically creates the isession-virtual virtual server, or you can create it manually.
Figure 5.1 shows two BIG-IP systems with WAN Optimization Modules located on either side of the WAN. The initiating WAN Optimization Module is the one located on the side where the request was initiated on the clients, and the receiving WAN Optimization Module is the one located near the servers that can satisfy the request.
Figure 5.1 also shows the profiles that are used for optimization.
If requests are initiated from either side of the WAN, you need to set up optimization policies and the isession-virtual virtual server on both WAN Optimization Modules.
To optimize traffic, the optimization policies you create require several profiles that are included with the system. If you use the Optimization Policies screens to create the optimization policies and isession-virtual, the system automatically associates these profiles with the virtual servers it creates.
isession: Required for WAN Optimization to prepare traffic for optimization. Any virtual server that optimizes traffic needs to have an iSession profile, either the default provided with the system or one that you create. iSession profiles need to be on the WAN side of the system (that is, on the server side of the initiating system and the client side of the receiving system).
tunnel: Completes the iSession connection on the remote endpoint. This profile is specified by default in the terminating isession-virtual.
wom-tcp-lan-optimized: Tunes the TCP stack to work well over the LAN. It is required for WAN Optimization on the client side of the optimization policies.
wom-tcp-wan-optimized: Tunes the TCP stack to work well over the WAN. It is required for WAN Optimization on the server side of the optimization policies.
wom-default-serverssl: A built-in disabled server SSL profile that the system uses to ensure that traffic passes through the system even when remote endpoints are not present and the WAN Optimization Module is not optimizing traffic.
serverssl: A built-in SSL profile that the system uses for the outbound connection on the initiating WAN Optimization Module. It encrypts the traffic going into the tunnel.
clientssl: A built-in SSL profile that the system uses for the inbound connection on the receiving WAN Optimization Module. It decrypts the traffic coming from the tunnel.
cifs: A built-in profile specifically tailored to optimize CIFS traffic. This profile is specified on the cifs-optimize virtual server.
mapi: A built-in profile specifically tailored to optimize MAPI traffic. This profile is specified on the mapi-optimize virtual server.
Common Application Optimization Policies: Let you automatically create virtual servers to support optimizing HTTP, CIFS, and MAPI traffic.
Custom Application Optimization Policies: Let you create virtual servers to optimize any type of TCP traffic, such as HTTPS or FTP traffic.
Note: You need to configure optimization policies so that VLAN traffic is restricted to the VLAN where the connections are initiated (for example, the LAN side or internal VLAN). You need to configure the iSession-terminating virtual server so that VLAN traffic is restricted to the VLAN that is connected to the WAN link.
You set up optimization policies on the initiating (or client) side. If traffic is being initiated from this side of the network, you need to create optimization policies on this WAN Optimization Module.
You need to be sure that the traffic that you plan to optimize is not encrypted by an existing application. Encrypted traffic cannot be optimized.
The WAN Optimization Module makes it easy to set up common optimization policies for HTTP, CIFS, and MAPI traffic. The common optimization policies (that is, virtual servers with optimization profiles) that you can create automatically are:
cifs_optimize: optimizes any CIFS traffic on port 445 and associates the cifs and isession profiles. For details on CIFS, see Optimizing CIFS traffic.
mapi_optimize: optimizes any MAPI traffic on port 135 and associates the mapi and isession profiles. For details on MAPI, see Optimizing MAPI traffic.
http_optimize: optimizes any HTTP traffic on port 80 and associates the cifs and isession profiles.
These optimization policies are terminated on the WAN Optimization Module on the other side of the WAN by a terminating virtual server called isession-virtual.
1.
On the Main tab of the navigation pane, expand WAN Optimization and click Configuration.
The Local Endpoint - Basic screen opens.
2.
On the menu bar, click Optimization Policies.
The Optimization Policies screen opens, listing the existing optimization policies.
3.
Click the Create button.
The Common Application Optimization Policies screen opens, listing the preconfigured policies that are available.
4.
Check the Select box next to the type of traffic you want to optimize (CIFS, MAPI, or HTTP), and then click Apply.
The system creates a virtual server for each type of traffic selected, and automatically assigns an iSession profile (required for WAN optimization), an SSL profile, and other profiles appropriate for the application.
5.
On the Optimization Policies screen, click the name of each of the optimization policies you created (for example, cifs_optimize, mapi_optimize, and http_optimize). On the properties screen for each one, perform these steps:
a)
From VLAN Traffic list, select Enabled On.
This displays the VLAN List setting.
b)
For the VLAN List setting, from the Available box, select the VLAN on the internal (LAN) side through which connections come in, and click the Move button (<<) to move that VLAN to the Selected box.
c)
Click Finished.
You can create custom optimization policies on the WAN Optimization Module. A custom application optimization policy optimizes traffic for applications and service ports in addition to that handled by the common application optimization policies for HTTP, CIFS, and MAPI traffic. It is a virtual server with profiles designed to optimize traffic for that application.
You can create custom policies for other applications, such as HTTPS or FTP. You may want to create custom optimization policies (that is, virtual servers) if your network configuration does not use the standard ports for applications.
1.
On the Main tab of the navigation pane, expand WAN Optimization and click Configuration.
The Local Endpoint - Basic screen opens.
2.
On the menu bar, click Optimization Policies.
The Optimization Policies screen opens listing the virtual servers that have been created, if any.
3.
Click the Create button.
The Common Application Optimization Policies screen opens listing the preconfigured policies that are available.
4.
Click Create Custom Policy.
The Custom Application Optimization Policies screen opens.
5.
In the Name box, type a descriptive name for this custom optimization policy (and the name of the virtual server that is created).
6.
For the Destination setting, specify the following information about the destination server:
Type: Click Host or Network, depending on the type of custom policy you are creating:
Host: Specifies that the IP address you type represents a single host address.
Network: Specifies that the IP address you type is a network address, which the system uses in combination with Mask to represent a range of IP addresses.
Address: Type the IP address of the destination server or the IP address of a virtual server that represents a pool of servers.
Mask: If adding a network address, type the mask that represents the range. You must type the full netmask.
7.
In the Port box, type the number of the port that the application uses.
8.
For the Endpoint Tunnel Virtual Server setting, select No to create a custom virtual server for optimizing application traffic.
9.
For the Additional Optimizations setting, select a particular type of application traffic for this virtual server:
None: Specifies that this is not MAPI or CIFS traffic. No special profile is added to this virtual server.
MAPI: Specifies that this is MAPI traffic and associates the MAPI profile with this virtual server. To optimize MAPI traffic, you also need to create virtual servers for the Microsoft Exchange servers in your network. For details, see Optimizing MAPI traffic.
CIFS: Specifies that this is CIFS traffic and associates the CIFS profile with this virtual server. For details, see Optimizing CIFS traffic.
10.
For the Enabled setting, select one of the following:
Yes: Specifies that the virtual server and its resources are available for WAN Optimization.
No: Specifies that the virtual server is not currently available.
11.
For the iSession Profile setting, select the iSession profile to associate with the virtual server of this custom policy.
An iSession profile is required for WAN optimization.
12.
From VLAN Traffic list, select Enabled On.
This displays the VLAN List setting.
13.
For the VLAN List setting, from the Available box, select the VLAN on the internal (LAN) side through which connections come in, and click the Move button (<<) to move that VLAN to the Selected box.
Click Repeat to save this custom application optimization policy and add another custom policy.
Click Finished when you are done adding custom policies.
The system creates a customized optimization policy: it creates a virtual server and automatically associates the profiles necessary for WAN optimization.
To complete the tunnel between the local and remote endpoints, the receiving side WAN Optimization Module needs to have an iSession-terminating virtual server. The terminating virtual server receives the iSession connection, decrypts the data, reconstitutes any data that was optimized, and then re-encrypts the data before it continues on its way to the application server. By default, the system is configured to automatically create a terminating virtual server, called isession-virtual, when you configure the local endpoint.
The Create iSession Virtual Server setting on the local endpoint screen, set to Yes by default, creates the iSession-terminating virtual server. If you change this setting to No, you need to manually create a terminating virtual server before you can optimize traffic.
Use the Create Custom Policy button on the Common Application Optimization Policies screen (simplest method). The WAN Optimization Module uses the appropriate default values for many of the settings.
Create a virtual server using Local Traffic Manager (for advanced BIG-IP system administrators). You can access more settings, but you need to understand how to set them appropriately for WAN optimization.
You can use either method. If you are familiar with the BIG-IP system, you can manually create the virtual server to terminate tunnel traffic on the receiving WAN Optimization Module using Local Traffic Manager. You can find in-depth information about creating virtual servers in the Configuration Guide for BIG-IP® Local Traffic Management.
When you create the terminating virtual server, you associate the tunnel profile with it. The WAN Optimization Module includes a premade tunnel profile that is designed for terminating the tunnel. The simple method automatically associates the tunnel profile with the virtual server.
You create iSession-terminating virtual servers on the receiving (server) side WAN Optimization Module. If file transfers initiate from clients on both sides of the WAN, you need a terminating virtual server on both WAN Optimization Modules. If the endpoint you are configuring only initiates requests and the remote endpoint on the other side of the WAN will never initiate requests, you do not need a terminating virtual server on this WAN Optimization Module.
1.
On the Main tab of the navigation pane, expand WAN Optimization and click Configuration.
The Local Endpoint - Basic screen opens.
2.
On the menu bar, click Optimization Policies.
The Optimization Policies screen opens listing the virtual servers that have been created, if any.
3.
Click the Create button.
The Common Application Optimization Policies screen opens.
4.
Click Create Custom Policy.
The Custom Application Optimization Policies screen opens.
5.
In the Name box, type a descriptive name for this iSession-terminating virtual server.
6.
For the Destination setting, specify the following information about the destination server:
Type: Click Host.
Address: Type the IP address of the local endpoint.
7.
In the Port box, select *All ports, so the virtual server intercepts all traffic destined for this WAN Optimization Module (that is, the one at the end of the tunnel).
8.
For the Endpoint Tunnel Virtual Server setting, select Yes to associate the tunnel profile with the virtual server.
9.
For the Enabled setting, select Yes.
10.
For the iSession Profile, select isession or a customized iSession profile that descends from isession, and set the Context to client.
11.
From VLAN Traffic list, select Enabled On.
This displays the VLAN List setting.
12.
For the VLAN List setting, from the Available box, select the VLAN on the internal (LAN) side through which connections come in, and click the Move button (<<) to move the VLAN to the Selected box.
13.
Click Finished to create the terminating virtual server.
1.
On the Main tab of the navigation pane, expand Local Traffic and click Virtual Servers.
The Virtual Servers screen opens.
2.
On the upper right portion of the screen, click the Create button.
The New Virtual Server screen opens.
3.
For the Configuration setting, select Advanced.
In the Name box, type a name for the iSession-terminating virtual server (it is a good idea to include isession-virtual in the name).
Make sure the Destination Type is set to Host.
In the Destination Address box, type the IP address of the local endpoint.
For the Service Port, select *All ports so the virtual server intercepts all traffic destined for this WAN Optimization Module (that is, the one at the end of the tunnel).
For the Protocol Profile (Client), select wom-tcp-wan-optimized.
For the Protocol Profile (Server), select wom-tcp-lan-optimized.
For the SSL Profile (Client), select clientssl to manage client-side SSL traffic for incoming connections.
From VLAN Traffic list, select Enabled On.
This displays the VLAN List setting.
For the VLAN List setting, from the Available box, select the VLAN on the internal (LAN) side through which connections come in, and click the Move button (<<) to move the VLAN to the Selected box.
For the Tunnel Profile, select tunnel.
For the iSession Profile, select isession or a customized iSession profile that descends from isession, and set the Context to client.
5.
Click Finished to create the terminating virtual server.
The WAN Optimization Module can automatically create optimization policies to optimize common types of traffic such as HTTP, CIFS, and MAPI traffic. You can view a list of optimization policies, modify them, enable or disable them, and delete them.
You can view a list of the existing application optimization policies that were created on the BIG-IP system using the WAN Optimization Module. You can look at the properties of each application optimization policy and adjust the settings as needed.
1.
On the Main tab of the navigation pane, expand WAN Optimization and click Configuration.
The Local Endpoint - Basic screen opens.
2.
On the menu bar, click Optimization Policies.
The Optimization Policies screen opens, listing all of the application optimization policies, or virtual servers, that have been created, if any.
3.
In the Name column, click the name of any optimization policy.
The properties screen for that application optimization policy opens and shows that it is a virtual server with profiles and settings that allow it to optimize traffic.
b)
Click Update.
From the WAN Optimization Module, you can enable or disable an optimization policy. If you disable an optimization policy, the WAN Optimization Module no longer optimizes the application traffic that it targets.
1.
On the Main tab of the navigation pane, expand WAN Optimization and click Configuration.
The Local Endpoint - Basic screen opens.
2.
On the menu bar, click Optimization Policies.
The Optimization Policies screen opens, listing all of the application optimization policies, or virtual servers, that have been created.
3.
Locate the Enabled setting.
This setting indicates whether the application optimization policy is currently enabled or disabled.
5.
Click Enable or Disable.
You can permanently delete an application optimization policy (including the corresponding virtual server). You may want to consider simply disabling it until you are sure you no longer need it.
1.
On the Main tab of the navigation pane, expand WAN Optimization and click Configuration.
The Local Endpoint - Basic screen opens.
2.
On the menu bar, click Optimization Policies.
The Optimization Policies screen opens, listing all of the application optimization policies.
4.
Click Delete.
The WAN Optimization Module can perform symmetric adaptive compression on traffic that travels between the local and remote endpoint. Symmetric adaptive compression reduces the size of data that is being transferred over the WAN to save transmission time and improve performance.
You can adjust the compression method (also called codec) on the iSession profile. The following compression methods are available:
Adaptive
This compression method chooses the best algorithm (Deflate or LZO) for the current traffic, and changes as traffic conditions change. The system selects from the compression algorithms that are enabled.
Deflate
This is a high-quality compression algorithm that is typically slower than the LZO algorithm, unless the system platform supports hardware acceleration. If multiple methods are selected on both systems, the system uses the Deflate algorithm to compress traffic.
LZO
This is a fast, medium-quality compression algorithm with low latency. the Lempel_Ziv_Oberhumer (LZO) algorithm is best for interactive protocols (such as telnet) or high-bandwidth protocols that compress easily (such as those used for data replication).
Null
This option specifies that no compression occurs between the two systems. You must use Null for connections if you do not want to allow compression. You can also use it for traffic that cannot be compressed, such as streaming media (already compressed), or encrypted protocols (such as HTTPS).
By default, all methods are enabled on the iSession profiles on both WAN Optimization Modules on either side of the WAN. The system chooses the compression method in this order: (1) Deflate, (2) LZO, and (3) Null.
Important: At least one compression method needs to be the same on both systems (even if it is Null, meaning no compression), otherwise, the two systems cannot establish a tunnel connection.
The compression method that the systems use depends on the negotiated settings. The common set of options between the two systems determines which method to use.
Configuring symmetric adaptive compression involves making sure that the systems on both sides of the WAN have virtual servers with an isession profile that has at least one compression method that is the same enabled on it. (By default, all compression methods are enabled on the isession profile.)
Note: If you have already configured your system as described in Chapter 3, Configuring WAN Optimization for the First Time, your system may already be performing symmetric adaptive compression.
1.
On the Main tab of the navigation pane, expand WAN Optimization and click Configuration.
The Local Endpoint - Basic screen opens.
2.
Check that the iSession profile used by the application optimization policies has one or more compression options enabled:
a)
On the menu bar, click Optimization Policies.
The Optimization Policies screen opens, listing all of the application optimization policies, or virtual servers, that have been created.
b)
Click the name of an optimization policy, select the Advanced configuration setting, and note the name of the iSession profile.
c)
On the Main tab of the navigation pane, expand Local Traffic and click Profiles.
The HTTP Profiles screen opens.
d)
From the Services menu, choose iSession.
The iSession Profiles screen opens.
e)
Click the name the iSession profile you want to check.
The profile properties screen opens.
Note: If you want no compression, set Null to Enabled, and disable all other options.
3.
Log on to the WAN Optimization Modules on the other side of the WAN to make sure that the corresponding iSession profiles they use have the same compression options enabled on them.
1.
On the Main tab of the navigation pane, expand WAN Optimization and click Configuration.
The Local Endpoint - Basic screen opens.
2.
Disable compression on the iSession profile used by the application optimization policies by following these steps:
a)
On the menu bar, click Optimization Policies.
The Optimization Policies screen opens.
b)
Click the name of an optimization policy, select the Advanced configuration setting, and note the name of the iSession profile.
c)
On the Main tab of the navigation pane, expand Local Traffic and click Profiles.
The HTTP Profiles screen opens.
d)
From the Services menu, choose iSession.
The iSession Profiles screen opens.
e)
Click the name of the iSession profile for which you want to disable compression.
The iSession profile properties screen opens.
f)
For the Compression settings, set Adaptive, Deflate, and LZO to Disabled, and set Null to Enabled.
3.
Log on to any other WAN Optimization Modules on the other side of the WAN to make sure that the corresponding iSession profiles that they use have Null set to Enabled, and the other compression options set to Disabled.
The WAN Optimization Module uses symmetric data deduplication to reduce the amount of bandwidth consumed across a WAN link for repeated data transfers. When enabled, symmetric data deduplication provides optimization, acceleration, and data reduction for TCP traffic between two WAN Optimization Modules.
Specifying the number of remote endpoints to be sure that the system divides the available storage between the correct number of endpoints. For details on how the system determines the cache size, see Checking the size of deduplication cache.
Deciding whether to use disk or memory for deduplication cache; memory access is faster, especially for high-speed networks. The default value is Disk.
Making sure that the systems on both sides of the WAN have virtual servers with an isession profile that has deduplication enabled on it. By default, deduplication is enabled.
Click the Clear Dedup Cache button on the remote endpoint. (The cache used between the two endpoints is cleared on both the local and remote endpoints.)
Note: If you have already configured your system as described in Chapter 3, Configuring WAN Optimization for the First Time, your system may already be performing symmetric data deduplication.
1.
On the Main tab of the navigation pane, expand WAN Optimization and click Configuration.
The Local Endpoint - Basic screen opens.
2.
In the Maximum Number of Remote Endpoints box, type the number of WAN Optimization Modules you expect to connect to this one. The default value is 1.
Note: Changing this value clears the deduplication cache. You should rarely need to change this setting.
3.
Click Update to clear the deduplication cache and reallocate storage on all of the endpoints.
4.
On the menu bar, select Local Endpoint and click Advanced.
The Local Endpoint - Advanced screen opens.
5.
For the Enable Symmetric Data Deduplication setting, verify that it is set to Yes.
6.
For Mode, select the appropriate setting:
Select Memory if you want deduplication cache stored in memory (faster access for high-speed networks, T3 or higher).
Select Disk if you want more space for deduplication cache.
a)
On the menu bar, click Optimization Policies.
The Optimization Policies screen opens, listing all of the application optimization policies, or virtual servers, that have been created.
b)
Click the name of any optimization policy, select the Advanced configuration setting, and note the name of the iSession profile.
c)
On the Main tab of the navigation pane, expand Local Traffic and click Profiles.
The HTTP Profiles screen opens.
d)
From the Services menu, choose iSession.
The iSession Profiles screen opens.
e)
Click the name of the iSession profile for which you want to disable compression.
The iSession profile properties screen opens.
g)
Check that Deduplication is set to Enabled.
8.
Log on to the WAN Optimization Module on the other side of the WAN to make sure that the iSession profiles it uses also have deduplication enabled on them.
Deduplication cache is where the system copies data that it has transferred before. The cache on the local endpoint is kept in sync with the cache on the remote endpoint. If the same or similar information is requested again, the optimized version of the data can be sent instead of sending it all again.
BIG-IP platform
What platform is the WAN Optimization Module running on? Memory and disk sizes vary for different hardware platforms, and this determines the maximum size that the system can reserve for deduplication cache.
Provisioning
What percentage of the system resources are allocated to the WAN Optimization Module? While minimal provisioning allocates fewer resources to WAN optimization, dedicated provisioning allocates more. If the module has more resources provisioned, more can be used for deduplication cache.
Disk or memory mode
Are you using disk or memory mode? The size of deduplication cache varies significantly, depending on whether you are storing it on disk or in memory.
Number of remote endpoints
What is the maximum number of remote endpoints configured on the system? The size of deduplication cache divided by the Maximum Number of Remote Endpoints value is the actual size of the deduplication cache that the WAN Optimization Module assigns to all local and remote endpoints. The deduplication cache size starts out the same on all of the endpoints.
Number of remote endpoints on the WAN Optimization Modules connected to this one
What is the maximum number of remote endpoints set on each of the remote endpoints? The local endpoint negotiates with each remote endpoint to determine the size of the deduplication cache, and the smallest amount is used for both endpoints.
For example, a company has a hub and spoke WAN Optimization Module configuration with four spokes, all using disk storage. The hub has 100 GB of disk storage and each of the spokes has 50 GB disk storage. You could configure the hub as having 4 as the Maximum Number of Remote Endpoints value and the spokes each having 1. The WAN Optimization Modules negotiate, and in the end, they divide the 100 GB on the hub by the number of endpoints (4) and set the deduplication cache for each pair to 25 GB.
If any of the remote endpoints is not using deduplication, the local endpoint does not allocate any deduplication cache. The deduplication cache size is set to 0.
After the systems are up and running, the size of deduplication cache could change. For example, if a BIG-IP system has a disk drive failure, the Mode on that WAN Optimization Module automatically changes from Disk to Memory and the size is renegotiated.
1.
On the Main tab of the navigation pane, expand WAN Optimization and click Configuration.
The Local Endpoint - Basic screen opens.
2.
On the menu bar, click Remote Endpoints.
The Remote Endpoints screen opens. The SDD Cache (MB) column displays the deduplication cache size in megabytes for each remote endpoint.
1.
On the Main tab of the navigation pane, expand WAN Optimization and click Dashboard.
The Overview screen of the dashboard opens.
2.
In the upper right corner, click Overview, and choose WAN Optimization Module.
The WAN Optimization screen of the dashboard opens.
3.
On the Remote Endpoints panel, select any of the remote endpoints.
One of the values shown is Deduplication Cache, followed by the number of megabytes reserved for storing data.
Under some circumstances, you may want to clear deduplication cache. For example, if you are testing the performance of symmetric data deduplication, you may want to clear the cache before you start and reset statistics to get accurate performance data. But typically, you do not want to clear the cache because it contains the data that the system has transferred before, and that will reduce the amount of time it takes to transfer similar data the next time.
You can use the Clear Dedup Cache button to clear the contents of the cache reserved for the remote endpoint on the system. The system communicates that the cache is cleared to the remote endpoint and the remote endpoint clears its cache as well. Therefore, you need only clear the cache on one of the WAN Optimization Modules in a pair, not both.
1.
On the Main tab of the navigation pane, expand WAN Optimization and click Configuration.
The Local Endpoint - Basic screen opens.
2.
On the menu bar, click Remote Endpoints.
The Remote Endpoints screen opens.
3.
Check the Select box next to the remote endpoints for which you want to clear the cache, and then click Clear Dedup Cache.
The system clears the cache it has reserved for the remote endpoint.
Common Internet File System (CIFS) is a remote file access protocol that forms the basis of Microsoft® Windows file sharing. Various CIFS implementations (for example, Samba) are also available on other operating systems such as Linux. CIFS is the protocol most often used for transferring files over the network.
The WAN Optimization Module can optimize CIFS traffic, resulting in faster performance in situations such as the following:
Transfer of files that use CIFS protocol: Optimization makes it faster to download and upload files.
Opening Microsoft applications: Optimization makes it faster to open files over the network.
Saving files: Optimization makes it faster to save files over the network.
Directory browsing: Optimization makes it faster when browsing directories on networked drives.
By default, when you configure the WAN Optimization Module, CIFS traffic is not optimized. Optimizing CIFS traffic on the initiating (client) side involves two main tasks:
Creating a CIFS optimization policy, which is a virtual server that identifies the CIFS traffic and has profiles that determine how to optimize the traffic. The WAN Optimization Module can create a CIFS policy automatically, or you can create it manually using Local Traffic Manager. The CIFS optimization policy listens on port 445.
Creating an iSession virtual server to terminate the tunnel connection on the remote endpoint.
On the initiating or client side WAN Optimization Module, you need to create a CIFS optimization policy. The easiest way to do this is from the Optimization Policies screen. The CIFS optimization policy that the system creates is a virtual server called cifs_optimize.
1.
On the Main tab of the navigation pane, expand WAN Optimization and click Configuration.
The Local Endpoint - Basic screen opens.
2.
On the menu bar, click Optimization Policies.
The Optimization Policies screen opens, where a list of all virtual servers with iSession profiles is displayed. If you see cifs_optimize on the list, the system already has a CIFS optimization policy.
Tip: To view or edit the settings of a virtual server on the list, click its name to go to the virtual server screen.
3.
Click Create.
The Common Application Optimization Policies screen opens.
4.
Select cifs_optimize and click Apply.
The system creates the cifs_optimize virtual server and associates the appropriate WAN optimization profiles with it.
For CIFS optimization to work, the WAN Optimization Module on the other side of the WAN (the receiving side) needs to have an isession-virtual server with a tunnel profile that accepts the CIFS connections. The WAN Optimization Module automatically creates an iSession virtual server that accepts optimization traffic if you set Create iSession Virtual Server to Yes on the Local Endpoint screen. If you have configured that system as described in Chapter 3, Configuring WAN Optimization for the First Time, you do not need to do anything special.
When both WAN Optimization Modules are configured, the systems can begin to optimize CIFS traffic. You can use the dashboard to see how much bandwidth gain is being saved (using compression and deduplication) and how much latency is reduced as a result of optimizing CIFS traffic.
The Bandwidth Gain panel of the dashboard shows the amount of improved throughput as a result of compression and deduplication for CIFS data transfers. The Current Ratio gauge shows the ratio of increased bandwidth gain by comparing the raw data to the optimized data. The graph shows both the raw CIFS data and the optimized CIFS data in bits per second.
1.
On the Main tab of the navigation pane, expand WAN Optimization and click Dashboard.
The WAN Optimization screen of the dashboard opens.
2.
In the Bandwidth Gain panel, from the bandwidth gain type menu, choose CIFS, then select one of the following:
In to show the gain in bandwidth for CIFS traffic coming in from the WAN.
This is where you view bandwidth gain for CIFS traffic on the initiating (client) side for files coming from the other side of the WAN.
This is where you view bandwidth gain for CIFS traffic on the receiving (server) side for files transferring to the other side of the WAN.
Out to show the gain in bandwidth for CIFS traffic going out onto the WAN.
This is where you view CIFS bandwidth gain on the initiating (client) side for files transferring to the other side of the WAN.
This is where you view CIFS bandwidth gain on the receiving (server) side for files coming from the other side of the WAN.
Figure 5.2 shows bandwidth gain for CIFS traffic coming in from the WAN on the client side WAN Optimization Module. In the figure, the gauge indicates a 4-to-1 improvement for bandwidth gain as a result of optimizing CIFS traffic.
Figure 5.3 shows CIFS effectiveness (or latency reduction) for files being transferred in from the WAN. In the figure, the Current Value Read Ahead bar chart shows 90% effectiveness, which represents the percentage of read requests that were faster because the system used local cached data rather than data coming over the WAN.
If you are familiar with the BIG-IP system and want to manually create custom virtual servers for optimizing CIFS traffic, you can create them using Local Traffic Manager. You need to manually create a virtual server for CIFS traffic only if you have a networking setup that requires special settings. The default CIFS optimization policy works effectively in most cases. You can find background information about creating virtual servers in the Configuration Guide for BIG-IP® Local Traffic Management.
The following procedure describes the settings and profiles needed if you are going to manually configure a virtual server to optimize CIFS traffic. When you create the virtual server, you apply a cifs profile. The WAN Optimization Module includes a cifs profile that is automatically created, and cannot be edited.
You typically create virtual servers for CIFS optimization on the initiating (client) side WAN Optimization Module. If file transfers initiate from clients on both sides of the WAN, you need a CIFS optimization policy on both WAN Optimization Modules.
1.
On the Main tab of the navigation pane, expand Local Traffic and click Virtual Servers.
The Virtual Servers screen opens.
2.
On the upper right portion of the screen, click the Create button.
The New Virtual Server screen opens.
3.
For the Configuration setting, select Advanced.
a)
In the Name box, type a name for the virtual server (it is a good idea to include cifs in the name).
b)
In the Destination Address box, type the address where the CIFS traffic is headed. If you want to optimize all CIFS traffic, for the Type, click Network, and type 0.0.0.0 for both the Address and Mask.
c)
For the Service Port, type 445 (or the port your organization uses for CIFS traffic) so the virtual server intercepts all CIFS traffic.
d)
For the Protocol Profile (Client), select wom-tcp-lan-optimized.
e)
For the Protocol Profile (Server), select wom-tcp-wan-optimized.
f)
For the SSL Profile (Server), select wom-default-serverssl to manage server-side SSL traffic.
g)
For the VLAN Traffic setting, select Enabled on, and in the VLAN List, use the move button (<<) to move the VLANs for which the virtual server is enabled into the Selected box.
h)
If you specified a Host Address for the Destination, click to clear the Address Translation setting.
i)
For the CIFS profile, select cifs to perform special optimizations that speed up CIFS traffic including Read Ahead and Write Behind techniques.
j)
For the Tunnel Profile, select None.
k)
For the iSession Profile, select isession or a customized iSession profile that descends from isession, and set the Context to server.
5.
Click Finished to save the CIFS virtual server.
MAPI (Messaging Application Program Interface) is the email protocol that Microsoft® Exchange Server and Outlook® clients use to exchange messages. It enables applications to send and receive email (with document attachments) and calendar appointments. Because companies transfer so much information through email, optimizing MAPI traffic can lead to an increase in application performance and user productivity.
The WAN Optimization Module can optimize MAPI traffic to reduce the amount of bandwidth required to transfer the data across the WAN for any application that uses MAPI. You can configure MAPI to optimize traffic on any WAN Optimization Module, but it is most important on the client side, the side that initiates the requests to the Exchange Server.
By default, when you configure the WAN Optimization Module, MAPI traffic is not optimized. Optimizing MAPI traffic (on the initiating or client side) involves these tasks:
Disabling the native compression in Microsoft Exchange so the WAN Optimization Module can use symmetric adaptive compression for better results.
Disabling encryption for clients (on the Microsoft Exchange settings, Security tab, clear the Encrypt data between Microsoft Office Outlook and Microsoft Exchange check box) because encrypted traffic cannot be optimized.
Creating virtual servers for all Exchange Servers by configuring the WAN Optimization Module to automatically discover them, or by creating them manually using Local Traffic Manager.
Creating MAPI optimization application policies, which are virtual servers that identify the MAPI traffic and have profiles that determine how to optimize the traffic. The WAN Optimization Module can create a MAPI policy automatically, or you can create it manually using Local Traffic Manager. The MAPI optimization policy listens on port 135, the port on which the Endpoint Mapper typically operates. (The Endpoint Mapper service maps services to their currently assigned ports.)
The simplest way to configure MAPI is to configure the WAN Optimization Module so that it automatically adds Exchange Servers. Then, if the company adds new Exchange Servers to the network or the IP addresses of existing ones change, the WAN Optimization Module discovers the changes and creates new MAPI virtual servers for the new and moved Exchange Servers.
The receiving (server) side WAN Optimization Module needs to have an iSession virtual server that completes the connection with the initiating or client side.
To enable MAPI optimization, you need to have a virtual server for each Exchange Server so that the system can locate the MAPI traffic (by using the Exchange Server IP address) and can then optimize it. You can set up the system to automatically configure Exchange Servers and create the associated virtual servers for each one. You enable MAPI optimization on the initiating side (client) side WAN Optimization Module.
1.
On the Main tab of the navigation pane, expand WAN Optimization and click Configuration.
The Local Endpoint - Basic screen opens.
2.
From the Local Endpoint menu, choose Advanced.
The Local Endpoint - Advanced screen opens.
3.
For Disable Native Exchange Compression, select Yes to turn off Microsoft Exchange compression so the WAN Optimization Module can efficiently use its compression and deduplication features. The default value is Yes.
4.
For Automatically Discover Exchange Server, select the appropriate setting:
Select Yes if you want the system to automatically discover Exchange Servers and create a virtual server for each one. After saving the values, proceed to Creating a MAPI optimization policy.
Tip: Selecting Yes is the simplest way to configure MAPI and keep the Exchange Server virtual servers up to date.
Select No if you want to manually create virtual servers for each Exchange Server. After saving the values, refer to Manually creating virtual servers for Exchange Servers, following. The default value is No.
5.
Click the Save button to save the values.
If you do not want the WAN Optimization to automatically create virtual servers for Exchange Servers, you can create them using Local Traffic Manager. You can find details about creating virtual servers in the Configuration Guide for BIG-IP® Local Traffic Management.
The following procedure describes the settings and profiles needed if you are going to manually configure virtual servers for Exchange Servers in order to optimize MAPI traffic. You create virtual servers for Exchange Servers on the initiating (client) side WAN Optimization Module.
Note: Skip this procedure if you selected the Automatically Discover Exchange Server setting on the Local Endpoint - Advanced screen.
2.
On the Main tab of the navigation pane, expand Local Traffic and click Virtual Servers.
The Virtual Servers screen opens.
3.
On the upper right portion of the screen, click the Create button.
The New Virtual Server screen opens.
4.
For the Configuration setting, select Advanced.
a)
In the Destination Address box, type the address of the Microsoft Exchange Server.
b)
For the Service Port, select * All Ports so the virtual server intercepts all traffic headed for the destination address.
c)
For the Protocol Profile (Client), select wom-tcp-lan-optimized.
d)
For the Protocol Profile (Server), select wom-tcp-wan-optimized.
e)
For the SSL Profile (Server), select wom-default-serverssl.
f)
If you specified a Host Address for the Destination, click to clear the Address Translation setting.
g)
For the MAPI profile, select mapi.
h)
For the Tunnel Profile, select None.
i)
For the iSession Profile, select isession or a customized iSession profile that descends from isession.
Click Repeat to save this virtual server and add more virtual servers for other Exchange Servers.
Click Finished if you are done adding virtual servers.
On the initiating (client) side WAN Optimization Module, you need to create a MAPI optimization policy. The easiest way to do this is from the Optimization Policies screen. The MAPI optimization policy that the system creates is a virtual server called mapi_optimize.
1.
On the Main tab of the navigation pane, expand WAN Optimization and click Configuration.
The Local Endpoint - Basic screen opens.
2.
On the menu bar, click Optimization Policies.
The Optimization Policies screen opens, and a list of all virtual servers with iSession profiles is displayed.
Tip: To view or edit the settings of a virtual server on the list, click its name to go to the virtual server screen.
3.
Click Create.
The Common Application Optimization Policies screen opens.
4.
Select mapi_optimize and click Apply.
The system creates the mapi_optimize virtual server and associates the appropriate WAN optimization profiles with it.
For MAPI optimization to work, the WAN Optimization Module on the other side of the WAN (the receiving side) needs to have an isession-virtual virtual server with a tunnel profile that accepts the MAPI connections.
By default, the WAN Optimization Module automatically creates an iSession virtual server that accepts optimization traffic when you configure the local endpoint. If you have configured that system as described in Chapter 3, Configuring WAN Optimization for the First Time, you do not need to do anything special to set up MAPI optimization on the remote endpoint. You can begin transferring MAPI traffic over the WAN, and the WAN Optimization Module optimizes it.
After you begin to optimize MAPI traffic, you can use the dashboard to see how much bandwidth is being saved as a result of optimizing MAPI traffic.
1.
On the Main tab of the navigation pane, expand WAN Optimization and click Dashboard.
The WAN Optimization screen of the dashboard opens.
2.
In the Bandwidth Gain panel, from the bandwidth gain type menu, choose MAPI, then select one of the following:
In to show the gain in bandwidth for MAPI traffic coming in from the WAN.
Out to show the gain in bandwidth for MAPI traffic going out to the WAN.
The dashboard shows the amount of improved throughput for MAPI data transfers. The Current Ratio gauge shows the ratio of increased bandwidth gain by comparing the raw data to the optimized data. The graph shows both the raw MAPI data and the optimized MAPI data in bits per second.
Figure 5.4 shows bandwidth gain for MAPI traffic coming in from the WAN on the client side WAN Optimization Module. In the figure, the bandwidth gain shows a 3-to-1 improvement as a result of MAPI optimization. In this case, a client is receiving email traffic over the WAN, and the traffic coming in is being optimized.
To optimize HTTPS traffic, you need to perform some additional configuration on the initiating and receiving WAN Optimization Modules. The following points provide an overview of the procedure.
Initiating WAN Optimization Module
Configure the initiating WAN Optimization Module as described in Chapter 3, Configuring WAN Optimization for the First Time. Here are additional steps you need to take:
2.
Include https in the name of the optimization policy (for example, call it https_optimize).
3.
Use Local Traffic Manager to create a pool with one member. For the member, use the IP address of the re-encrypt virtual server that you will create on the remote endpoint and select HTTP for the service port. (For details on creating pools, see the Configuration Guide for BIG-IP® Local Traffic Management.)
5.
Configure the SSL Profile (Client) to use the profile appropriate for decrypting SSL traffic.
6.
On the Resources tab of the https virtual server, for the Default Pool, select the pool you created in step 3.
Receiving WAN Optimization Module
Configure the receiving WAN Optimization Module as described in Chapter 3, Configuring WAN Optimization for the First Time. Here are additional steps you need to take:
1.
Create a custom iSession profile whose parent is the isession profile, and specify a Target Virtual server name other than none. (For details, see Customizing the iSession profile.)
2.
On the Optimization Policies screen, click the name of the isession-virtual server (the system automatically creates this virtual server if you use the default values).
3.
Select the new iSession Profile you created, and set the Context setting to client.
4.
Use Local Traffic Manager to create a pool with one member. For the member, use the IP address of the HTTPS server and select HTTPS for the service port. (For details on creating pools, see the Configuration Guide for BIG-IP® Local Traffic Management.)
5.
Create a virtual server to re-encrypt the HTTPS traffic on its way to the server (for details, see Configuring Virtual Servers, in the Configuration Guide for BIG-IP® Local Traffic Management).
a)
On the re-encrypt virtual server, configure the SSL Profile (Server) setting to use the default serverssl profile (or one you created).
b)
On the re-encrypt virtual server (in the Resources section), for the Default Pool setting, select the pool you created in step 4.
6.
On the Local Endpoint - Basic screen, include the IP address of the re-encrypt virtual server as an advertised route.
The iSession profile tells the system how you want to optimize traffic. You associate the iSession profile with any virtual server that handles traffic that you want to optimize. On the iSession profile, you can enable or disable several settings:
The isession profile itself
The WAN Optimization Module includes an isession profile, by default. In certain circumstances, you may want to create a custom iSession profile to change the way it handles traffic. We recommend not changing the default isession profile and creating a custom profile in this case.
1.
On the Main tab of the navigation pane, expand Local Traffic and click Profiles, then Services and then iSession.
The iSession Profiles screen opens.
2.
On the upper right portion of the screen, click the Create button.
The New Profile screen opens.
3.
In the Name box, type a name for the iSession profile.
4.
Leave the Mode set to Enabled.
5.
For the Compression methods, enable at least one of the options.
At least one option must match an option on the iSession profile on the system on the other side of the tunnel. For details, see Configuring symmetric adaptive compression.
6.
For the Deduplication setting, leave the default of Enabled if you want to use this feature.
The iSession profile on the system on the other side of the tunnel must also have this setting Enabled. For additional details, see Configuring symmetric data deduplication.
7.
For the Port Transparency setting, select either:
Enabled: Specifies that the destination port of the traffic is preserved over the WAN. This is the default setting.
Disabled: Specifies that the destination port is not preserved. The system sends traffic to the tunnel port.
8.
For the Reuse Connection setting, select either:
Enabled: Specifies that the system saves and reuses the tunnel between the local and remote endpoints for multiple connections. This is the default setting.
Disabled: Specifies that the system creates a new tunnel for each connection.
9.
For the Target Virtual setting, set it to none on the initiating WAN Optimization Module. On the receiving WAN Optimization Module, if you want the isession-virtual (or other terminating virtual server) to target another virtual server before going to the server, select the option for the matching criteria that the system uses:
none: Specifies that the system should send the iSession traffic directly to the server. This is the default setting.
host match no isession: Specifies that the system matches only host virtual servers with no iSession profile.
host match all: Specifies that the system selects the closest match from all the host virtual servers.
match all: Specifies that the system selects the closest match from all the virtual servers.
10.
For the Endpoint Pool setting, leave it set to the default value of None.
Table of Contents   |   << Previous Chapter   |   Next Chapter >>

Was this resource helpful in solving your issue?




NOTE: Please do not provide personal information.



Incorrect answer. Please try again: Please enter the words to the right: Please enter the numbers you hear:

Additional Comments (optional)