WCCP Configuration

WCCP (Web Cache Communication Protocol) settings are applied at the network wccp level. To create a WCCP service group, use the following command:

Admin@nodename# create network wccp <parameter>

Available parameters:

Parameter

Description

enabled

Enable/disable the service group:

  • on

  • off

name

WCCP service group name.

description

A description of the service group.

password

The password to authenticate UserGate in the service group. The password must match the one specified on the WCCP servers.

fwd-type

Forwarding type from WCCP servers to UserGate:

  • l2: use L2 redirection. In this case, the router (WCCP server) replaces the destination MAC address in the packet with the UserGate address.

  • gre: use a GRE (Generic Routing Encapsulation) tunnel.

L2 redirection generally requires fewer resources than GRE, but the WCCP server and UserGate must reside in the same L2 segment. Not all WCCP server types support L2 redirection with WCCP clients.

ret-type

Forwarding type from UserGate to WCCP servers:

  • l2: using L2 redirection. In this case, UserGate (the WCCP client) changes the destination MAC address in the packet to that of the WCCP server.

  • gre: use a GRE (Generic Routing Encapsulation) tunnel.

L2 redirection generally requires fewer resources than GRE, but the WCCP server and UserGate must reside in the same L2 segment. Not all WCCP server types support L2 redirection with WCCP clients.

service-group

The numeric ID of the service group. Service group IDs must be identical on all devices in the group.

priority

The group's priority. If multiple service groups are applicable to the traffic managed by the WCCP server, the priority determines the order in which the server will distribute traffic to the WCCP clients.

ports

Ports to redirect (traffic destination ports). If necessary, multiple ports can be specified in the ports-to-redirect + [ 80 442 ] format.

Important! UserGate can only apply filtering to redirected TCP traffic with destination ports 80 and 443 (HTTP/HTTPS). Traffic sent to UserGate through other ports is sent to the Internet unfiltered.

ports-source

Redirection of traffic based on the source port values:

  • on

  • off

protocol

Select a protocol:

  • tcp: Transmission Control Protocol (TCP)

  • udp: User Datagram Protocol (UDP).

routers-lists

List of WCCP server IP addresses.

For more details about how to create IP address lists using CLI, see Configuring IP Addresses.

routers-ips

WCCP server IP addresses.

assignment-type

When there are multiple WCCP clients in a service group, the assignment type determines how traffic is distributed from the WCCP servers to the WCCP clients.

  • hash: distribute traffic based on a hash computed from the specified IP packet fields. The options are:

    • source-ip: calculate the hash based on the source IP address

    • source-port: calculate the hash based on the source port

    • dest-ip: calculate the hash based on the destination IP address

    • dest-port: calculate the hash based on the destination port

    • alt-source-ip: calculate an alternate hash based on the source IP address

    • alt-source-port: calculate an alternate hash based on the source port

    • alt-dest-ip: calculate an alternate hash based on the destination IP address

    • alt-dest-port: calculate an alternate hash based on the destination port.

  • mask: distribute traffic based on the result of a Boolean AND between the mask and the selected packet header. When selecting a mask, consult the vendor documentation for the WCCP server.

    • source-ip: mask by the source IP address

    • source-port: mask by the source port

    • dest-ip: mask by the destination IP address

    • dest-port: mask by the destination port

    • mask-value: mask value for the mask scheme. 16 bits for masking by port and 32 bits for masking by IP address. Specify the value in hexadecimal format.

To specify values for a WCCP service group or update information on it, use the following command:

Admin@nodename# set network wccp <service-group-name> <parameter>

Specify the parameters to update. The parameter values are listed in the table above.

To view information about a WCCP service group:

Admin@nodename# show network wccp <service-group-name>

Example commands to create and edit WCCP:

Admin@nodename# create network wccp name "Test service group" protocol tcp service-group 1 routers-ips [ 192.168.100.120 ] fwd-type l2 ret-type l2 ports [ 80 ] priority 1 password 12345 Admin@nodename# show network wccp "Test service group" name : Test service group enabled : off fwd-type : l2 ret-type : l2 service-group : 1 priority : 1 protocol : tcp ports : 80 assignment-type : hash source-ip : off source-port : off dest-ip : off dest-port : off alt-source-ip : off alt-source-port : off alt-dest-ip : off alt-dest-port : off routers-ips : 192.168.100.120 Admin@nodename# set network wccp "Test service group" description "Test service group description" service-group 100 Admin@nodename# show network wccp "Test service group" name : Test service group description : Test service group description enabled : off fwd-type : l2 ret-type : l2 service-group : 100 priority : 1 protocol : tcp ports : 80 assignment-type : hash source-ip : off source-port : off dest-ip : off dest-port : off alt-source-ip : off alt-source-port : off alt-dest-ip : off alt-dest-port : off routers-ips : 192.168.100.120

To remove a service group completely or some of its parameters:

Admin@nodename# delete network wccp <service-group-name>

You can delete the following parameters:

  • routers-lists.

  • routers-ips.

  • ports.