Published On: August 6ᵗʰ, 2019 02:02
Configuration Guide for Integrated AppNav/AppNav-XE and ISR-WAAS on Cisco 4000 Series ISRs
This guide provides an overview of the ISR-WAAS and AppNav-XE component on Cisco ISR 4451-X in Cisco IOS-XE Release 3.9, and describes the quick start process to easily configure the features. It also provides details of the CLI commands along with examples and troubleshooting tips.
- ISR-WAAS: Virtualized WAAS in a Cisco IOS-XE container.
- AppNav Controller: Component that intelligently distributes traffic from a router to services.
- AppNav service node auto discovery feature: Feature that automatically discovers service nodes and adds them to an AppNav cluster. See the “About the AppNav Service Node Auto Discovery Feature” section.
- EZConfig: A CLI-based, simplified deployment of the AppNav-XE component and the ISR-WAAS solution on the Cisco ISR 4451-X.
- WAAS Central Manager (WCM): Used to monitor and configure the vWAAS application.
The AppNav-XE component is made up of a distribution unit called the AppNav Controller and service nodes. The AppNav Controller distributes flows and the service nodes process the flows. Additionally up to four AppNav Controllers can be grouped together to form an AppNav Controller group to support asymmetric flows and high availability. Note that all the routers in the AppNav Controller group need to be the same platform and also have the same memory capacity.
- Advantage of Using the AppNav-XE Component
- Interoperability of the AppNav-XE Component
- About Configuring the AppNav-XE Component
- It can intelligently redirect new flows based on the load on each service node. This includes loads of individual L7 application accelerators.
- For flows that do not require any optimization, service nodes can inform the AppNav Controller to directly pass-through the packets, thereby minimizing the latency and resource utilization.
- There is no impact to traffic when adding or removing service nodes.
- The AppNav-XE component supports VRF so that VRF information is preserved when traffic returns from a service node.
- For special applications such as MAPI (Exchange) and VDI (Citrix), the AppNav-XE component ensures that flows from the same client and destined to the same server and server port are redirected to the same service node.
- You can use an AppNav Controller group to optimize asymmetric flows. An asymmetric flow is when the traffic in one direction goes through one AppNav Controller and the return traffic goes through a different AppNav Controller, but both AppNav Controllers redirect the traffic to the same service node.
- Inter-router high availability, where if one router goes down, traffic can be rerouted to a different router within the AppNav Controller group, keeping the traffic flows uninterrupted.
- NAT (Note that the video application accelerator is disabled and that asymmetric routing and inter-router high availability handled both by the AppNav-XE component and NAT is not supported.)
- AVC 2.0 (FNF, NBAR) (Note that AVC 2.0 does not support symmetric routing and inter-router high availability.)
- MPLS (The supported topology is an MPLS network on the WAN side and an IP network on the LAN side.)
- WCCP-AppNav-XE coexistence (WCCP and AppNav-XE can be configured on the same interface only if they act on different flows. Use ACLs for this. WCCP and AppNav XE can be configured on different interfaces—AppNav-XE on WAN and WCCP on LAN (supported on Cisco IOS-XE Release 3.10 and later.)
- PBR/PFR (supported on Cisco IOS-XE Release 3.10.1 and later)
The AppNav-XE component introduces the concept of a virtual interface, which allows users to configure features specific to compressed or uncompressed traffic. For instance, to monitor the traffic that is being redirected to the service node and the traffic that is returning from the service node, you can configure the FNF feature on the AppNav-UnCompress and AppNav-Compress virtual interfaces. Note that these AppNav-XE virtual interfaces appear to the user just as any other interface. However from the above list, the only features that work on the AppNav-XE virtual interfaces are FNF, ACL, and QoS (except for queueing).
- You must identify the WAN interfaces for the router that is running the AppNav Controller. The AppNav Controller intercepts packets on both ingress and egress of WAN interface. Only configure the AppNav Controller on WAN interfaces, including all WAN interfaces that will be load balancing.
- Do not use the VRF to access the service node from the AppNav Controller. Neither the service node nor the AppNav Controller IP address should have VRF on the AppNav Controller.
- You can use port channel between the AppNav Controller and the service nodes to increase AppNav Controller-service node bandwidth.
- The config replace command cannot be used with AppNav-XE configuration.
- If you use an AppNav Controller group with two or more AppNav Controllers, the AppNav-XE configuration on all the AppNav Controllers must be the same. This also means that the names of the AppNav policy maps and class maps on the AppNav Controllers need to match. Also the VRF names for the traffic seen by the AppNav-XE component need to be the same on all the AppNav Controllers.
- If AppNav-XE is managed by WCM, the authentication key in the service-context configuration cannot be modified using the command line interface (CLI).
For additional information and caveats about configuring the AppNav-XE component, see Chapter 3, “Detailed Configuration”.
The AppNav service node auto discovery feature is targeted for small branch installations. With this feature, the system automatically discovers the service nodes within the same L2 connectivity of the AppNav router and adds them to the service node cluster.
The term “container” refers to the KVM hypervisor that runs virtualized applications on the Cisco ISR 4451-X. The term “host” refers to the primary operating system running on a system. For ISR-WAAS on Cisco ISR 4451-X, the host is defined as a Cisco ISR 4451-X running on Cisco IOS XE Release 3.9.
The Virtualization Manager tasks vary depending on the phase of the virtual service deployment. Table 1-1 summarizes this information.
The Cisco ISR 4451-X requires more resources depending on the ISR-WAAS profile that you install. See Table 1-2 .
Step 4 To verify that the license is enabled, review the output of the command. Verify that the appxk9 package license is active and in use. The output for “Feature: appxk9” should show “License State: Active, In Use”. Here is an example: