Sometimes you need to use many different Proxy Auto Configuration files with a web browser, usually when testing or trying out new installation of the proxy servers.
PacketShaper and Flow Directions
I stumbled across an old diagram I made a long time ago about the direction of flows on a BlueCoat PacketShaper. Since I’ve been looking for it for about three years, I’ve diagrammed it quickly so that it is here for future reference when I’m working PacketWise in the future. PacketShaper PacketWise is one of my very favourite tools for managing traffic flows, and much preferable to PHB QoS aka DiffServ for many types of use cases.
An TCP flow has four possible directional attribute related to the use of a inside and outside networks, and whether the flow was initiated from the client to server which sets the “direction” of the flow relative to the Packeteer. The flow is determined by who initiated the three way handshake. For purposes here, the Client always initiates the TCP connection, and the Server terminates the connection.
TCP Session and Direction
Most people understand the three way handshake, but not many consider the direction of the session.
The connection from the client to the server is outbound, but is inbound on the server. And vice versa, the server outbound session is inbound on the client.
That’s not very useful for being able to define the direction of flows.
Why is direction important ?
Direction of flows is important if you want to configure asymmetric rules. That is, not all protocols require symmetic bandwidth. For example, HTTP traffic is usually a 10:1 ratio for reply to request. That is, a request for this webpage is about 10KB, but the reply with the data, images and javascript is more than 100KB.
For an FTP upload server, you might have the reverse condition where the inbound traffic is far more than the outbound.
To make the most of your Internet connection for this case, you could configure the inbound bandwidth on your Internet connection to be 80% FTP, 20% HTTP and the outbound bandwidth to be 20% FTP and 80% HTTP. This gives a far better utilisation, especially in regards to better TCP Windowing and overall TCP goodput.
Cisco IOS load balancing for Blue Coat SGOS
Some time ago I used IOS SLB feature on a C6500 to load balance a pair of Blue Coat ProxySG. Here the confuguration and some notes.
Blue Coat to Acquire Packeteer-excellent-outcome
Fantastic news! As a long time user of Blue Coat and Packeteer, I am pretty excited about this. The Packeteer traffic management technologies is a long way ahead of the Cisco queueing strategy, and the Blue Coat product set has plenty of features that hold Cisco at bay in the WAN Acceleration (previously known as […]
Blue Coat ProxySG VIP and Cisco switches need Multicast enabled
You have a pair of shiny new ProxySG boxen that you want to setup in active / standby for high availability. You configure it up and everything seems to work, and then it doesn’t, or other equipment on the same network experiences random problems.
What you are having is a Multicast problem with your Ethernet switches, most likely your Cisco switches, that has the problem. How to understand and solve the problem after the jump.