Applies To:
Show Versions
WANJet
- 4.0.0
3
Installation
WANJet appliance deployment
This chapter provides key information about the WANJet appliance installation and configuration guidelines. There are several ways to deploy a WANJet appliance on your network. The options consist of:
The way you choose to deploy the WANJet appliance depends on your current network topology and requirements.
In-line deployment
In-line deployment is the most basic way to deploy the WANJet appliance. You can scale in-line deployment from a simple point-to-point configuration to a point-to-multi-point configuration.
Point-to-point configuration
Point-to-point configuration is the simple one-to-one topology where an F5 appliance is placed at each end of the WAN between the respective WAN Router and LAN Switch. Each WANJet appliance is configured to search for traffic matching specified source and destination subnets. If the local WANJet appliance detects a match, then traffic is processed and sent down a WANJet tunnel to the remote WANJet appliance that reverses the process and delivers the packets exactly as they were. If there is no match, the local WANJet appliance acts as a bridge, and passes the packets unaltered to the WAN.
Point-to-multi-point configuration
Point-to-multi-point configuration involves three or more F5 appliances. Figure 3.2 illustrates a deployment that consists of five appliances that are connected to each other across intranets and the internet.
As with the point-to-point configuration, the WANJet appliance processes traffic that matches user-specified source and destination subnets, and then delivers it across the WAN through a tunnel to the appropriate WANJet appliance.
One-arm deployment
A one-arm deployment is more complex than an in-line deployment. To decide on the optimal configuration for your system, it helps to understand the three types of one-arm deployment.
- Using static routing
The WANJet is connected to the LAN switch, and the LAN switch is in turn connected to all of the clients on the network, as well as to the router. Every client on the LAN is configured with the WANJet appliance as its default gateway. All client traffic is routed to the WANJet appliance. - Using transparent proxy statically
The WANJet appliance is connected to the router directly and is transparent to the rest of the LAN clients. - Using transparent proxy with the WCCP v2 protocol
The WANJet appliance is connected to the router directly and is transparent to the LAN clients. All LAN traffic is routed to the WANJet appliance. This part is identical to static transparent proxy.
You can configure the WANJet appliance to optimize specific traffic, apply different services on specific traffic, and leave other traffic untouched. The WANJet appliance sends all this traffic back to the router.
The router (as per a configured routing rule) directs to the WANJet appliance only traffic that the WANJet appliance is configured to process (optimize or applying specific services). The router is configured so that the passthrough traffic is not sent to the WANJet appliance. If you do not configure the router in this way, the passthrough traffic sent to the WANJet appliance is dropped. In accordance with the WANJet configuration, it optimizes specific traffic, and then sends all the traffic back to the router.
The difference is that the WANJet appliance communicates with the router using the WCCP v2 protocol. In accordance to its configuration, the WANJet appliance determines which traffic to optimize, and which traffic to apply services to. The rest of the traffic is sent back to the router for proper handling.
The advantage to this deployment method is that it is more tolerant of a failure. If the WANJet appliance is down, the router compensates and handles the traffic properly without sending it back to the WANJet appliance.
Firewall guidelines
If the WANJet appliance is placed behind a firewall, you must open certain ports. Table 3.1 lists the ports that you must open to allow the traffic to pass through the firewall.
You must also allow the ICMP protocol to pass through the firewall, so that the WANJet appliance can be pinged.
Hardware installation
See the Quick Start Card for the F5 WANJet 200 or WANJet 400 appliance for information about installing WANJet appliances and connecting them to your network.
Site information worksheet
Use the following site information sheet to capture all relevant site data. When you complete the site information sheet, attach a detailed network diagram for each WANJet appliance site.
