Web Cache Communication Protocol

Last updated September 06, 2023

Web Cache Communication Protocol (WCCP) is a Cisco-developed content-routing protocol that provides a mechanism to redirect traffic flows in real-time. It has built-in load balancing, scaling, fault tolerance, and service-assurance (failsafe) mechanisms. Cisco IOS Release 12.1 and later releases allow the use of either Version 1 (WCCPv1) or Version 2 (WCCPv2) of the protocol.

Protocol Versions

WCCPv1

Only a single router services a cluster of systems
Supports HTTP (TCP port 80) traffic flows only
Provides generic routing encapsulation (GRE) to prevent packet modification
Routers and cache engines communicate to each other via a control channel based on UDP port 2048

WCCPv2

Allows for use across up to 32 routers (WCCP servers)
Supports up to 32 engines/accelerators (WCCP clients)
Supports any IP protocol including any TCP or UDP
Supports up to 255 service groups (0-254)
Adds MD5 shared secret security

Primary WCCP functions

Registration

Accelerator or Engine is a WCCP client
- Registers WCCP services (0-254) with “Here I Am” if application is operational
- Registration announces WCCP client on service group, provides availability notification, requests interesting traffic
- Transmits “Here I Am” every 10 seconds
- Lead WCCP client (lowest IP address) instructs routers on protocol/port, assignment, forwarding, and return methods
Router is a WCCP server
- Accepts service group registration (0-254)
- Acknowledges “Here I Am” with “I See You”
- Waits 30 (3x10) seconds before declaring engine failed
- Announce engines to other engines
- Router id is highest interface IP or highest loopback IP if one exists
- Redirects traffic to engine

Assignment

Selects an engine in the cluster
Hash 256 buckets
Mask 128 buckets represented by 7 bit mask of the source or destination IP/Port

Redirect from Router to Cache Engine

Redirect list allows router to permit/deny traffic to intercept
Two methods of redirection:
- WCCP L2: Local subnet only, little overhead. Rewrites packet MAC address to that of the local Engine
- WCCP GRE: Any IP-Subnet, more overhead. Creates tunnel from router to local or remote Engine.

Return from Cache Engine to Router

WCCP GRE return.
WCCP L2 return.
Engine can optionally return traffic any other way including routing.

Products that implement WCCP

Whilst originally designed for Cisco's Content Cache appliance they have since added support to other products, including:

ASR 1000 Routers ^[1]
Application & Content Networking System (ACNS)
Wide Area Application Services (WAAS)
ASA/PIX Firewalls
Some IOS versions
IronPort S-Series Web Security Appliance
Nexus 7000 Switches

Other vendors have also implemented WCCP support into their products, as it allows clustering and transparent deployment on networks using Cisco routers/switches without additional hardware. WCCP is of particular use to vendors of web cache/proxy/security appliances for redirection of web traffic. Please note that some vendors did not follow the standards when implementing WCCP and this could result in intercompatibility problems.

A list includes:

Company	Product
Array Networks	Accelera
EdgeWave	iPrism Web Gateway
A10 Networks	Transparent Cache Switching (TCS)
Aladdin/SafeNet	eSafe Web
ApplianSys	CACHEbox
Arahe SiteCelerate	SiteCelerate
Barracuda Networks	Barracuda Web Filter
Bloxx	Bloxx Secure Web Gateway
Blue Coat	ProxySG, CacheFlow
Citrix	CloudBridge (formerly known as "Branch Repeater & WANScaler")^[2]
CensorNet Ltd	CensorNet Professional web filter
Clearswift	Clearswift SECURE Web Gateway
CYAN Network Security	CYAN Secure Web
Cymphonix Corp.	Network Composer/Conductor
Exinda WCCPv2 support for Web Cache
F5 Networks	BIG-IP
Fortinet	FortiGate (4.0 upwards), FortiCache (2.0 and upwards) and FortiProxy Appliances/VMs
iboss	iboss' Distributed Gateway Platform
Ideco	Ideco UTM
Alcatel-Lucent	OmniSwitch series with AOS version 6.4.4
Trustwave	Secure Web Gateway Formerly M86 Security/Finjan
MARA Systems	CacheMARA
McAfee	McAfee Web Gateway Formerly Webwasher
Microdasys	SCIP SSL Content Proxy
NetApp	NetCache (no longer available)
PerfTech, Inc.	Bulletin System
Replify	Accelerator
Riverbed Technology	Steelhead
Sangfor Technologies	WAN Optimization Appliance
Silver Peak	NX Series
Apache	Apache Traffic Server ^[3]
SmoothWall Ltd	Guardian Web Content Filters
Sophos	Web Appliance
Squid	Squid
Stampede Technologies	Stampede Application Acceleration Series
Taghos Tecnologia	Hyper Cache
Trend Micro	IWSVA 3.x/5.x and 6.x
Forcepoint	Web Security Gateway
WebTitan	WebTitan Web Filtering Appliance
Wedge Networks	BeSecure
XipLink	XA Optimizers

Related Research Articles

The Dynamic Host Configuration Protocol (DHCP) is a network management protocol used on Internet Protocol (IP) networks for automatically assigning IP addresses and other communication parameters to devices connected to the network using a client–server architecture.

Gnutella is a peer-to-peer network protocol. Founded in 2000, it was the first decentralized peer-to-peer network of its kind, leading to other, later networks adopting the model.

The Internet Control Message Protocol (ICMP) is a supporting protocol in the Internet protocol suite. It is used by network devices, including routers, to send error messages and operational information indicating success or failure when communicating with another IP address, for example, an error is indicated when a requested service is not available or that a host or router could not be reached. ICMP differs from transport protocols such as TCP and UDP in that it is not typically used to exchange data between systems, nor is it regularly employed by end-user network applications.

Open Shortest Path First (OSPF) is a routing protocol for Internet Protocol (IP) networks. It uses a link state routing (LSR) algorithm and falls into the group of interior gateway protocols (IGPs), operating within a single autonomous system (AS).

The Routing Information Protocol (RIP) is one of the oldest distance-vector routing protocols which employs the hop count as a routing metric. RIP prevents routing loops by implementing a limit on the number of hops allowed in a path from source to destination. The largest number of hops allowed for RIP is 15, which limits the size of networks that RIP can support.

Network address translation (NAT) is a method of mapping an IP address space into another by modifying network address information in the IP header of packets while they are in transit across a traffic routing device. The technique was originally used to bypass the need to assign a new address to every host when a network was moved, or when the upstream Internet service provider was replaced, but could not route the network's address space. It has become a popular and essential tool in conserving global address space in the face of IPv4 address exhaustion. One Internet-routable IP address of a NAT gateway can be used for an entire private network.

In computer networking, a proxy server is a server application that acts as an intermediary between a client requesting a resource and the server providing that resource. It improves privacy, security, and performance in the process.

Universal Plug and Play (UPnP) is a set of networking protocols that permits networked devices, such as personal computers, printers, Internet gateways, Wi-Fi access points and mobile devices to seamlessly discover each other's presence on the network and establish functional network services. UPnP is intended primarily for residential networks without enterprise-class devices.

A multilayer switch (MLS) is a computer networking device that switches on OSI layer 2 like an ordinary network switch and provides extra functions on higher OSI layers. The MLS was invented by engineers at Digital Equipment Corporation.

A content delivery network, or content distribution network (CDN), is a geographically distributed network of proxy servers and their data centers. The goal is to provide high availability and performance by distributing the service spatially relative to end users. CDNs came into existence in the late 1990s as a means for alleviating the performance bottlenecks of the Internet as the Internet was starting to become a mission-critical medium for people and enterprises. Since then, CDNs have grown to serve a large portion of the Internet content today, including web objects, downloadable objects, applications, live streaming media, on-demand streaming media, and social media sites.

NetFlow is a feature that was introduced on Cisco routers around 1996 that provides the ability to collect IP network traffic as it enters or exits an interface. By analyzing the data provided by NetFlow, a network administrator can determine things such as the source and destination of traffic, class of service, and the causes of congestion. A typical flow monitoring setup consists of three main components:

In computer networks, a tunneling protocol is a communication protocol which allows for the movement of data from one network to another. It involves allowing private network communications to be sent across a public network through a process called encapsulation.

<span class="mw-page-title-main">LogMeIn Hamachi</span> Virtual private network application

LogMeIn Hamachi is a virtual private network (VPN) application developed and released in 2004 by Alex Pankratov. It is capable of establishing direct links between computers that are behind network address translation (NAT) firewalls without requiring reconfiguration. Like other VPNs, it establishes a connection over the Internet that emulates the connection that would exist if the computers were connected over a local area network (LAN).

A UDP Helper Address is a special router configuration used to forward broadcast network traffic from a client machine on one subnet to a server in another subnet.

IP SLA is an active computer network measurement technology that was initially developed by Cisco Systems. IP SLA was previously known as Service Assurance Agent (SAA) or Response Time Reporter (RTR). IP SLA is used to track network performance like latency, ping response, and jitter, it also helps us to provide service quality.

Cisco NAC Appliance, formerly Cisco Clean Access (CCA), was a network admission control (NAC) system developed by Cisco Systems designed to produce a secure and clean computer network environment. Originally developed by Perfigo and marketed under the name of Perfigo SmartEnforcer, this network admission control device analyzes systems attempting to access the network and prevents vulnerable computers from joining the network. The system usually installs an application known as the Clean Access Agent on computers that will be connected to the network. This application, in conjunction with both a Clean Access server and a Clean Access Manager, has become common in many universities and corporate environments today. It is capable of managing wired or wireless networks in an in-band or out-of-band configuration mode, and Virtual Private networks (VPN) in an in-band only configuration mode.

In computing, Microsoft's Windows Vista and Windows Server 2008 introduced in 2007/2008 a new networking stack named Next Generation TCP/IP stack, to improve on the previous stack in several ways. The stack includes native implementation of IPv6, as well as a complete overhaul of IPv4. The new TCP/IP stack uses a new method to store configuration settings that enables more dynamic control and does not require a computer restart after a change in settings. The new stack, implemented as a dual-stack model, depends on a strong host-model and features an infrastructure to enable more modular components that one can dynamically insert and remove.

<span class="mw-page-title-main">Forwarding plane</span>

In routing, the forwarding plane, sometimes called the data plane or user plane, defines the part of the router architecture that decides what to do with packets arriving on an inbound interface. Most commonly, it refers to a table in which the router looks up the destination address of the incoming packet and retrieves the information necessary to determine the path from the receiving element, through the internal forwarding fabric of the router, and to the proper outgoing interface(s).

ApplianSys, founded in 2000, is a privately held venture capital-backed technology company based in Coventry, United Kingdom. It designs, builds and markets Internet server appliances that are deployed in more than 150 countries. Forrester Research have listed ApplianSys as being a key vendor in the worldwide IP Address Management market, with its DNS engine used in a third of all GPRS networks.

References

↑ "Unified-wan-services".
↑ http://support.citrix.com/servlet/KbServlet/download/19285-102-19716/wanscaler_users_guide_5.0_090217_no_change_bars.pdf section "WCCP Mode", page 81 Citrix Systems, Inc.
↑ "Apache Traffic Server 3.0 Accelerates Performance". 18 June 2011.

External links

Cisco
- Section WCCP Network Caching in the Cisco DocWiki (formerly known as the "Internetworking Technology Handbook")
- Section Configuring Web Cache Services Using WCCP in the "Cisco IOS Configuration Fundamentals Configuration Guide, Release 12.2"
- Section WCCPv2 and WCCP Enhancements in the feature guide for "Cisco IOS Software Releases 12.0 S"
Configure WCCP on your Cisco IOS router on TechRepublic
Web Cache Communication Protocol V2, revision 1 on IETF Web Site
How to set up WCCP on your Barracuda Web Filter in Barracuda Networks Knowledgebase

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.

[1] "Unified-wan-services".

[2] ttp://support.citrix.com/servlet/KbServlet/download/19285-102-19716/wanscaler_users_guide_5.0_090217_no_change_bars.pdf section "WCCP Mode", page 81 Citrix Systems, Inc.

[3] "Apache Traffic Server 3.0 Accelerates Performance". 18 June 2011.

[1]

[2]

[3]