Cisco 11503 - CSS Content Services Switch Getting Started Manual Download Page 1

Page: 1 / 142

Corporate Headquarters

Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134-1706
USA
http://www.cisco.com
Tel: 408

526-4000

800 553-NETS (6387)

Fax: 408

526-4100

Cisco Content Services Switch
Getting Started Guide

Software Version 7.40
August 2004

Text Part Number: OL-6037-01

Summary of Contents for 11503 - CSS Content Services Switch

Page 1: ... Inc 170 West Tasman Drive San Jose CA 95134 1706 USA http www cisco com Tel 408 526 4000 800 553 NETS 6387 Fax 408 526 4100 Cisco Content Services Switch Getting Started Guide Software Version 7 40 August 2004 Text Part Number OL 6037 01 ...

Page 2: ...R INCIDENTAL DAMAGES INCLUDING WITHOUT LIMITATION LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES Cisco Content Services Switch Getting Started Guide Copyright 2004 Cisco Systems Inc All rights reserved CCSP the Cisco Square Bridge logo Cisco Unity Follow Me Browsing Fo...

Page 3: ...echnical Support Website xix Submitting a Service Request xix Definitions of Service Request Severity xx Obtaining Additional Publications and Information xx C H A P T E R 1 Booting Logging In and Getting Started 1 1 Booting and Logging In Quick Start 1 2 Booting the CSS for the First Time 1 3 Entering Your Software License Key 1 3 Configuring the Ethernet Management Port 1 4 Changing the Default ...

Page 4: ...name and Password 2 5 Creating Usernames and Passwords 2 6 Configuring the Ethernet Management Port 2 9 Configuring an IP Address and Subnet Mask for the Ethernet Management Port 2 10 Configuring Static Routes for the Ethernet Management Port 2 11 Configuring a Default Gateway for the Ethernet Management Port 2 12 Discarding ICMP Redirects on the Ethernet Management Port 2 13 Shutting Down the Eth...

Page 5: ... the Domain Name Service 3 1 Specifying a Primary DNS Server 3 1 Using DNS Resolve 3 2 Specifying a Secondary DNS Server 3 2 Specifying a DNS Suffix 3 2 Specifying UDP Traffic on the DNS Server Port 3 3 Where to Go Next 3 3 C H A P T E R 4 Configuring Sticky Cookies 4 1 Sticky Overview 4 1 Advanced Load Balancing Method Using Cookies 4 2 Sticky Based on a Configured String in an HTTP Cookie Header...

Page 6: ...ervices Switch Global Server Load Balancing Configuration Guide 4 39 Cisco Content Services Switch Redundancy Configuration Guide 4 41 Cisco Content Services Switch Security Configuration Guide 4 43 Cisco Content Services Switch SSL Configuration Guide 4 44 Cisco Content Services Switch Device Management User s Guide 4 48 A P P E N D I X A Troubleshooting the Boot Process A 1 Diagnostic Tests for ...

Page 7: ...vii Cisco Content Services Switch Getting Started Guide OL 6037 01 F I G U R E S Figure 2 1 CSS Directory Access Privileges 2 8 ...

Page 8: ...Figures viii Cisco Content Services Switch Getting Started Guide OL 6037 01 ...

Page 9: ... Services Switch Administration Guide 4 25 Table 5 3 Cisco Content Services Switch Routing and Bridging Configuration Guide 4 29 Table 5 4 Cisco Content Services Switch Content Load Balancing Configuration Guide 4 33 Table 5 5 Cisco Content Services Switch Global Server Load Balancing Configuration Guide 4 39 Table 5 6 Cisco Content Services Switch Redundancy Configuration Guide 4 41 Table 5 7 Cis...

Page 10: ...Tables x Cisco Content Services Switch Getting Started Guide OL 6037 01 ...

Page 11: ...d or optional Enhanced feature set The Enhanced feature set contains all of the Standard feature set and also includes Network Address Translation NAT Peering Domain Name Service DNS Demand Based Content Replication Dynamic Hot Content Overflow Content Staging and Replication and Network Proximity DNS Proximity Database and Secure Management which includes Secure Shell Host and SSL strong encrypti...

Page 12: ... the CSS on a routine basis Chapter 2 Configuring CSS Basics Provides information to configure the username and password Ethernet management port static IP routes and the date and time Chapter 3 Configuring the Domain Name Service Provides information to configure the Domain Name Server for hostname resolution Chapter 4 Configuring Sticky Cookies Provides a CSS sticky overview and examples of conf...

Page 13: ...ent Services Switch Hardware Installation Guide This guide provides information for installing cabling and powering the Cisco 11500 series CSS In addition this guide provides information about CSS specifications cable pinouts and hardware troubleshooting Cisco Content Services Switch Administration Guide This guide describes how to perform administrative tasks on the CSS including upgrading your C...

Page 14: ...n Protocol RIP Internet Protocol IP Open Shortest Path First OSPF protocol Cisco Discovery Protocol CDP Dynamic Host Configuration Protocol DHCP relay agent Cisco Content Services Switch Content Load Balancing Configuration Guide This guide describes how to perform CSS content load balancing configuration tasks including Flow and port mapping Services Service global and script keepalives Source gr...

Page 15: ... This guide describes how to perform CSS redundancy configuration tasks including VIP and virtual interface redundancy Adaptive session redundancy Box to box redundancy Cisco Content Services Switch Security Configuration Guide This guide describes how to perform CSS security configuration tasks including Controlling access to the CSS Secure Shell Daemon protocol Radius TACACS Firewall load balanc...

Page 16: ...rs on a command line including the CLI prompt Courier bold text indicates commands and text you enter in a command line Italic text indicates the first occurrence of a new term book title emphasized text and variables for which you supply values 1 A numbered list indicates that the order of the list items is important a An alphabetical list indicates that the order of the secondary list items is i...

Page 17: ...technical information from Cisco Systems Cisco com You can access the most current Cisco documentation at this URL http www cisco com univercd home home htm You can access the Cisco website at this URL http www cisco com You can access international Cisco websites at this URL http www cisco com public countries_languages shtml Ordering Documentation You can find instructions for ordering documenta...

Page 18: ...e card if present behind the front cover of your document or by writing to the following address Cisco Systems Attn Customer Document Ordering 170 West Tasman Drive San Jose CA 95134 9883 We appreciate your comments Obtaining Technical Assistance For all customers partners resellers and distributors who hold valid Cisco service contracts Cisco Technical Support provides 24 hour a day award winning...

Page 19: ... in which your network is minimally impaired or for which you require product information After you describe your situation the TAC Service Request Tool automatically provides recommended solutions If your issue is not resolved using the recommended resources your service request will be assigned to a Cisco TAC engineer The TAC Service Request Tool is located at this URL http www cisco com techsup...

Page 20: ...t resources during normal business hours to restore service to satisfactory levels Severity 4 S4 You require information or assistance with Cisco product capabilities installation or configuration There is little or no effect on your business operations Obtaining Additional Publications and Information Information about Cisco products technologies and network solutions is available from various on...

Page 21: ...from Cisco Systems designed to help growing companies learn how they can use technology to increase revenue streamline their business and expand services The publication identifies the challenges facing these companies and the technologies to help solve them using real world case studies and business strategies to help readers make sound technology investment decisions You can access iQ Magazine a...

Page 22: ...Preface Obtaining Additional Publications and Information xxii Cisco Content Services Switch Getting Started Guide OL 6037 01 ...

Page 23: ...o covers using the configuration script which initiates automatically when you log in and the CSS does not detect an existing startup config file Information in this chapter applies to all CSS models except where noted This chapter contains the following major sections Booting and Logging In Quick Start Booting the CSS on a Routine Basis Logging in to the CSS Using the Configuration Script Rebooti...

Page 24: ...protect the Offline Diagnostic Monitor Offline DM menu 2 When you power up the CSS on a routine basis the boot process Displays the software version and build number Performs hardware initialization and power on self tests Provides access to the Offline DM menu Prompts you to log in to the CSS 3 Log in to the CSS using the default administrative username admin and password system or the username a...

Page 25: ...This sections includes the following procedures Entering Your Software License Key Configuring the Ethernet Management Port Changing the Default Username and Password Password Protecting the Offline DM Menu Entering Your Software License Key When the CSS completes hardware initialization and power on diagnostics the CSS prompts you to accept the license agreement You must accept the license agreem...

Page 26: ...ced feature set license key is now properly installed and the feature set is activated Note After you enter the software license key for the Proximity Database software option you must reboot the CSS for the license key to take effect Configuring the Ethernet Management Port Once you enter a valid license key at the boot prompt the CSS displays the following message and prompt Use the Ethernet man...

Page 27: ... not prompt you for an IP address subnet mask and default gateway The Ethernet management port default IP address of 0 0 0 0 disables the Ethernet management port To enable the Ethernet management port specify the ip address command in boot mode see Chapter 2 Configuring CSS Basics or use the Offline DM menu refer to the Cisco Content Services Switch Administration Guide Changing the Default Usern...

Page 28: ...s to contact the Cisco Technical Assistance Center TAC at 1 800 553 2447 or 1 408 526 7209 You can also e mail TAC at tac cisco com Enter one of the following yes to password protect the Offline DM menu When you password protect the Offline DM menu you need to enter the administrative username and password each time you access the menu The administrative username and password are required to acces...

Page 29: ...t initializes the hardware and performs power on self tests The CSS displays the following messages shown for the CSS 11503 and CSS 11506 Locked boot flash Validating operational boot flash please wait Operational boot flash valid Jumping to operational boot flash Copyright 2002 c Cisco Systems Inc Operational boot flash Attaching interrupt handlers Done Master SCM Built Jun 22 2002 15 14 20 Versi...

Page 30: ...ors on the CSS 11501 and the 8 and 16 port Fast Ethernet Modules on the CSS 11503 or CSS 11506 do not contain Status LEDs Each Ethernet connector has Link and Duplex LEDs to indicate the state of the connection Table 1 2 defines the boot states and the blinking patterns of the Status LEDs Table 1 2 Status LEDs Boot Definitions State Sequence LED Color LED State 1 The CSS powers up scans flash and ...

Page 31: ...nd login prompt When a startup config file is present the CSS displays the message Press CTRL C to abort running the startup config 4 The CSS 11501 or a module in the CSS 11503 or CSS 11506 is on line and active Green Solid The CSS 11501 or a module in the CSS 11503 or CSS 11506 except a Fast Ethernet Module failed In the CSS 11503 or 11506 if A Fast Ethernet Module fails all of the Link and Duple...

Page 32: ...sable When you log in from A console the CSS displays the message Press any key to log in A Telnet session the message is not displayed The CSS prompts you to enter a username and password as follows User Access Verification Username Password If you connect a console to the CSS after the CSS boots your screen will be blank Press Enter to display the username and password prompts To initially log i...

Page 33: ...you to create services owners and content rules For background information on configuring services owners and content rules refer to the Cisco Content Services Switch Content Load Balancing Configuration Guide To accept the script default values press the Enter key at the prompts shown in the configuration script To quit the script enter q at any prompt If you quit running the script you may proce...

Page 34: ...uits setup Pressing CR after any y n defaults to y Warning All circuit VLAN IP addresses must be on a different subnet than the Ethernet Mgt port IP address The existing Ethernet Mgt port IP address is 10 0 4 251 Add an IP address to VLAN1 default 192 168 10 1 192 168 3 6 Add an IP subnet mask to VLAN1 default 255 255 255 0 Warning The default gateway IP address must be on the same subnet as VLAN1...

Page 35: ...balancing to enable the CSS to use a Virtual IP address VIP to load balance web traffic to web servers based on IP addresses Layer5 Load Balancing Configure Layer 5 load balancing to enable the CSS to use a VIP address to load balance web traffic to web servers based on URLs Proxy Cache Configure proxy cache to enable the CSS to use a Virtual IP address VIP to load balance web traffic to proxy cac...

Page 36: ...s the content rule Saves the running configuration to the startup config file The script prompts you to configure Service name default name is Server1 Service IP address VIP for the content rule To configure Layer 3 load balancing enter 1 at the Configuration Script menu Which feature do you want to configure 1 Layer3 load balancing 2 Layer5 load balancing 3 Proxy cache 4 Transparent cache Enter t...

Page 37: ...cally Displays the running config file Saves the running configuration to the startup config file Showing the Running Config Generated MAR 6 17 53 49 GLOBAL ip route 0 0 0 0 0 0 0 0 192 168 3 3 CIRCUIT circuit VLAN1 ip address 192 168 3 6 255 255 255 0 SERVICE service Server1 ip address 192 168 3 58 active service Server2 ip address 192 168 3 59 active OWNER owner L3_Owner content L3_Rule add serv...

Page 38: ...ol TCP Port 80 URL Load balance method as ACA Activates the services Activates the content rule Saves the running configuration to the startup config file The script prompts you to configure Service name default name is Server1 VIP for the content rule To configure Layer 5 load balancing enter 2 at the Configuration Script menu Which feature do you want to configure 1 Layer3 load balancing 2 Layer...

Page 39: ... running config file Saves the running configuration to the startup config file Showing the Running Config Generated MAR 6 17 53 49 GLOBAL ip route 0 0 0 0 0 0 0 0 192 168 3 3 CIRCUIT circuit VLAN1 ip address 192 168 3 6 255 255 255 0 SERVICE service Server1 ip address 192 168 3 58 active OWNER owner L5_Owner content L3_Rule add service Server1 vip address 192 168 3 8 balance aca active content L5...

Page 40: ...TCP Port 8080 URL Load balance method as domain Application type HTTP Activates the services Activates the content rule The script prompts you to configure Service name default name is Proxy_Cache1 VIP for the content rule To configure a proxy cache configuration enter 3 at the Configuration Script menu Which feature do you want to configure 1 Layer3 load balancing 2 Layer5 load balancing 3 Proxy ...

Page 41: ...he running config file Saves the running configuration to the startup config file Showing the Running Config Generated MAR 6 17 53 49 GLOBAL ip route 0 0 0 0 0 0 0 0 192 168 3 3 CIRCUIT circuit VLAN1 ip address 192 168 3 6 255 255 255 0 SERVICE service Proxy_Cache1 ip address 192 168 3 60 type proxy cache port 8080 protocol tcp active OWNER owner Proxy_Owner content Proxy_Rule add service Proxy_Ca...

Page 42: ...Service type as transparent cache Protocol TCP Port 80 Extension Qualifier List EQL named Cacheable that contains the file types displayed in the sample running config file URL eql cacheable Load balance method as domain Failover type as bypass Application type HTTP Activates the services Activates the content rule The script enables you to Configure a service name Transparent_Cache1 Define whethe...

Page 43: ...ache server regardless of whether the content is cacheable Should only cacheable content be directed to the cache server y n Enter one of the following y to define URL as eql cacheable in the content rule and allow the CSS to direct only cacheable content to the cache servers n to define URL in the content rule and allow the CSS to direct all content to the cache servers After you specify the conf...

Page 44: ...s Java script application x javascript extension mocha extension jpeg JPEG image image jpeg extension jpg extension jpe extension jfif extension pjpeg extension pjp extension mp2 MPEG Audio audio x mpeg extension mpa extension abs extension mpeg MPEG Video video mpeg extension mpg extension mpe extension mpv extension vbs extension m1v extension pcx PCX Image extension txt Plain text text plain ex...

Page 45: ...reboot the CSS This command is available in Boot mode Before you enter the reboot command save an existing running config file prior to rebooting the CSS by using the copy running config startup config command from SuperUser mode If you are not in expert mode the CSS displays the prompts to save profile and configuration changes before it reboots To reboot the CSS access Boot mode and enter the re...

Page 46: ...mmand to shut down the CSS This command shuts down all CSS processes so you can power cycle the unit safely The shutdown command is available in Boot mode To shut down the CSS access Boot mode and enter config boot shutdown The CSS displays a prompt to verify that you want to shut it down Are you sure you want to shutdown the system y n Enter y to shut down the CSS Note The CSS has a shutdown alia...

Page 47: ... Go Next Where to Go Next Chapter 2 Configuring CSS Basics describes the initial configuration procedures for the CSS such as changing the administrative username and password creating usernames and passwords configuring the Ethernet management port specifying a static IP address and subnet mask and changing the date and time ...

Page 48: ...Chapter 1 Booting Logging In and Getting Started Where to Go Next 1 26 Cisco Content Services Switch Getting Started Guide OL 6037 01 ...

Page 49: ...in this chapter applies to all CSS models except where noted This chapter contains the following major sections Initial Setup Quick Start Changing the Administrative Username and Password Creating Usernames and Passwords Configuring the Ethernet Management Port Configuring an IP Route Configuring the Date Time and Time Zone Synchronizing the CSS with an SNTP Server Configuring a Host Name ...

Page 50: ...ubnet of the CSS and the Ethernet management port optional Configure a default IP route Enter the date time and time zone optional Specify a Simple Network Time Protocol SNTP server optional Once you configure the Ethernet management port IP address you can continue to use the console port or you can use the Ethernet management port to Telnet in to the CSS and configure it remotely Table 2 1 Initi...

Page 51: ...address 172 16 6 58 6 Configure a subnet mask for the Ethernet management port in boot mode config boot subnet mask 255 255 255 0 7 Exit from boot mode to config mode config boot exit 8 Configure a static IP route as required config ip route 192 168 0 0 255 255 0 0 192 168 1 1 9 Exit from config mode to configure a date The clock date command does not allow backspacing If you enter a wrong date re...

Page 52: ...he time in the format hh mm ss clock time Enter time 15 17 33 16 17 33 11 Optional Specify the time zone and Universal Time Coordinated UTC offset if you are using an SNTP server to synchronize the CSS system clock clock timezone EST hours 3 before UTC 12 Optional Access config mode and specify the SNTP server and the polling frequency if you are using an SNTP server to synchronize the CSS system ...

Page 53: ...s them in to the user database SuperUser status is assigned to the administrative username by default You can change the administrative username and password but because the information is stored in NVRAM you cannot permanently delete them If you delete the administrative username using the no username command the CSS deletes the username from the running config file but restores the username from...

Page 54: ...can enter global configuration mode and its subordinate configuration modes If you do not specify superuser when configuring a new user the new user has only user level status by default Caution Creating or modifying a username and password is restricted to CSS users who are identified as either administrators or technicians and it is contingent on whether the restrict user database command has be...

Page 55: ...e sensitive unquoted text string with no spaces from 6 to 16 characters password The text string that you enter The CSS allows all special characters in a password except for the percent sign superuser Specifies SuperUser privileges to allow a user to access SuperUser mode If you do not enter this option the user can access only User mode dir access Optional Defines the CSS directory access privil...

Page 56: ...directory access for username picard enter config username picard password captain superuser NWBNNNR To display a list of existing usernames enter config username To remove an existing username enter config no username picard To change a user password reenter the username command and specify the new password Remember to include SuperUser privileges if required For example config username picard pa...

Page 57: ...Routes for the Ethernet Management Port section The Ethernet management port also supports ping and traceroutes initiated from the CSS The Ethernet management port is located on the CSS 11501 CSS 11503 or CSS 11506 SCM front panels To access the Ethernet management port on the CSS you must assign an IP address and a subnet mask to the port If you want to manage the CSS from a subnet that is differ...

Page 58: ...MP Redirects on the Ethernet Management Port Shutting Down the Ethernet Management Port Configuring an IP Address and Subnet Mask for the Ethernet Management Port To access the Ethernet management port on the CSS you must assign an IP address and a subnet mask When setting the Ethernet management port IP address note that The IP address must be on a different subnet than any other CSS VLAN circuit...

Page 59: ...and and enter the new subnet mask Configuring Static Routes for the Ethernet Management Port If you want to manage the CSS from a subnet that is different from the Ethernet management port you can configure static routes for the Ethernet management port Static route entries consist of the destination IP network address and the IP address of the next hop router You can configure a maximum of eight ...

Page 60: ...mask as either A prefix length in classless interdomain routing CIDR bit count notation for example 24 An IP address in dotted decimal notation for example 255 255 255 0 ip_address2 The next hop address for the route Enter the IP address in dotted decimal notation for example 192 168 11 0 For example to configure a static route for the Ethernet management port enter config ip management route 172 ...

Page 61: ... enhance security on the CSS when you configure static routes on the management port we strongly recommend that you configure the CSS management port to discard ICMP redirects Note The Ethernet management port never transmits an ICMP redirect If you remove a static route when the management port is configured to accept ICMP redirect packets the CSS removes from the routing table the router entry c...

Page 62: ...rt use the admin shutdown or shut command For example To shut down the Ethernet management port on the CSS 11501 with the admin shutdown command enter config if Ethernet Mgt admin shutdown To shut down the Ethernet management port on the CSS 11501 with the shut command enter config if Ethernet Mgt shut When you use the shut command the CSS changes the shut command to the admin shutdown command in ...

Page 63: ...ng properly If the router fails the CSS removes any entries from the routing table that point to the failed router and stops sending traffic to the failed router When the router recovers the CSS Becomes aware of the router Reenters applicable routes in the routing table To configure a static IP route use the ip route command and specify one of the following An IP address and prefix length for exam...

Page 64: ...Configuring the Date Time and Time Zone To set the date time or time zone for the CSS use the clock command When you enter this command the CSS displays the current date and time The clock command does not allow backspacing If you enter the wrong date time or time zone you must reenter the command with the new information This section includes the following topics Setting the Date Setting the Euro...

Page 65: ... european date Setting the Time Use the clock time command to set the time This command sets the time in military time 24 hour format A prompt appears to show the current time in the correct format to use Enter the hour minutes and seconds as integers separated by colons Enter the new time in the format hh mm ss as shown clock time Enter time 15 12 38 16 12 38 Setting the Time Zone Use the clock t...

Page 66: ...ns and variables are as follows timezone name The name of the time zone Enter a name with a maximum of 32 characters and no spaces hours hours The hours of offset for the time zone Enter a number from 0 to 12 Use with the before UTC option or after UTC option to set the offset to either a negative or positive number before UTC The offset for UTC as a negative number For example if the hour offset ...

Page 67: ...06 2003 Time The configured time in the format of hour minute and second for example 16 23 45 If you configure an SNTP server the show clock command displays the time adjusted with the time zone offset The show clock command displays the UTC time from the SNTP server If you configure a time zone the show clock command displays the time adjusted with the time zone offset For example if the UTC time...

Page 68: ...t the local time zone so the time appears correctly relative to the local time zone The CSS can receive the time from only a single SNTP server in unicast mode but the CSS cannot be used to provide time services to other devices Before you synchronize the CSS with an SNTP server make sure you configure the proper time zone for the CSS for example to EST Also make sure the time difference between t...

Page 69: ...21 version 3 To remove the specified SNTP server enter config no sntp server Configuring the SNTP Poll Interval The poll interval is the time in seconds between successive SNTP request messages to the server Continuous polling is critical for the CSS to obtain time from the SNTP server and ensure the local time matches the real time of the server Use the sntp poll interval command to specify the p...

Page 70: ... 16 characters ip_address The address associated with the host name Enter the IP address in dotted decimal notation for example 192 168 11 1 To add a host to the Host table the host name must not exist in the Host table To change a current host address remove the host name and then add it again to the Host table with the new address For example config host CSS11501 LML 192 168 3 6 Table 2 3 Field ...

Page 71: ...g host from the Host table enter config no host CSS11501 LML To display a list of host names enter config show running config global Where to Go Next Chapter 3 Configuring the Domain Name Service provides information to configure the Domain Name Service DNS the facility that translates host names such as myhost mydomain com to IP addresses ...

Page 72: ...Chapter 2 Configuring CSS Basics Where to Go Next 2 24 Cisco Content Services Switch Getting Started Guide OL 6037 01 ...

Page 73: ... DNS Resolve Specifying a Secondary DNS Server Specifying a DNS Suffix Specifying UDP Traffic on the DNS Server Port Use the show running config global command to display DNS configurations refer to the Cisco Content Services Switch Administration Guide Specifying a Primary DNS Server To specify the primary DNS server use the dns primary command Enter the IP address in dotted decimal notation for ...

Page 74: ...erver in dotted decimal notation for example 192 168 11 1 config dns secondary 192 168 3 6 You can specify a maximum of two secondary servers To specify each additional server repeat the dns secondary command The order in which you enter the IP addresses is the order in which they are used when the primary DNS server fails To remove a secondary DNS server specify the no version of the command foll...

Page 75: ...his command provides the following options enable default This command has been removed from the CLI Use the flow state command instead For details about the flow state command refer to the Cisco Content Services Switch Content Load Balancing Configuration Guide disable This command has been deprecated obsoleted This option maps to the flow state 53 udp flow disable nat enable command For details ...

Page 76: ...Chapter 3 Configuring the Domain Name Service Where to Go Next 3 4 Cisco Content Services Switch Getting Started Guide OL 6037 01 ...

Page 77: ...mmerce site they usually start out by browsing the site the Internet equivalent of window shopping Depending on the application the site may require that the customer become stuck to one server once the connection is established or the application may not require this until the customer starts to build a shopping cart In either case once the customer adds items to the shopping cart it is important...

Page 78: ...a structure used by a server to deliver data to a Web client and request that the client store the information In certain applications the client returns the information to the server to maintain the state between the client and the server When the CSS examines a request for content and determines through content rule matching that the content is sticky it examines any cookie or URL present in the...

Page 79: ...mand enables the content rule to stick a client to a server based on the configured string found in the HTTP cookie header A content rule with a sticky configuration set to advanced balance cookies requires all clients to enable cookies on their browser In the following configuration the CSS looks for the cookie in the Cookie field of the HTTP header 1 The CSS looks for the configured string prefi...

Page 80: ...ie header or the specified cookie string see the content rule mode sticky no cookie found action command configure GLOBAL ip route 0 0 0 0 0 0 0 0 10 86 191 174 1 INTERFACE interface 3 2 bridge vlan 2 CIRCUIT circuit VLAN1 description client vlan ip address 10 86 191 161 255 255 255 240 circuit VLAN2 description server vlan ip address 10 1 1 254 255 255 0 0 The string value configured in the servi...

Page 81: ...ookie field of the HTTP header use the advanced balance url command Some client applications do not accept cookies When a site depends upon the information in the cookie administrators sometimes modify the server application so that it appends the cookie data to the parameters section of the URL The parameters typically follow a at the end of the main data section of the URL In this configuration ...

Page 82: ...d does not exist then the CSS looks for the cookie in the URL This command is intended for applications where some clients cannot accept cookies but others can Using the full configuration of the Sticky Based on a Configured String in an HTTP Cookie Header section the only difference is the advanced balance cookieurl command in the content rule OWNER owner test content stickyCookie advanced balanc...

Page 83: ...S Task Topic List Table 5 1 provides a list of CSS administrative and configuration task topics in alphabetical order and the location of the topics in the CSS documentation For more concise lists of topics refer to the index of each document Table 5 1 Administration and Configuration Task Topic List Task Topic Guide and Chapter Absolute load configuration with quick start CSS Content Load Balanci...

Page 84: ...ommand CSS Redundancy Configuration Guide Chapter 2 Configuring Adaptive Session Redundancy Address Resolution Protocol ARP configuration with quick start and show command CSS Routing and Bridging Configuration Guide Chapter 4 Configuring the Address Resolution Protocol ADI unpack and remove an ArrowPoint Distribution Image ADI to a CSS disk CSS Administration Guide Chapter 1 Managing the Software...

Page 85: ...oftware ARP configuration with quick start and show command CSS Routing and Bridging Configuration Guide Chapter 4 Configuring the Address Resolution Protocol ArrowPoint Content Awareness ACA load balancing algorithm configuration CSS Content Load Balancing Configuration Guide Chapter 6 Configuring Loads for Services ArrowPoint cookies configuration CSS Content Load Balancing Configuration Guide C...

Page 86: ...rfaces and Circuits Bypass cache configuration CSS Content Load Balancing Configuration Guide Chapter 12 Configuring Caching Bypass content rules on caches configuration CSS Content Load Balancing Configuration Guide Chapter 3 Configuring Services CA certificates for server authentication configuration CSS SSL Configuration Guide Chapter 6 Configuring SSL Initiation Cable redundant CSS configurati...

Page 87: ...configuration with quick start and show command CSS Global Server Load Balancing Configuration Guide Chapter 4 Configuring a Client Side Accelerator Command history buffer configuration CSS Administration Guide Chapter 3 Configuring User Profiles Command scheduler configuration CSS Administration Guide Chapter 8 Using the CSS Scripting Language Configuration changes saved for subsequent CSS reboot...

Page 88: ...nfiguring Content Rules Content staging and replication configuration with quick start CSS Content Load Balancing Configuration Guide Chapter 13 Configuring Content Replication Cookies for advanced load balancing configuration CSS Content Load Balancing Configuration Guide Chapter 10 Configuring Sticky Parameters for Content Rules Copy files from FTP server configuration CSS Administration Guide C...

Page 89: ... Guide Chapter 5 Configuring Simple Network Management Protocol SNMP Destination service for source group configuration CSS Content Load Balancing Configuration Guide Chapter 5 Source Groups for Services Device Management user interface see WebNS Device Management user interface CSS Device Management User s Guide Chapter 3 Using the Device Management User Interface DFP agent configuration and show...

Page 90: ...ain Name System Server Domain cache configuration CSS Global Server Load Balancing Configuration Guide Chapter 4 Configuring a Client Side Accelerator Domain name content rule CSS Content Load Balancing Configuration Guide Chapter 9 Configuring Content Rules Domain Name System DNS Sticky feature see DNS sticky CSS Global Server Load Balancing Configuration Guide Chapter 2 Configuring the DNS Stick...

Page 91: ...cuits Expert mode configuration CSS Administration Guide Chapter 3 Configuring User Profiles Extension qualifier lists EQL configuration CSS Content Load Balancing Configuration Guide Chapter 9 Configuring Content Rules Failover handling configuration CSS Content Load Balancing Configuration Guide Chapter 9 Configuring Content Rules File storage locations configuration CSS Administration Guide Cha...

Page 92: ...rd configuration CSS Administration Guide Chapter 1 Managing the Software FTP reserved control port reclamation configuration CSS Content Load Balancing Configuration Guide Chapter 2 Configuring Flow and Port Mapping Parameters FWLB with VIP and virtual interface redundancy configuration CSS Security Configuration Guide Chapter 5 Configuring Firewall Load Balancing Global keepalives configuration ...

Page 93: ...r the static route next hop configuration CSS Routing and Bridging Configuration Guide Chapter 6 Configuring the Internet Protocol Interface configuration and show command CSS Routing and Bridging Configuration Guide Chapter 1 Configuring Interfaces and Circuits Internet Protocol configuration with quick start and show command CSS Routing and Bridging Configuration Guide Chapter 6 Configuring the ...

Page 94: ...S Content Load Balancing Configuration Guide Chapter 10 Configuring Sticky Parameters for Content Rules Logging configuration and show command CSS Administration Guide Chapter 4 Using the CSS Logging Features Maximum segment size MSS for TCP data configuration CSS Content Load Balancing Configuration Guide Chapter 2 Configuring Flow and Port Mapping Parameters MIBs overview CSS Administration Guid...

Page 95: ...x B Using the Offline Diagnostic Monitor Menu Opportunistic Layer 3 forwarding configuration CSS Routing and Bridging Configuration Guide Chapter 6 Configuring the Internet Protocol OSPF configuration with quick start and show command CSS Routing and Bridging Configuration Guide Chapter 3 Configuring Open Shortest Path First OSPF Owner configuration and show command CSS Content Load Balancing Conf...

Page 96: ...s Processing of SSL flows by the SSL module example CSS SSL Configuration Guide Chapter 8 Examples of CSS SSL Configurations Proximity domain name server PDNS configuration and show command CSS Global Server Load Balancing Configuration Guide Chapter 5 Configuring Network Proximity Proxy cache configuration CSS Content Load Balancing Configuration Guide Chapter 12 Configuring Caching Publishing an...

Page 97: ... load configuration with quick start and show command CSS Content Load Balancing Configuration Guide Chapter 6 Configuring Loads for Services Remapping configuration CSS Content Load Balancing Configuration Guide Chapter 9 Configuring Content Rules Remote user access to the CSS including virtual and console authentication CSS Security Configuration Guide Chapter 1 Controlling CSS Access Replicatio...

Page 98: ...tocol RIP configuration with quick start and show command CSS Routing and Bridging Configuration Guide Chapter 5 Configuring Routing Information Protocol RSA certificate and key generation and import quick start CSS SSL Configuration Guide Chapter 2 SSL Configuration Quick Starts Save configuration changes for subsequent CSS reboots CSS Administration Guide Chapter 1 Managing the Software Script k...

Page 99: ...uring Loads for Services Service overview CSS Content Load Balancing Configuration Guide Chapter 1 Content Load Balancing Overview Service redirection configuration CSS Content Load Balancing Configuration Guide Chapter 9 Configuring Content Rules Service source group configuration CSS Content Load Balancing Configuration Guide Chapter 5 Source Groups for Services Service weight configuration thro...

Page 100: ... rule configuration CSS Content Load Balancing Configuration Guide Chapter 9 Configuring Content Rules Spanning tree bridging configuration CSS Routing and Bridging Configuration Guide Chapter 1 Configuring Interfaces and Circuits Spanning tree bridging for the CSS configuration with quick start and show command CSS Routing and Bridging Configuration Guide Chapter 2 Configuring Spanning Tree Bridg...

Page 101: ...Displaying SSL Configuration Information and Statistics SSL security certificate show command CSS Device Management User s Guide Chapter 2 Configuring the CSS for Device Management SSL termination configuration CSS SSL Configuration Guide Chapter 4 Configuring SSL Termination SSL termination quick start CSS SSL Configuration Guide Chapter 2 SSL Configuration Quick Starts SSL transparent proxy conf...

Page 102: ...ging Configuration Guide Chapter 1 Configuring Interfaces and Circuits Synchronize redundant configuration CSS Redundancy Configuration Guide Chapter 3 Configuring Box to Box Redundancy TACACS configuration including authentication and authorization quick start and show command CSS Security Configuration Guide Chapter 4 Configuring the CSS as a Client of a TACACS Server TCP and UDP traffic handled...

Page 103: ...guration CSS Routing and Bridging Configuration Guide Chapter 6 Configuring the Internet Protocol Uniform Resource Locator URL for content rule configuration CSS Content Load Balancing Configuration Guide Chapter 9 Configuring Content Rules Uniform Resource Locator qualifier list URQL configuration with quick start CSS Content Load Balancing Configuration Guide Chapter 9 Configuring Content Rules ...

Page 104: ... Circuits VRID peering configuration CSS Redundancy Configuration Guide Chapter 1 Configuring VIP and Virtual Interface Redundancy WebNS Device Management user interface quick start CSS Device Management User s Guide Chapter 2 Configuring the CSS for Device Management WebNS Device Management user interface browser and platform support and supported features CSS Device Management User s Guide Chapt...

Page 105: ...dministration Guide Chapter 7 Using an XML Document to Configure the CSS Zone based DNS on a CSS configuration with quick start CSS Global Server Load Balancing Configuration Guide Chapter 1 Configuring the CSS as a Domain Name System Server Table 5 1 Administration and Configuration Task Topic List continued Task Topic Guide and Chapter ...

Page 106: ...rvices Switch Content Load Balancing Configuration Guide Cisco Content Services Switch Global Server Load Balancing Configuration Guide Cisco Content Services Switch Redundancy Configuration Guide Cisco Content Services Switch Security Configuration Guide Cisco Content Services Switch SSL Configuration Guide Cisco Content Services Switch Device Management User s Guide For information on CSS CLI co...

Page 107: ...ies CSS These tasks include formatting a disk defining which disk is the boot disk and where to save the log files and core dumps and copying files between the disks Unpacking and removing an ArrowPoint Distribution Image ADI to a CSS disk Archiving files to the CSS archive directory and then restoring them Enabling and handling core dumps Displaying the system information for the CSS Chapter 2 Sp...

Page 108: ...n capability on or off Changing the CLI prompt Modifying the size of the history buffer that stores the most recent CLI commands that you enter Configuring the banner that appears when you log in to the CSS Copy the running profile from the CSS to the default profile file an FTP server a TFTP server or your user profile file Chapter 4 Using the CSS Logging Features Enable logging Setting up the lo...

Page 109: ...eduler to configure the scheduled execution of any CLI commands including playing scripts Using the echo command to control what appears on the screen during script execution Using commented lines to document your script with comments Using variables to construct commands command aliases and scripts Using logical and relational operators and branch commands Using arrays to hold subvalues elements ...

Page 110: ...sing the Offline Diagnostic Monitor Menu Setting the boot configuration Configure a primary and secondary location from which the CSS accesses the boot image Configure an IP address for the CSS Configure a subnet mask Configure a default gateway Showing the boot configuration Selecting Advanced Options to Delete a software version from the disk Set a password for the Offline DM Main menu Set an ad...

Page 111: ...ing configuring spanning tree bridging and Port Fast displaying the interfaces configuration and shutting down the interfaces Configuring VLAN circuits including configuring a circuit IP interface configuring Router Discovery Protocol Settings for a Circuit and displaying circuit and IP interface information Configuring RIP for an IP interface including a default route the receive and send version...

Page 112: ...dress Resolution Protocol ARP configuration quick start Configuring ARP timeout and wait period Updating and clearing ARP parameters Displaying ARP information Chapter 5 Configuring Routing Information Protocol Routing Information Protocol RIP configuration quick start Advertising a route through RIP on the CSS Advertising routes from other protocols through RIP Setting the maximum number of route...

Page 113: ...s the default routing Configuring the IP record route to enable the CSS to process frames with the IP address of each router along a path Configuring box to box redundancy between two identically configured CSSs Configuring IP equal cost multipath ECMP selection algorithm and the preferred reverse egress path Forwarding IP subnet broadcast addressed frames Configuring IP unconditional bridging to ...

Page 114: ... specify the frequency at which the CSS transmits CDP packets to all receiving CDP compatible devices Displaying CDP information Chapter 8 Configuring the DHCP Relay Agent Dynamic Host Configuration Protocol DHCP configuration quick start Adding a DHCP destination on a circuit so that the initial DHCP broadcast request from the CSS is sent to all of the configured destinations Enabling and disabli...

Page 115: ... TCP and UDP traffic Chapter 2 Configuring Flow and Port Mapping Parameters Configuring flow parameters to create permanent TCP and UDP ports configuring how often the CSS scans flows from reserved Telnet and FTP control ports to reclaim them changing the maximum segment size MSS and displaying the statistics on currently allocated flows Configuring flow inactivity timeouts on content rules and so...

Page 116: ...s Translation NAT for the transparent cache service type Bypassing a cache farm and establishing a connection with the origin server to retrieve noncacheable content Activating and suspending services Showing service information and clearing statistics Chapter 4 Configuring Service Global and Script Keepalives Overview of keepalives Configuring service keepalives Configuring global keepalives and ...

Page 117: ...al load reporting load step load threshold and teardown and ageout timers Displaying global service loads An absolute load configuration quick start Configuring the absolute load calculation method including modifying and optimizing the absolute load scale and setting the load variance Displaying relative load statistics and absolute load calculation ranges Using ArrowPoint Content Awareness ACA l...

Page 118: ...b hosting VWH including a quick start Adding a service to a content rule This section includes specifying a service weight adding a primary and secondary sorry server and adding a DNS name to a content rule Activating suspending and removing a content rule Configuring a port load balancing algorithm DNS balance type hot lists extension qualifier lists EQL Uniform Resource Locator qualifier list UR...

Page 119: ...nd string process and skip length Configuring sticky parameters for E commerce and other Internet applications including arrowpoint and location cookies wireless users for E commerce applications and Session Initiation Protocol SIP load balancing Displaying sticky attributes tables and connection statistics Chapter 11 Configuring HTTP Header Load Balancing Overview of HTTP header load balancing HT...

Page 120: ...pe Configuring NAT peering and quick start Chapter 13 Configuring Content Replication Demand based content replication quick start Configuring demand based content replication including hot lists service type maximum age pieces of content and disk space for replicated objects on services and FTP access Content staging and replication quick start Configuring content staging and replication includin...

Page 121: ...laying scripts to remote CSS peers over an APP session Displaying APP information Zone based DNS quick start Configuring zone based DNS on a CSS including a DNS server buffer count DNS forwarder server responder task count zones domain records and kal ap vip client and agent Configuring content rule based DNS and quick start This section includes configuring DNS exchange policy for the owner DNS p...

Page 122: ...ctionality and configuring domain cache DNS server forwarder and accelerated domains Displaying CSA information Chapter 5 Configuring Network Proximity Overviews on network proximity and configuring a proximity database on a CSS 11150 and a proximity domain name server PDNS as an authoritative DNS server that uses information from the Proximity Database PDB to resolve DNS requests Configuring Appl...

Page 123: ...ews of CSS redundancy and VIP and virtual interface redundancy A VIP and virtual interface redundancy quick start Configuring VIP and virtual interface redundancy including the circuit IP interface virtual router redundant VIP and virtual interface VRID peering and quick start critical service critical physical interface and quick start and synchronizing a VIP redundancy configuration Displaying V...

Page 124: ...s Configuring redundancy including IP redundancy redundant circuits redundancy protocol and VRRP backup timer Synchronizing a redundant configuration Configuring a backup CSS as a master temporarily Configuring multiple redundant uplink services Adding an interface to the physical link configuration list Configuring stateless redundancy failover Displaying redundant configurations Table 5 6 Cisco ...

Page 125: ...g virtual and console authentication Controlling administrative access to the CSS Controlling network traffic through Access Control Lists ACLs including an overview quick start configuring clauses applying the ACL to a circuit and enabling ACLs Configuring Network Qualifier Lists for ACLs Chapter 2 Configuring the Secure Shell Daemon Protocol Enabling SSH Configuring SSH access SSHD on the CSS an...

Page 126: ...ng TACACS server information Chapter 5 Configuring Firewall Load Balancing Configuring Firewall Load Balancing FWLB including keepalive timeout IP static route OSPF and RIP to advertise firewall routes Configuring FWLB with VIP and virtual interface redundancy Displaying firewall information including flow summaries and routes Table 5 7 Cisco Content Services Switch Security Configuration Guide co...

Page 127: ...A key pair and Diffie Hellman parameters Verifying a certificate against a key pair Removing certificates and private keys from the CSS Chapter 4 Configuring SSL Termination Overview of SSL termination Creating an SSL proxy list Configuring virtual SSL servers for the SSL proxy list including a VIP address and port certificate key and cipher suites for server authentication client authentication H...

Page 128: ...ice and content rule for back end SSL Chapter 6 Configuring SSL Initiation Overview of SSL initiation Creating an SSL initiation proxy list Configuring a back end SSL initiation server in the proxy list including the IP address and port for the SSL initiation server server IP address and port SSL version cipher suites session cache timeouts and handshake renegotiation client and server side connec...

Page 129: ...urations Displaying CRL record configurations Displaying SSL URL rewrite and SSL module statistics Displaying SSL flows Chapter 8 Examples of CSS SSL Configurations Processing of SSL flows by the SSL module SSL transparent proxy configuration with one SSL module two SSL module or HTTP and back end SSL servers SSL full proxy configuration SSL initiation configuration Table 5 8 Cisco Content Service...

Page 130: ...ew of the WebNS Device Management user interface browser and platform support and supported features Chapter 2 Configuring the CSS for Device Management WebNS Device Management user interface quick start Enabling the user interface Entering the secure management license key for SSL strong encryption Configuring idle timeout Ethernet port SNMP community and your browser Restricting access to the us...

Page 131: ...nctioning With the CSS 11503 and CSS 11506 the SCM boots each module in the chassis and verifies that the module is functioning properly This appendix contains the following major sections Diagnostic Tests for Hardware and Error Messages Offline DM Verification of the Boot Configuration Record and Disk CSS 11501 Boot and Verification CSS 11503 and CSS 11506 Boot and Module Verification If the sugg...

Page 132: ...he Chapter 1 Booting Logging In and Getting Started and then the hardware goes through a series of power on self tests If an error occurs during a test the console displays an error message increments the detected error counter and continues to the next test until the CSS completes all of the power on self tests The error messages appear in the following format FAILURE_START From Slot Slot_number ...

Page 133: ...eporting the error This field is 1 for boards with a single MIPS CPU Failure_level There are three types of failure levels Board The CSS 11501 motherboard or a specific module in the CSS 11503 or CSS 11506 If the CSS completes the boot process but a component or module has failed the CSS also generates a boot log message Backplane An EEPROM failure is a catastrophic failure Contact TAC for technic...

Page 134: ...lem as soon as possible In the case of fatal and non fatal errors with the CSS 11501 contact TAC for technical assistance In the case of fatal and non fatal errors with the CSS 11503 or CSS 11506 1 Power down the CSS when the CSS completes the boot process 2 Reseat the failed module 3 Power up the CSS If reseating the module does not correct the failure contact the TAC for technical assistance Maj...

Page 135: ...SCM failure may have occurred such a failure would not allow a software download to start If this problem occurs for a CSS 11501 contact Cisco Technical Assistance Center TAC for technical assistance If this problem occurs for a CSS 11503 or CSS 11506 1 Power down the CSS 2 Reseat the SCM 3 Power up the CSS If reseating the module does not correct the failure contact TAC for technical assistance T...

Page 136: ...guration record Refer to the Cisco Content Services Switch Administration Guide for detailed information on using Offline DM 2 Reconfigure the CSS boot record configuration 3 Reboot the CSS Note If a MAC address error occurs contact TAC for technical assistance After the CSS confirms a valid configuration record it initializes the disk in slot 0 If the disk cannot initialize the CSS indicates that...

Page 137: ...tarts the Online Diagnostic Monitor OnDM During OnDM the SCM downloads software to each of the modules and boots the modules The SCM verifies that each module is functioning If there is a module failure the SCM attempts to boot the module three times If the SCM is unsuccessful the CSS generates the following log message and saves the message in the boot log file CHMGR Slot slot subslot had diagnos...

Page 138: ...Appendix A Troubleshooting the Boot Process CSS 11503 and CSS 11506 Boot and Module Verification A 8 Cisco Content Services Switch Getting Started Guide OL 6037 01 ...

Page 139: ...address 2 10 existing username removing 2 8 symbol overview xvi changing administrative password 2 5 administrative username 2 5 user directory access privileges 2 7 user password 2 8 changing the default username and password 1 5 CLI conventions xvi Ethernet management port usage 2 9 expert mode 2 16 User commands versus SuperUser commands 2 6 configuration quick start initial CSS configuration 1...

Page 140: ...iguring 2 15 directory access privileges username 2 7 displaying username 2 8 DNS configuring for CSS 3 1 4 1 primary server for CSS configuring 3 1 resolve for CSS configuring 3 2 secondary server for CSS configuring 3 2 specifying suffix 3 2 documentation audience xii chapter contents xii related xiii set xiii symbols and conventions xvi E e commerce using stickiness 4 1 Ethernet management port...

Page 141: ... key entering 1 3 logging into the CSS 1 9 M management port assigning an IP address and subnet mask 2 10 O Offline Diagnostic Monitor menu setting password protection 1 6 P password administrative changing 2 5 administrative password changing 2 5 user configuring 2 6 user password changing 2 8 password protecting the OffDM menu 1 6 PAT 4 33 port address translation See PAT proxy cache configuring...

Page 142: ...7 version number 1 2 1 7 static IP route configuring 2 15 static routes configuring 2 11 sticky content specifying an advanced load balancing method 4 2 T tasklist topics 4 1 time configuring for CSS 2 16 timezone configuring for CSS 2 16 transparent cache configuring 1 13 1 20 U username configuring 2 6 directory access privileges 2 7 displaying 2 8 removing 2 8 user password changing 2 8 configu...

Search results

Summary of Contents for 11503 - CSS Content Services Switch

Reviews:

Related manuals for 11503 - CSS Content Services Switch

Brands by name

Popular brands

Cisco 11503 - CSS Content Services Switch, Getting Started Manual

Search results

Summary of Contents for 11503 - CSS Content Services Switch

Reviews:

Related manuals for 11503 - CSS Content Services Switch

Brands by name

Popular brands