IMPORTANT NOTE: The information contained in this document supersedes all previously published information
regarding this product. Product specifications are subject to change without prior notice.
MN-FXSERIESADM6 Revision 6
Page 2
Comtech EF Data / Stampede
FX Series Administration Guide - Version 6.2.2 ii
Chapter: Using This Document
Section: Table of Contents MN-FXSERIESADM6 Rev 6
Page 3
Comtech EF Data / Stampede
Table of Contents
Table of Contents .................................................................................................................................... iii
Table of Figures ...................................................................................................................................... vii
Using This Document .................................................................................................. ix
Document Organization .......................................................................................................................... ix
Contacting Product Support ..................................................................................................................... x
Key FX Series Appliance Information ................................................................................................ x
FX Series End User License Agreement ................................................................................................... xi
Patents and Trademarks ....................................................................................................................... xiii
Conventions and References ................................................................................................................. xiv
Comtech EF Data Warranty Policy ......................................................................................................... xv
Release Notes ....................................................................................................................................... xvii
Version 6.2.2 Functionality Enhancements ................................................................................... xvii
Version 6.1.1 Functionality Enhancements ................................................................................... xvii
Version 6.1 Functionality Enhancements ...................................................................................... xviii
Version 6.0.3 Functionality Enhancements .................................................................................... xix
Version 6.0.2 Functionality Enhancements .................................................................................... xix
Version 6.0.1 Functionality Enhancements ..................................................................................... xx
1 Overview - FX Series ...................................................................................... 22
1.1 Stampede FX Series Product Line Update ................................................................................ 22
1.2 Technologies that Optimize Satellite Bandwidth Acceleration ................................................ 23
10.1 Sample Acceleration Status Reports ...................................................................................... 158
10.2 FX Series Console Management Functions ............................................................................ 159
10.3 How to Update FX Series Appliance Software at 5.78.0 or earlier ........................................ 161
10.3.1 Base Platform Image (BPI) Upgrade Process .................................................................. 161
10.3.2 Upgrade Kit and Prep ..................................................................................................... 161
10.3.3 The Upgrade Process ...................................................................................................... 161
FX Series Administration Guide - Version 6.2.2 vi
Chapter: Using This Document
Section: Table of Contents MN-FXSERIESADM6 Rev 6
Page 7
Comtech EF Data / Stampede
Table of Figures
Figure 1-1 FX Series Multicator Theory of Operation ....................................................................................................... 31
Figure 1-2 FX Series Basic Mesh Connectivity Diagram .................................................................................................... 36
Figure 1-3 FX Series Hub Spoke Mesh Connectivity Diagram ........................................................................................... 37
Figure 1-4 FX Series Mesh with Redundancy Connectivity Diagram ................................................................................ 38
Figure 1-5 FX Series Appliances Data Sheet ...................................................................................................................... 39
Figure 1-6 FX Series Hardware Specifications ................................................................................................................... 41
Figure 1-7 FX Series FX-4010 Back Panel .......................................................................................................................... 42
Figure 1-8 FX Series FX-1005 Front Panel ......................................................................................................................... 45
Figure 1-9 FX Series FX-1005 Rear Panel .......................................................................................................................... 46
Figure 1-10 FX Series FX-1010 Front Panel ....................................................................................................................... 48
Figure 1-11 FX Series FX-1010 Rear Panel ........................................................................................................................ 49
Figure 2-1 FX Series Mesh Connection Diagram ............................................................................................................... 59
Figure 3-1 FX Series Main Configuration Screen............................................................................................................... 60
Figure 3-2 FX Series Basic Network Interfaces Screen ...................................................................................................... 62
Figure 3-3 FX Series Host/DNS Settings Screen ................................................................................................................ 64
Figure 3-4 FX Series SNMP Edit Screen ............................................................................................................................. 65
Figure 3-5 FX Series Web Management Interface Screen ................................................................................................ 66
Figure 3-6 FX Series In-Path Interfaces Screen ................................................................................................................. 67
Figure 3-7 FX Series LAN Interfaces Screen ...................................................................................................................... 69
Figure 3-8 FX Series Port Definitions Screen..................................................................................................................... 70
Figure 3-9 FX Series WCCP Definitions Screen.................................................................................................................. 73
Figure 3-10 FX Series QoS Hierarchy Screen ..................................................................................................................... 81
Figure 3-11 FX Series QoS Links Screen ............................................................................................................................ 84
Figure 3-12 F Series QoS Link Edit Screen ......................................................................................................................... 84
Figure 3-13 FX Series ACM QOS Status by Modem Report............................................................................................... 87
Figure 3-14 FX Series QoS Groups .................................................................................................................................... 88
Figure 3-15 FX Series QoS Group Edit Screen ................................................................................................................... 88
Figure 3-16 FX Series QoS Group Filters ........................................................................................................................... 89
Figure 3-17 FX Series QoS Group Filters Edit Screen ........................................................................................................ 90
Figure 3-18 FX Series QoS Queues .................................................................................................................................... 91
Figure 3-19 FX Series QoS Queue Edit Screen .................................................................................................................. 91
Figure 3-20 FX Series QoS Queue Filter Edit Screen ......................................................................................................... 93
Figure 3-21 FX Series Multicator General/Controller Edit Screen .................................................................................... 96
Figure 3-22 FX Series Multicator Transmitter/Receiver Edit Screen ................................................................................ 97
Figure 3-23 FX Series Redundancy Edit Screen ............................................................................................................... 100
Figure 4-1 FX Series ADC General Edit Screen ................................................................................................................ 104
Figure 5-1 FX Series Remote General Edit Screen .......................................................................................................... 109
Figure 6-1 FX Series Status Menu ................................................................................................................................... 113
Figure 6-2 FX Series ADC WANOP Monitor Screen ......................................................................................................... 114
Figure 6-3 FX Series ADC Current Status Menu .............................................................................................................. 117
Figure 6-4 FX Series QOS Monitor by Link ...................................................................................................................... 124
Figure 6-5 FX Series QoS Monitor by Queue .................................................................................................................. 126
Figure 6-6 FX Series Remote Real-Time Monitor Screen ................................................................................................ 129
Figure 6-7 FX Series Remote Current Status Menu ........................................................................................................ 131
Figure 7-1 FX Series ADC Features Menu ....................................................................................................................... 133
Figure 7-2 FX Series Application Policy Applicability Edit Screen ................................................................................... 140
Figure 7-3 FX Series Authorization Realm Edit Screen.................................................................................................... 141
Figure 7-4 FX Series Specific Optimization Edit Screen .................................................................................................. 142
Figure 7-5 FX Series Layer 5 Policy Configuration Edit Screen ........................................................................................ 143
FX Series Administration Guide - Version 6.2.2 vii
Chapter: Using This Document
Section: Table of Figures MN-FXSERIESADM6 Rev 6
Page 8
Comtech EF Data / Stampede
Figure 7-6 FX Series TCP/UDP Ports Table ...................................................................................................................... 146
Figure 8-1 FX Series Operations Menu ........................................................................................................................... 147
Figure 8-2 FX Series Backup and Restore Screen ............................................................................................................ 148
Figure 8-3 FX Series Change Passwords Screen .............................................................................................................. 149
Figure 8-4 FX Series Upgrade Fast Codes Screen ............................................................................................................ 150
Figure 8-5 FX Series Shutdown/Restart Screen ............................................................................................................. 151
Figure 8-6 FX Series Packet Capture Screen ................................................................................................................... 152
Figure 8-7 FX Series Software Version Display Screen .................................................................................................... 154
FX Series Administration Guide - Version 6.2.2 viii
Chapter: Using This Document
Section: Table of Figures MN-FXSERIESADM6 Rev 6
Page 9
Comtech EF Data / Stampede
Using This Document
This guide was prepared to assist you in the installation, configuration and management of the FX Series Appliances.
This document contains the same information that is available thru the on-line help contained with the FX Series web
based administrative screens. This document supports Release 6.2.0 of the FX Series Appliances.
Document Organization
Release Notes
This section delineates the major changes from the prior release.
Theory of Optimization
This section discusses the characteristic of data transmission that will cause slow response and
higher bandwidth requirements. It also delineates techniques that can reduce the slowness and
help reduce bandwidth requirements.
FX Series Technology
This section provides a brief description of the hardware and optimization techniques available
through the FX Series of appliances.
FX Series Installation Patterns
This section provides instruction on how to install the available configurations for all FX Series
appliances. It covers In-Line Mode, Routed Mode, WCCP Mode and Mesh Configurations
FX Series Network Settings
This section discusses how to set the basic networking parameters, such as Management Settings,
Traffic Interfaces, Quality of Service, Multicator Settings, and Redundancy.
FX Series ADC Specific Settings
This section discusses ADC specific network settings and current performance status, including
General Settings.
FX Series Remote Specific Settings
This section discusses Remote specific network settings and current performance status, including
General Settings and In-Path Settings.
FX Series Status
This section provides real time monitors and current statistics for the FX Series ADC, the FX Series
Remote and for Quality of Service.
FX Series Optimization
This section discusses optimization issues and definitions of optimization techniques available on
the FX Series appliances for web based or enterprise applications.
FX Series Operations
This section discusses tools to perform operational tasks, including Backups, License Management,
Shutdown/Restart, and Updating Software for all FX Series Appliances. This section also describes
how to obtain FX Series support, documentation, and downloads for the FX Series Appliances.
Symbols used in this manual: Important Note Informational Note
FX Series Administration Guide - Version 6.2.2 ix
Chapter: Using This Document
Section: Document Organization MN-FXSERIESADM6 Rev 6
Page 10
Comtech EF Data / Stampede
Contacting Product Support
Go To:
http://www.comtechefdata.com/support
Comtech EF Data Product Support representatives for FX Series Products are available.
Comtech EF Data offers an annual subscription plan providing unlimited telephone support for the coverage
period, software upgrades and other important support provisions. Contact Product Support for more
information.
Key FX Series Appliance Information
This information should be recorded and saved for future reference for each FX Series Appliance. It should be
updated for any upgrades or changes. Providing this information to Support will assist the support team in
resolving issues and questions more quickly.
Comtech Serial Number
This can be found on the outside of the appliance.
The following information can be found on the Web GUI Web GUI (bottom left on all screens).
1. Manufacturer S/N
2. Software Version
3. Base Platform Image and Service Pack Version
FX Series Administration Guide - Version 6.2.2 x
Chapter: Using This Document
Section: Contacting Product Support MN-FXSERIESADM6 Rev 6
Page 11
Comtech EF Data / Stampede
FX Series End User License Agreement
This is a legal agreement between you (either an individual or an entity) and Comtech EF Data Corporation.
HARDWARE LICENSE and WARRANTY
This product is covered by Comtech EF Data’s standard H/W warranty
SOFTWARE LICENSE
This SOFTWARE is protected by the copyright laws of the United States and international copyright treaties as
well as other intellectual property laws and treaties. This SOFTWARE product is licensed not sold.
The FX Series Appliance SOFTWARE you have licensed is defined as the SOFTWARE which operates on an
appliance. The FX Series Client SOFTWARE you have licensed is defined as the SOFTWARE which operates on
an intelligent, single computer, for use in accessing and accelerating Web, Browser or TCP-based
applications.
GRANT OF LICENSE: You have the right to install the FX Series Appliance SOFTWARE on all appliances for
which you have licensed copies. For each copy of the FX Series Client SOFTWARE this license confers you
have the right to install the SOFTWARE on a designated computer for use in accessing and accelerating Web,
Browser or TCP-based applications. The SOFTWARE is in “use” on a computer when it is loaded into
temporary memory (i.e. RAM) or installed into permanent memory (e.g., hard disk, CD-ROM, or other storage
device) of that computer. You may not install the SOFTWARE on more appliances or on more computers
than you have licensed copies.
Additionally, you have the right to make one (1) archival copy of the SOFTWARE for each appliance and for
each computer which has the SOFTWARE installed in accordance with the terms of this Agreement and
subject to the Use Restrictions as set forth below. The copyright notice, as contained in the original CD-ROM,
must be affixed to any archival copy.
COPYRIGHT: The SOFTWARE is owned by Comtech EF Data Corporation or its suppliers and is protected by
United States copyright laws and international treaty provisions. Therefore, you must treat the SOFTWARE
like any other copyrighted material (e.g., a book or musical recording). You may not copy any of the written
materials accompanying the SOFTWARE.
OTHER RESTRICTIONS: You may not rent, lease or sublicense the SOFTWARE, but you may transfer the
SOFTWARE and accompanying written materials on a permanent basis provided you retain no copies and the
recipient agrees to the terms of this Agreement. You may not modify, create a derivative work, reverse
engineer, decompile, or disassemble the SOFTWARE. If the SOFTWARE is an update or has been updated,
any transfer must include the most recent update and all prior versions. This license and your right to use
the SOFTWARE automatically terminate if you fail to comply with any provision of this license agreement.
SUPPORT AND UPGRADES: This Agreement does not entitle Licensee to any support, upgrades, patches,
enhancements or fixes for the Product (collectively, "Support"). Licensee must make separate arrangements
for Support and pay any fees associated with such Support. Any software upgrades, patches, enhancements
or fixes provided as part of Support for the Software that may be made available by Comtech EF Data’s
Maintenance agreement shall become part of the Software and subject to this Agreement.
FX Series Administration Guide - Version 6.2.2 xi
Chapter: Using This Document
Section: FX Series End User License Agreement MN-FXSERIESADM6 Rev 6
Page 12
Comtech EF Data / Stampede
LIMITED WARRANTY
LIMITED WARRANTY: Comtech EF Data warrants that (a) the SOFTWARE will perform substantially in
accordance with the accompanying written materials for a period of ninety (90) days from the date of receipt
provided that it is used on the computer hardware and with the operating system for which it was designed.
Any implied warranties on the SOFTWARE are limited to ninety (90) days. These warranties commence on
the date you first obtain the product and extends only to you, the original customer. Some states/countries
do not allow limitations on duration of implied warranty, so the above limitations may not apply to you.
CUSTOMER REMEDIES: Comtech EF Data’s entire liability and your exclusive remedy shall be, at Comtech EF
Data’s option, either (a) return of the price paid, or (b) repair or replacement of the SOFTWARE that does not
meet Comtech EF Data’s Limited Warranty and which is returned to Comtech EF Data with a copy of your
receipt. IN NO CASE WILL COMTECH EF DATA’S LIABILITY EXCEED THE AMOUNT OF THE LICENSE FEE. This
Limited Warranty is void if failure to the SOFTWARE has resulted from accident, abuse, or misapplication.
Any replacement SOFTWARE will be warranted for the remainder of the original warranty period or thirty
(90) days, whichever is longer. Outside the United States, these remedies are not available without proof of
purchase from an authorized non-U.S. source.
NO OTHER WARRANTIES: The warranty and remedies set forth above are exclusive and in lieu of all other,
oral or written, expressed or implied. Comtech EF Data disclaims all other warranties, expressed or implied,
including, but not limited to, implied warranties or merchantability and fitness for a particular purpose, with
regard to the SOFTWARE, and the accompanying written materials. Comtech EF Data does not warrant that
the SOFTWARE’s functions will meet your requirements or that its operation will be uninterrupted or error
free. This limited warranty gives you specific legal rights. You may have others which vary from
state/country.
NO LIABILITY FOR CONSEQUENTIAL DAMAGES: In no event shall Comtech EF Data be liable for any damages
whatsoever (including, without limitation, damages for loss of business profits, business interruption, loss of
business information, or any other pecuniary loss) arising out of the use of or inability to use this Comtech EF
Data product, even if Comtech EF Data Inc. has been advised of the possibility of such damages. Because
some states/countries do not allow the exclusion or limitation of liability for consequential or incidental
damages, the above limitation may not apply to you.
EXPORT: You acknowledge that the laws and regulations of the United States restrict the export and reexport of the SOFTWARE. You agree that you will not export or re-export the SOFTWARE in any form without
the appropriate United States and foreign government approval.
U.S. GOVERNMENT RESTRICTED RIGHTS
The SOFTWARE and documentation are provided with RESTRICTED RIGHTS. Use, duplication, or disclosure by
the Government is subject to restrictions as set forth in subparagraph (c)( 1) (ii) of the Rights in Technical
Data and Computer SOFTWARE clause at DFARS 252.227-7013 or subparagraphs (c) (1) and (2) of the
Commercial Computer SOFTWARE-Restricted Rights at 48 CFR 52.227-19, as applicable. Manufacturer is
Comtech EF Data (Stampede), 80A Rhoads Center Drive, Dayton, Ohio 45458. This Agreement is the entire
agreement between you and Comtech EF Data relative to the SOFTWARE and supersedes all prior written
statements, proposals or agreements relative to its subject matter. If you acquired this product in the United
States, this Agreement is governed by the laws of the State of Ohio. Should you have any questions
concerning this Agreement, or if you desire to contact Comtech EF Data, address your questions to:
Attention: Contracts Division.
FX Series Administration Guide - Version 6.2.2 xii
Chapter: Using This Document
Section: FX Series End User License Agreement MN-FXSERIESADM6 Rev 6
Page 13
Comtech EF Data / Stampede
Patents and Trademarks
See all of Comtech EF Data's Patents and Patents Pending at http://patents.comtechefdata.com.
Comtech EF Data acknowledges that all trademarks are the property of the trademark owners.
Webmin is a web-based system administration tool created by Jamie Cameron. All recent versions of
Webmin may be freely distributed and modified for commercial and non-commercial use.
Under the copyright laws, this documentation may not be copied, photocopied, reproduced, translated,
or reduced to any electronic medium or machine-readable form, in whole or in part, without the prior
written consent of Comtech EF Data/Stampede.
Comtech EF Data
2114 West 7th Street
Tempe AZ 85281
WORLD WIDE WEB: http://www.comtechefdata.com
FX Series Administration Guide - Version 6.2.2 xiii
Chapter: Using This Document
Section: Patents and Trademarks MN-FXSERIESADM6 Rev 6
Page 14
Comtech EF Data / Stampede
Conventions and References
Metric Conversion
Metric conversion information is located on the inside back cover of this manual. This information is provided
to assist the operator in cross-referencing non-Metric to Metric conversions.
Recommended Standard Designations
Recommended Standard (RS) Designations have been superseded by the new designation of the Electronic
Industries Association (EIA). References to the old designations may be shown when depicting actual text
displayed on the Web Server (HTTP) or Command Line Interface pages for the FX Series appliance).
Trademarks
Product names mentioned in this manual may be trademarks or registered trademarks of their respective
companies and are hereby acknowledged.
Environmental
The FX Series Appliance must not be operated in an environment where the unit is exposed to extremes of
temperature outside the ambient range 0° to 50°C (32° to 122°F); precipitation, condensation, or humid
atmospheres above 95% relative humidity; altitudes (unpressurized) greater than 2000 meters; excessive
dust or vibration; flammable gases; or corrosive or explosive atmospheres. Operation in vehicles or other
transportable installations which are equipped to provide a stable environment is permitted. If such vehicles
do not provide a stable environment, safety of the FX Series appliance may not be guaranteed.
FX Series Administration Guide - Version 6.2.2 xiv
Chapter: Using This Document
Section: Conventions and References MN-FXSERIESADM6 Rev 6
Page 15
Comtech EF Data / Stampede
Comtech EF Data Warranty Policy
Comtech EF Data products are warranted against defects in material and workmanship for a specific period
from the date of shipment, and this period varies by product. During the warranty period, Comtech EF Data
will, at its option, repair or replace products that prove to be defective. Repairs are warranted for the
remainder of the original warranty or a 90 day extended warranty, whichever is longer. Contact Comtech EF
Data for the warranty period specific to the product purchased.
For equipment under warranty, the owner is responsible for freight to Comtech EF Data and all related
customs, taxes, tariffs, insurance, etc. Comtech EF Data is responsible for the freight charges only for return
of the equipment from the factory to the owner. Comtech EF Data will return the equipment by the same
method (i.e., Air, Express, Surface) as the equipment was sent to Comtech EF Data.
All equipment returned for warranty repair must have a valid RMA number issued prior to return and be
marked clearly on the return packaging. Comtech EF Data strongly recommends all equipment be returned in
its original packaging.
Comtech EF Data Corporation’s obligations under this warranty are limited to repair or replacement of failed
parts, and the return shipment to the buyer of the repaired or replaced parts.
Limitations of Warranty
The warranty does not apply to any part of a product that has been installed, altered, repaired, or misused in
any way that, in the opinion of Comtech EF Data Corporation, would affect the reliability or detracts from the
performance of any part of the product, or is damaged as the result of use in a way or with equipment that
had not been previously approved by Comtech EF Data Corporation.
The warranty does not apply to any product or parts thereof where the serial number or the serial number of
any of its parts has been altered, defaced, or removed.
The warranty does not cover damage or loss incurred in transportation of the product.
The warranty does not cover replacement or repair necessitated by loss or damage from any cause beyond
the control of Comtech EF Data Corporation, such as lightning or other natural and weather related events or
wartime environments.
The warranty does not cover any labor involved in the removal and or reinstallation of warranted equipment
or parts on site, or any labor required to diagnose the necessity for repair or replacement.
The warranty excludes any responsibility by Comtech EF Data Corporation for incidental or consequential
damages arising from the use of the equipment or products, or for any inability to use them either separate
from or in combination with any other equipment or products. A fixed charge established for each product
will be imposed for all equipment returned for warranty repair where Comtech EF Data Corporation cannot
identify the cause of the reported failure.
Exclusive Remedies
Comtech EF Data Corporation’s warranty, as stated is in lieu of all other warranties, expressed, implied, or
statutory, including those of merchantability and fitness for a particular purpose. The buyer shall pass on to
any purchaser, lessee, or other user of Comtech EF Data Corporation’s products, the aforementioned
warranty, and shall indemnify and hold harmless Comtech EF Data Corporation from any claims or liability of
such purchaser, lessee, or user based upon allegations that the buyer, its agents, or employees have made
additional warranties or representations as to product preference or use.
FX Series Administration Guide - Version 6.2.2 xv
Chapter: Using This Document
Section: Comtech EF Data Warranty Policy MN-FXSERIESADM6 Rev 6
Page 16
Comtech EF Data / Stampede
The remedies provided herein are the buyer’s sole and exclusive remedies. Comtech EF Data shall not be
liable for any direct, indirect, special, incidental, or consequential damages, whether based on contract, t ort,
or any other legal theory.
RMA Policy
To return a Comtech EF Data product (in-warranty and out-of-warranty) for repair or replacement, please
follow these guidelines.
Contact the Comtech EF Data Customer Support Department during normal business hours. Be prepared to
supply the Customer Support representative with the model number, serial number, and a description of the
problem. Request a Return Material Authorization (RMA) number from the Comtech EF Data Customer
Support representative.
Pack the product in its original shipping carton/packaging to ensure that the product is not damaged during
shipping.
Ship the product back to Comtech EF Data. (Shipping charges should be prepaid.)
Online RMA Support
An RMA number can be requested electronically by accessing Comtech EF Data’s online Support page
(www.comtechefdata.com/support.asp). From this page:
Click the Service hyperlink, and then read the Return Material Authorization section for detailed instructions
on Comtech EF Data’s return procedures.
Click [Send RMA Request] on the Support page or the RMA Request hyperlink provided in the Service |
Return Material Authorization section; fill out the Billing Information, Return Information, and Unit to be Returned sections completely, then click [Send email]
Or –
Send an e-mail providing this same detailed information to the Customer Support Department at
service@comtechefdata.com.
Some Stampede products, programs, or services referred to in this publication may not be available in all
countries in which Stampede does business. Additionally, some Stampede products, programs, or services
may not be available for all operating systems or all product releases. Contact your Comtech EF
Data/Stampede representative to be certain the items are available to you.
FX Series Administration Guide - Version 6.2.2 xvi
Chapter: Using This Document
Section: Comtech EF Data Warranty Policy MN-FXSERIESADM6 Rev 6
Page 17
Comtech EF Data / Stampede
Release Notes
Version 6.2.2 Functionality Enhancements
These new features have been developed in response to customer feedback and market analysis for the
purpose of increasing the interoperability of the FX Series with other CEFD products, to ease moving between
screens and to broaden the scope of environments where FX Series can be deployed. This release adds the
following new features:
The FX Series Administrative User
Interface has new pull-down
navigation structure instead of
menu icons.
This allows enhanced and reorganized tabs for quick and easy direct access to all sub menus. This
Header with pull downs allows direct access and is positioned at the top of all Web GUI screens.
The dynamic ACM screen is gone and is now part of the 'Link' screen
Multi-Level QoS supports multiple modems with ACM. There are now 3 levels of QoS instead of 1
ACM can now be configured to support non-Comtech modems
Point-to-multipoint packet compression is supported
SNMP can now be configured from the Administrative User Interface
Ability to monitor and configure active-flows has been added
Network status screen now clearly illustrates connectivity problems
QoS Queue and Link Monitor screens now show up to 30 days of history
Operations->Backup-Restore now allows you to restore just optimization setting without affecting
management settings
Improvements to source IP preservation in NAT environments
Ability to configure access control on HTTP URLs in L7 application policies
The default for the Administrative Web GUI is set to run over HTTP. (SSL default is now disabled).
Note:If version 6.1.1 was installed, then SSL will still be set to “Enabled” as the default to use when
logging in to the Administrative Web GUI.
Version 6.1.1 Functionality Enhancements
Package Release 6.1 new features were developed in response to customer feedback and market analysis for
the purpose of increasing the interoperability of the FX Series with other CEFD products and to broaden the
scope of environments where FX Series can be deployed.
This release adds the following new features:
Quality of Service
QoS only license is now rate limited at 700 Mbps instead of 500 Mbps
New protocol filter options for SCTP, PTPv1, PTPv3
Added support for VLAN priority in the QoS filters
FX Series Administration Guide - Version 6.2.2 xvii
Chapter: Using This Document
Section: Release Notes MN-FXSERIESADM6 Rev 6
Page 18
Comtech EF Data / Stampede
FAST Codes
This release introduces new “trial license” Fast Codes for 30/60/90 day for Packet Compression
and WANOP.
Reporting
The Status->View Current Status->ACM QOS->By VSAT Modem has two changes.
New column header for 'Queue Name' indicates which queue a filter is directed
'Filter Hits' column header has been changed to 'Filter Matches'
Version 6.1 Functionality Enhancements
These new features have been developed in response to customer feedback and market analysis for the
purpose of increasing the interoperability of the FX Series with other CEFD products and to broaden the
scope of environments where FX Series can be deployed.
This release adds the following new features:
Enhanced QOS Monitor Functionality
CurrentStatus-> ACM QOS-By VSAT modem.
This now shows ingress packets and bytes which will be non-zero if packet compression is
happening.
CurrentStatus->ACM QOS-Throughput by QOS Queue.
This now shows packet compression savings percentage.
Configuration->QOS-Queues pick list.
This function has been dramatically reworked. You can now change CIR, MIR, Priority, and
enable/disable packet compression directly from the view.
Enhanced SNMP Functionality
MIB
Now has MIB which will allow full management of the FX.
Same MIB is used for both FX-Remote and ADC.
New wramp SNMP configuration wizard
Now prompts for destination 'trap' community and 'read/write' community. (Previous MIB
was not read/write and did not emit traps (traps are an SNMP term for alerts)
Enhanced Operations Functionality
Operations->Shutdown Restart.
Now has new 'Restart acceleration service and reset cache. This is now the only way to
completely reset the cache files
Status Monitor Enhancements
Real-Time Monitor
Real-time monitor now does a 'quick' reset of cache that does not require reboot.
CurrentStatus->NetworkStatus-Of WAN Interface.
This is a new status feature that is the only way to ascertain the MAC address of the WAN
interface.
Header Compression/Packet Aggregation
FX aggregates packets into an Ethernet frame and sends it to a peer, where the packets are
restored.
The default for DDS has been changed to 'Enabled' on the ADC. Previously it was 'Disabled' by
default.
FX Series Administration Guide - Version 6.2.2 xviii
Chapter: Using This Document
Section: Release Notes MN-FXSERIESADM6 Rev 6
Page 19
Comtech EF Data / Stampede
Version 6.0.3 Functionality Enhancements
These features have been developed in response to customer feedback and market analysis for the purpose
of increasing the interoperability of the FX Series with other CEFD products and to broaden the scope of
environments where FX Series can be deployed.
This release adds the following new features:
Multiprotocol Label Switching (MPLS) is now supported in ACM Filter Definitions.
If MPLS is selected, then the “MPLS Label”and “MPLS experimental bits” fields will be enabled as
filter criteria.
The default for Dynamic ACM Polling Method Parameters is changed.
The default setting is now the Modem type, with the pull-down choices including:
CDM-750, CDM-625, CDM-760, CDM-800, CDM-840, and CTOG-250.
The default is the CDM-750
L5 functionality has been enhanced with the following improvements
Pre-connect option has been removed from the L5 form
Enable acceleration has been added to the L5 form
It now includes the ability to define a “*” policy for L5. A “*” is a port range of 1-65535.
Other changes include:
VLAN Mode has been added to the general screen for (Trunk or Access)
Fail-to-Wire option has been added to the general screen (on or off)
ACM QOS Section of the Current Status screen has an added report “Throughput by QoS with an
updated description of “By Modem”
Version 6.0.2 Functionality Enhancements
These features have been developed in response to customer feedback and market analysis for the purpose
of increasing the interoperability of the FX Series with other CEFD products and to broaden the scope of
environments where FX Series can be deployed.
This release adds the following new features:
Mesh Network Configuration
Mesh network optimization is now supported with two appliances at each site.
Multicator modifications
Configuration settings have been simplified and located on one main screen on the Web Admin
Guide. The Multicator icon will appear on a single screen if an in-path interface is enabled.
QOS modification for FTP
FTP is now an option on the QOS filter screen. If FTP is selected, the FX automatically tracks the data
ports associated with FTP transfers by monitoring the activity on the FTP control port, which is
defaulted to port 21 upon initial selection. The FTP control port may be changed.
WCCP is now enabled on FX Series Remote
WCCP functionality for the FX Series Remote is now available and follows the
configuration/installation patterns which have been available on the FX Series ADC.
Redundancy modifications
The process for setting up these options has been simplified.
FX Series Administration Guide - Version 6.2.2 xix
Chapter: Using This Document
Section: Release Notes MN-FXSERIESADM6 Rev 6
Page 20
Comtech EF Data / Stampede
Version 6.0.1 Functionality Enhancements
This release added the following features:
Management Port
This release supports a dedicated management port. The administrative WEB GUI has been
enhanced to configure management port settings. Management traffic flows over a separate
routing table from the accelerated data traffic. The Administrative Web GUI can now optionally run
over HTTP/S.
Trunked VLAN Support
FX Series supports a trunked network, where multiple 802.1Q tagged VLANs flow thru the same
physical connection. To accomplish this, many aspects of the FX Series Remote FX Series ADC data
interception and acceleration was modified to retain the VLAN properties. Any accelerated data is
transmitted over the network on the same VLAN as the original, non-accelerated data.
. FX Series Release 6.0.1 provides:
• Support for 1024 active VLANs for IDs 2-4095.
• Support Virtual Routing and Forwarding (VRF) environments.
• Support display of tallies on a per-VLAN basis at ADC only (not Remote).
• Accelerated VLAN traffic will maintain original VLAN affinity.
• Private HTTP caches on a per VLAN basis
• Cached HTTP data will be segregated between VLANs.
VLAN addition and deletion configuration changes can be made without service loss or downtime. A
restart is not required for the changes to take effect.
Transparency
FX Series Release 6.0.1 provided:
• Ability to communicate between appliances using the same port as the original client connection.
• Ability to communicate between appliances using the original client source addresses.
• Ability to support active-active ADC configurations.
• Ability to optionally disable multiplexing of client connections.
Dynamic ACM QoS
• Special support was added to FX Series Release 6.0.1 ADC to continuously acquire the data rate of a
modem via SNMP connection. When the data rate changes the QoS rules are dynamically adjusted.
New fields were added to the Dynamic ACM page to configure the IP address of the modem, and
user name and password.
FaST Code Support
In prior releases, a “license” file was uploaded to the FX to enable functionality.
In FX Series Release 6.0.1 and above, this methodology is now superseded by FAST Codes.
The FX Series CLI and Administrative Web GUI have been enhanced to allow Fast code upgrades.
FX Series Administration Guide - Version 6.2.2 xx
Chapter: Using This Document
Section: Release Notes MN-FXSERIESADM6 Rev 6
Page 21
Comtech EF Data / Stampede
Routed Mode Deployment Option
The main configuration screen now allows you to put the FX in either “bridged” or “routed” mode.
In routed mode, policy based routing (PBR) must be set up on the Cisco router to specifically direct
traffic to the FX Series Appliances.
Reliable Multicast Fan-Out
“Multicator” feature is a powerful new content distribution system. This feature allows a user to
upload a file to an FX device via ftp, the file is then reliably multicast to a group of receivers. The
receivers then upload the content to a local ftp server. The Multicator employs the “Content
Distribution Control Protocol” (CDCP) to ensure that only one multicast transmission is in progress.
Base Platform Image ‘3’ Upgrade Kit
The new features of Release 6 require new software packages and a new kernel from previous FX
releases. This upgrade kit will define procedures for updating existing FX appliances from a USB
flash drive.
Management via SSH
The Base Platform Image “3” provides support over SSH and will also allow the Administrative WEB
GUI to function over SSL.
FX Series Administration Guide - Version 6.2.2 xxi
Chapter: Using This Document
Section: Release Notes MN-FXSERIESADM6 Rev 6
Page 22
Comtech EF Data / Stampede
Typical Users
• Internet Service Providers (ISPs)
• Enterprise
• Offshore/Maritime
• Telecommunications Operators
• Satellite Operators
• Managed Service Providers
Common Applications
• High-speed content delivery
• HTTP and TCP optimization & acceleration
• Corporate networks
• Mobile Backhaul
Key Benefits
• Provides up to 80% bandwidth savings in both directions
• Provides up to N times efficiency when using the
Multicator
• Enables measurable reduction in response time for users
• Delivers CAPEX for OPEX payback typically in 3-4 months
• Scales easily for small, medium and high volume networks
• Ensures the best traffic flow with Advanced Traffic
Shaping
• Matches the modem link rates with ACM tracking
• Real time voice sessions with the use of Header
Compresses/Packet Aggregation.
1 Overview - FX Series
1.1 Stampede FX Series Product Line Update
Value Proposition
“Reduce OPEX, Improve User Experience”
Reduce OPEX by:
Shrinking the Data
Keeping the Pipe Full
Improve User Experience by:
Getting the Data there faster
Getting the Right Data there
The Challenges for ISPs with Satellite Links
Data consumed by individual users and enterprises is increasing exponentially. ISPs must cost-effectively
keep up with the enormous demand for limited bandwidth - while conserving it.
Assuring Delivery of Web Applications for Bottom Line Results
Data center simplification and the growing
migration to web-enabled applications are driving
the need for a new class of multi-function
optimization devices. The Stampede FX Series
combines both one-sided application delivery and
two-sided WAN optimization into a single
platform. The FX Series delivers unprecedented
application performance, optimization,
transparency, availability and management for
existing networks.
Header Compression/Packet Aggregation
As real-time traffic moves to IP, there is a
proliferation of traffic with small payloads. In this
case, the header bytes can be 2 to 4 times the
number of payload bytes. For small voice packets,
compression can result in reducing the required
data rate to 30 – 50% of the original. The FX will
compress headers, and optionally compress
payloads. The FX aggregates compressed packets
into an Ethernet frame and sends it to a peer,
where the packets are restored. Header
compression is integrated into the traffic shaping,
and maximum latency per queue can be enforced
when aggregating packets
FX Series Administration Guide - Version 6.2.2 22
Chapter: Overview - FX Series
Section: Stampede FX Series Product Line UpdateMN-FXSERIESADM6 Rev 6
Page 23
Comtech EF Data / Stampede
1.2 Technologies that Optimize Satellite Bandwidth Acceleration
Traffic Shaping with ACM Tracking
Traffic is classified and prioritized at layers 2-5. With three levels of filters and the ability to shape with CIR’s
and MIR’s at each level, traffic can be managed across multiple geographic locations using point to point and
point to multipoint links. The traffic shaper supports links with ACM by reading the data rate from the modem
and adjusting to that rate. There are presets for EF Data modems that support ACM. This feature is available
as either stand-alone, or as part of the full WAN optimization product
Transparent Assured Delivery
With flexible options for in-line or Cisco’s Web Cache Communication Protocol (WCCP), the FX Series devices
deliver unprecedented transparent optimization. End-to-end assurance is maintained for all applications
providing complete transparency and the ability for existing Quality of Service (QoS) and network visibility
management programs to continue monitoring the health of your network.
Optimize VLAN Trunked Data
All appropriate Layer 5 and Layer 7 optimizations are available for tagged VLAN data, preserving or recreating
the VLAN tags for optimized traffic. This includes HTTP caching as well as de-duplication. Caches are
maintained by appliance and by VLAN. Appropriate traffic can be shared between VLANs on the same
appliance. In addition, the FX-1010 will support up to 8 LAN ports, each of which is tagged and passed to the
WAN trunk.
Multicator
The FX Series supports a reliable multicast. This is designed to work in a mesh network, but will also work in a
hub/spoke network. In the mesh, any device can be a transmitter with the remaining devices being receivers.
Multiple devices can be transmitters. The transmitter function is time shared, with a second device being
given permission to transmit after the first is complete. This can work in a hub-spoke network where typically
the ADC would be the transmitter, although this is not required. The process is to FTP a file from the client into
the transmitter’s inbox, that file is transmitted reliably in a multicast to all of the receivers. Once transmitted,
the receivers FTP the file to a specified server.
Redundancy and Fail Over
Redundancy is critical to 24/7 availability, and the FX appliance is designed to handle redundancy and fail over
in two different ways; inline and routed. The inline configuration is used when operating in conjunction with a
CEFD modem operating with 1:1 redundancy. WCCP (Web Caching Communication Protocol) is used in routed
mode to allow N devices to serve the function of any M devices, resulting in M: N redundancy. The inline
configuration has a primary and a redundant device in series, the redundant takes over whenever the primary
fails.
Management
The FX platforms provide total insight through real-time information including over 100 real-time statistics
providing extensive details on all inbound and outbound traffic. Historical data for days or months are easily
viewed via online graphs, simplifying capacity planning, trending, network issues, and application
troubleshooting. Management information can be obtained via an intuitive Web GUI or SNMP. The updating
for the FX Series Remotes is automatic. The FX Series remotes poll the FX Series ADC for updates. When the
ADC is updated; each remote will download the update and automatically update itself.
FX Series Administration Guide - Version 6.2.2 23
Chapter: Overview - FX Series
Section: Technologies that Optimize Satellite Bandwidth AccelerationMN-FXSERIESADM6 Rev 6
Page 24
Comtech EF Data / Stampede
Flexibility
The FX Series platforms provide a comprehensive range of flexible options for total transparent 24/7
operation within your existing or growing network infrastructure. No matter what your application
acceleration or WAN optimization requirements are today or in the future, the FX Series platform solutions
will handle all your business critical applications with ease. Whether your installation requires small, medium
or large branches or the consolidation of multiple remote or enterprise data centers, we have the solution for
your organization’s needs.
Compatible with Advanced VSAT Solutions
The Stampede FX Series products can be added to an Advanced VSAT Solutions network for WAN optimization
and application acceleration. The results can be significant improvements in user experience and a reduction
by 20-80% in required bandwidth for TCP traffic.
Solutions
Deploy the Stampede FX Series (ADC) as a single-sided solution to optimize traffic from your outbound
channel. For a two-sided solution, add the FX Series Remote (REM) appliance and achieve the ultimate in
application acceleration and WAN optimization.
Productivity and Performance
The Stampede FX Series WAN optimization improves access to your applications by reducing the amount
of data transferred on the link through use of various compression and caching schemes as well as
accelerating reliable protocols.
FX Series Administration Guide - Version 6.2.2 24
Chapter: Overview - FX Series
Section: Technologies that Optimize Satellite Bandwidth AccelerationMN-FXSERIESADM6 Rev 6
Page 25
Comtech EF Data / Stampede
1.3 Single-Sided Solution
1.3.1 Load Balancing via WCCP
The Web Cache Communications Protocol (WCCP) allows satellite network service providers to
transparently inject acceleration into their satellite network infrastructure by redirecting traffic flows in
real-time to network devices such as the FX Series. WCCP has built-in load balancing, scaling, fault
tolerance, and service-assurance (failsafe) mechanisms to ensure network devices can scale and have
high-availability. For fault tolerance, if one of the FX Series appliances incurs a hardware failure, the
WCCP-enabled router will stop sending traffic to that device and redirect traffic to the other FX Series
appliances with zero down-time.
Load balancing via WCCP intelligently distributes the TCP and HTTP workload across multiple FX Series
appliances. For flexible scalability, service providers can simply add an FX Series appliance to the cluster,
and WCCP will split the traffic load among all the FX Series appliances. Up to thirty-two FX Series
appliances can be set up within a cluster and dynamically load balanced.
WCCP enables network service providers to implement the FX Series into their network with greater
deployment flexibility, without requiring the FX Series to be physically in-line. The FX Series can be
deployed "virtually" in-line, hence, not all traffic is required to pass through the FX Series appliance. The
network administrator programs the router to redirect traffic to the FX Service appliance in-bound and
out-bound based on the router policies. This allows the administrators to make changes to their network
environment by simply changing the router policies.
Stampede's FX Series (running WCCP) localizes content, and responds to content requests in order to
reduce the amount of data going over the WAN. This improves application delivery response times, and
allows the WAN link to support more traffic. Using WCCP, traffic is transparently redirected to the FX
Series appliance for TCP and HTTP acceleration, compression, caching and other optimization services.
With WCCP configured, the router redirects traffic to the FX Series to perform the application acceleration
and WAN optimization functions. When an end-user makes a request, the router intercepts the request,
and redirects the request to the FX Series inside a generic routing encapsulation (GRE) frame to prevent
any modifications to the original packet. The FX Series with WCCP can be used to transparently route
traffic, so that you don't have to make changes to Web browsers, and configure the FX Series as a proxy
server to offload servers, accelerate application delivery and optimize the network.
1.3.2 Source IP Preservation
Source IP Preservation is a technology that is used to support security policies that require a specific
source IP address, or range of IP addresses. It is also used to prevent the FX Series appliance from being
blacklisted.
For example, in the event where a situation is deemed inappropriate, such as a SPAM event, the sending
device Source IP address will be blacklisted. To avoid this problem, the FX Series uses the end-user's
Source IP address when making a request to a Web or application server. The FX Series configuration
method makes implementing Source IP Preservation easy within a WCCP or inline environment. The FX
Series is usually configured to use the IP address of the client when making requests to content servers,
whereas, other FXs make requests to Web servers using their own IP address. IP addressing problems can
occur when, for example, an end-user is involved with illegal online activity and the IP address of the FX is
recorded in the Web server's logs. If the IP address of the FX is used to make the client request to the
server, it will likely be placed on a blacklist, and therefore cause considerable network problems. By
spoofing the IP address of the client, the FX Series is able to avoid this problem.
FX Series Administration Guide - Version 6.2.2 25
Chapter: Overview - FX Series
Section: Single-Sided SolutionMN-FXSERIESADM6 Rev 6
Page 26
Comtech EF Data / Stampede
1.3.3 Connection Management
(a) Connection management removes the burden of establishing and terminating TCP
connections from the web servers, allowing the server to handle more traffic.
Stampede manages network connections in several ways to optimize the flow of data
and reduce the impact on the network, application servers and end-user devices. The
FX Series appliance maintains a consistent pool of connections between itself and the
servers. The servers are then offloaded from managing the connections, and are
isolated from inadvertent session disconnects.
(b) The FX Series appliance limits active flows. Active flows are the number of UDP and TCP
connections that can be established concurrently between remote clients and content
servers which flow through the FX appliances. This should normally never be an issue,
but can be a problem in a denial of service attack. The FX series reports the number of
active connections in the status monitor.
(c) With Stampede's FX Series Remote appliances working with the FX Series head-end appliance, a
persistent connection between the client and server is always maintained, even when the
browser may close and reopen a session. These sessions are also multiplexed across multiple
connections, improving throughput and response time. This persistent connection is extremely
important for AJAX and Web 2.0 applications which constantly open and close sessions as they
poll and access various Web services. Stampede eliminates this potentially network intrusive
overhead.
1.3.4 ACM QoS
The Quality of Service Function with ACM option is intended to work with modems that support ACM.
The FX Series ADC and Remote have the ability to read the current data rate from the modem, and will
adjust the output data rate to match the modem data rate. The FX Series data rate is calculated based a
per Ethernet frame basis
The FX is also designed to work with the modem in a 1:1 Redundant with fail over mode and work with
the modems when they are in a 1:1 redundant configuration.
Output Data Rate
All data rates are Ethernet frame rates. The total data rate is a parameter that can be set, or
under the optional ACM mode, can be updated dynamically and continuously from the modem in
the link.
Traffic Classification
Traffic can be classified on combinations of Protocol, VLAN, Source/Destination IP Port number,
Source/Destination subnet, MPLS labels/EXP and DSCP bits.
Classified traffic is directed into specified Queues. Queues are assigned priority. There are two
levels of Groups and a third level of Queues that can be configured. Traffic coming into the
appliance is separated by Filters into the level 1 Groups. This traffic can subsequently be
separated by Filters into a second level of Groups, and then filtered into Queues where traffic
will be released to the WAN based on the QoS and shaping rules defined.
Traffic shaping
Traffic is shaped using drain algorithms on the specified queues. Queues of equal priority are
treated in a fair-weighted manner. Connections within a specified Queue are also treated in a
fair-weighted manner.
FX Series Administration Guide - Version 6.2.2 26
Chapter: Overview - FX Series
Section: Single-Sided SolutionMN-FXSERIESADM6 Rev 6
Page 27
Comtech EF Data / Stampede
The drain algorithms are strict priority or Min-Max. In Strict Priority, available bandwidth is
allocated on the basis of priority.
Min-Max gives more control. Bandwidth is allocated up to a committed information rate based
upon priority. Once the committed information rate is reached for all classes, excess bandwidth
is allocated based on the same priority, up to a defined maximum for each Queue.
1.3.5 GZIP Compression
The most common use of compression in Web environments is accomplished by enabling GZIP
functionality at the Web server. GZIP compression is handled on-the-fly from the servers to the clients.
This reduces bandwidth consumption and improves application delivery and client response time. The FX
Series uses GZIP compression to reduce the payload size to deliver more data across the satellite link,
enabling more applications to be delivered and the ability to support more users. GZIP compression
removes non-essential information from data being moved from one location to another, and then
reassembles the data to its original form after the transfer is complete.
Squeezing the data reduces network traffic and accelerates the delivery of time-sensitive information.
GZIP compression uses standard techniques to compress data sent to browsers. While compression exists
in many forms throughout Web deployments, the FX Series is able to more effectively apply compression
resulting in better compression ratios. GZIP is not normally used for attachment compression or for
inbound compression from the browser. In addition, GZIP cannot be used to compress HTTP headers or
image data. In a single-sided mode, the FX Series appliance utilizes GZIP to compress information that can
be processed by standard browsers.
Stampede utilizes various compression techniques to reduce the amount of data that must be sent across
the network. In two-sided deployment, the FX Series bi-directional compression provides compression
for:
• All HTTP Headers
• Application Cookies
• All Text and Data Objects
• JPEG files with Image Reduction, yielding very acceptable quality
• All attachments and file uploads and downloads
1.3.6 Image Reduction and Smoothing
Image Reduction and Smoothing reduces the amount of data required to represent an image without
significantly altering the visual perception of the image. This is accomplished in two ways. Smoothing
reduces the high frequency components or the sharpness of an image. A moderate amount of smoothing
can significantly reduce the amount of data. The quality factor of a JPEG image relates to the precision of
the samples. Sample precision can be reduced without visible detection.
The goal of the JPEG quality and smoothing values is to reduce the amount of data while maintaining a
usable image. Depending on the JPEG, the compression is often in the range 9:1. A number between 1
and 100 specifies the tradeoff between size of the jpeg data and quality of the original image. A higher
number will retain a higher quality but will not conserve as much bandwidth. If no value is specified then
the FX Series value is inherited from a higher level policy; a default value of 50 is used if no higher level
policy is defined. Images that have been transformed are typically not significantly changed by running
through the algorithm again. What this means is that if an image has been compressed with particular
smoothing and quality factor, if the same factors are used again, the image is not significantly changed.
FX Series Administration Guide - Version 6.2.2 27
Chapter: Overview - FX Series
Section: Single-Sided SolutionMN-FXSERIESADM6 Rev 6
Page 28
Comtech EF Data / Stampede
1.3.7 Static Caching
Caching brings information closer to the end-user by storing recently accessed data in local memory or on
hard disk, reducing the time it takes to bring back needed information, Improving the users’ experience by
speeding the page load times. While today's browsers maintain their own cache, they tend to be overly
conservative. This means they will error on the side of requesting a new piece of data or object, usually
when it really hasn't been changed. This not only impacts response time to the end-user, but also
saturates bandwidth with unnecessary data transmissions.
The FX Series uses caching to maintain copies of routinely accessed data to eliminate unnecessary
requests to Web and application servers, and from going over limited satellite links. By keeping local
copies of frequently requested content, the FX Series allows organizations to significantly reduce their
upstream bandwidth usage and cost, while improving performance. The FX Series acts as an intermediary
from end-users requesting content (such as a file, web page, or other resource) from servers.
Some of the key benefits include:
• Reducing bandwidth consumption
• Keeping servers behind the FX Series anonymous for security purposes
• Delivering fast access to content
1.3.8 TCP Optimization
Advanced protocol optimizations drive significant improvements in bandwidth efficiencies and time
savings (reducing payload and latency). WAN optimization and application acceleration technologies are
deployed to improve satellite network performance and increase the amount of applications and users
that can be delivered over the satellite link. The FX Series manages all TCP sessions, and handles the
establishing and tearing down of TCP connections locally (at LAN speeds) to avoid satellite network
congestion problems. This helps to increase link utilization and improve the user experience. TCP
termination offloads the responsibility from servers having to handle the overhead imposed by the
volume of TCP connections from web applications.
Additionally, application level multiplexed TCP streams take advantage of all other TCP or protocol
optimization done at the link level, and application-level handshakes are eliminated by consolidating
transaction requests.
Benefits include:
• Increases server capacity
• Reduces the amount of traffic sent over satellite links
• Keeps the satellite links maximized for optimum utilization
• Dramatically reduces transaction TCP turns (requests and responses) that bottleneck
satellite links
FX Series Administration Guide - Version 6.2.2 28
Chapter: Overview - FX Series
Section: Single-Sided SolutionMN-FXSERIESADM6 Rev 6
Page 29
Comtech EF Data / Stampede
1.4 Two-Sided Solution
1.4.1 Cache Differencing
Cache Differencing takes the concept of caching one step further and maintains identical copies of the
browser's cache at the local device and on the FX Series appliance. The FX Series then uses intelligent
differencing technology to understand what data has actually changed, and then transfers only the
changed data. The local device functions normally, but with less data being transferred, you realize
improved utilization of the satellite network, and increased end-user productivity.
Traditionally, pages can be marked as cacheable and will have expiration dates. When they expire they
must be retrieved from the original server, resulting in additional traffic and data being transmitted across
the satellite network. Within a two-sided environment, the FX Series Remote appliance caches all pages
returned to the browser (even pages that are marked as non-cacheable) and performs validation when
needed to ensure that no stale data is returned to the browser. When the browser asks for a page or an
item that has expired or been marked as non-cacheable, the FX Series remote appliance sends a
validation request to the FX Series appliance at the head-end. If the FX Series appliance is aware of the
last page the client cache contains and can compute differences in the page, it sends just the differences
to an expired page or non-cached page. If the differences are too big, or if the FX Series appliance no
longer has retained the last version that the client has, then the entire page is returned and subsequently
cached for future possible differencing. The client in turn reconstructs the requested page, caches it, and
returns it to the browser. Checksums are calculated by the FX Series appliance at the head-end and
verified at the FX Series remote appliance so that pages will never be delivered incorrectly. While this
technique adds value on expired pages, it is extremely effective for dynamic page generation.
An important aspect of Stampede's Cache Differencing is the ability to perform differencing not only on
HTML GET requests but also on POST requests. This is significant because a) responses to posts are always
marked non-cacheable, and b) most applications that are based on SOAP and XML (including most AJAX
applications) issue SOAP requests via the HTML POST command.
1.4.2 Multiplexing of Large Data Objects
The FX Series multiplexes large data objects using Comtech EF Data's patented TurboStreaming™
(multiplexed TCP sessions, patent # 7,543,072) that enables HTTP browser traffic to be intermixed across
multiple "pipelines". All browser activity is optimized, including the network-intensive polling associated
with Web 2.0 and AJAX applications. A key advantage of TurboStreaming is that communication resources
can be shared across multiple applications, and all HTTP requests and responses from any application
(including multiple browsers) are intermixed simultaneously across multiple concurrent sessions.
TurboStreaming serves as a platform for the consolidation and aggregation of all Web-based traffic from a
given user. Multiple HTTP protocol streams are logically aggregated across a few TCP sessions. Individual
objects or pieces of objects can be split into any size and then multiplexed with other object data and
reconstructed as needed SNSPs that deliver mixed payloads consisting of business-critical applications and
data, streaming media, and other network-intensive traffic. The end result is improved throughput and
faster response time for the end-user.
TurboStreaming enables the browser to open multiple pipelines (10s or even 100s) that communicate
with the FX Series remote appliances. All of this data, from all browsers and all browser windows, is
intelligently multiplexed over multiple TCP sessions back to the head-end FX Series appliance. This fully
utilizes all available bandwidth, and enables the browser to function at its full potential. This is only
possible because of advanced, industry leading two-sided acceleration technology.
FX Series Administration Guide - Version 6.2.2 29
Chapter: Overview - FX Series
Section: Two-Sided SolutionMN-FXSERIESADM6 Rev 6
Page 30
Comtech EF Data / Stampede
1.4.3 Partial Content Update Caching
Intelligently caches Microsoft® updates and other prevalent software updates on the client side saving
significant bandwidth attributed to "Patch Tuesday". The FX Series caching methodology handles the
rather complicated procedures employed by Microsoft and other AV vendors to request updates by
requesting "partial objects". This reduces the amount of data sent over satellite links to reduce bandwidth
consumption and provide faster response times for end-users.
The FX Series Remote can dramatically curb bandwidth consumption by caching software updates
published frequently by Microsoft, Symantec, Adobe, Apple and many other leading software vendors.
The delivery of these updates is performed when software that resides on client devices downloads the
new content in the background by requesting "partial content" over HTTP. The complex nature of "partialcontent" HTTP requests thwarts the capabilities of most caching devices, however the FX Series Remote
appliance caching engine can handle these requests. Once the content is cached by the FX Series Remote,
subsequent retrievals by the updating agents that request "partial-content" will be satisfied by the FX
Series Remote appliance, eliminating the need to repetitively transfer the same updates over satellite
links.
1.4.4 Network Protocol Optimization
The FX Series provides application-aware modules for HTTP, CIFS, MAPI, POP3, SMTP, and FTP that
dramatically reduce costly handshakes and intelligently apply compression to lower bandwidth
consumption and reduce latency.
Stampede specializes in optimizing protocols by consolidating multiple transactions into a single
transaction, which eliminates round-trips, performing cache differencing on dynamically generated
content, and bi-directional data compression. In addition, our patented technology (TurboStreaming)
enables the transfer of previously compressed objects up to 5 times faster through intelligent multiplexing
across multiple TCP sessions.
• TCP and HTTP applications have chatty protocols that put added delay in satellite networks, as do
delay-sensitive such as Microsoft Exchange and CIFS.
• IT managers are placing thousands of applications on their satellite links. Many of these
applications are mission-critical, and compete over a limited amount of bandwidth.
1.4.5 Dynamic Data Deduplication
Dynamic Data Deduplication segments the incoming data stream, uniquely identifies the data segments,
and then compares the segments replacing repetitive streams of payload data with signatures prior to
transmission over the satellite links. This feature is not application protocol specific and can be applied to
most TCP application traffic. The FX Series intelligently monitors the data stream and is able to distinguish
protocol headers which change frequently from payload data which is often static. The FX Series extracts
this payload data and segments it into blocks, storing each block into persistent memory known as a "byte
cache". Blocks of data are replaced with a signature for that data. This generates significant data
reduction.
1.4.6 Header Compression/Packet Aggregation
As real time traffic moves to IP, there is a proliferation of traffic with small payloads. In this case, the
header bytes can be 2 to 4 times the number of payload bytes. For small voice packets, compression can
result in reducing the required data rate to 30 – 50% of the original. The FX aggregates packets into an
Ethernet frame and sends it to a peer, where the packets are restored. Header compression is integrated
into the traffic shaping, and maximum latency per queue can be set.
FX Series Administration Guide - Version 6.2.2 30
Chapter: Overview - FX Series
Section: Two-Sided SolutionMN-FXSERIESADM6 Rev 6
Page 31
Comtech EF Data / Stampede
1.4.7 Multicator
Theory of Operation
A powerful new content distribution system can now be set up with the “Multicator” feature. This
feature allows a user to upload a file to an FX Series device via ftp, the file is then reliably multicast to a
group of receivers. The receivers then upload the content to a local ftp server. The Multicator employs
the “Content Distribution Control Protocol” (CDCP) to ensure that only one multicast transmission is in
progress.
Figure 1-1 FX Series Multicator Theory of Operation
Sequence of Events
1 Files are deposited on the Remote Sender (Site D) using a standard FTP client
2 The Sender then notifies the Controller that it has data to send and is granted permission to
reliably multicast the data across the WAN
3 Under control of the Multicator Controller, the Sender establishes a reliable multicast connection
to the Receivers.
4 The Sender sends the file to each of the Receivers (Sites A, B, C, and E)
5 Each Receiver verifies receipt to the Controller
6 Each receiver FTPs the file to the respective server.
FX Series Administration Guide - Version 6.2.2 31
Chapter: Overview - FX Series
Section: Two-Sided SolutionMN-FXSERIESADM6 Rev 6
Page 32
Comtech EF Data / Stampede
1.5 FX Series Appliances
1.5.1 Theory of Operation
The FX Series ADC software can run on the FX-4010, the FX-4000, the FX-1005 or the FX-1000. The FX
Series ADC applies deflate compression, image transformation, static and dynamic content caching. To the
client, the FX Series ADC appears to be the back-end server.
The FX Series Application Delivery Controller (ADC) devices accelerate application delivery and reduce the
amount of traffic over satellite links. ADCs are single-sided (asymmetric), requiring an appliance only in
the head-end. The FX Series ADC serves as a proxy for TCP management, acceleration and offloading
server and network resources for out-bound traffic. TCP acceleration removes the time, quantity and
complexity associated with multiple short-lived connections that slow network performance and add
overhead to Web server CPU resources. An ADC terminates the client-side TCP session requests, and
multiplexes many short-lived sessions into a single longer-lived session between the FX Series ADC and
the Web servers.
WANOP Optimization and Data Compression
In addition to a one-sided configuration, the FX Series ADC can reside at the service provider head-end,
and work together with FX Series Remote appliances located at each remote site. These products provide
two-sided WAN optimization and application acceleration to alleviate the adverse effects that latency and
performance errors have upon satellite network performance. They are referred to as WAN Optimization
Controllers (WOCs).
In two-sided optimization, if a connection to the FX Series ADC is not able to be achieved by a remote
appliance, then the remote appliance will go into a “pass-through” mode where the requests will be
directed to the target content server.
Header Compression
As real time traffic moves to IP, there is a proliferation of traffic with small payloads. In this case, the
header bytes can be 2 to 4 times the number of payload bytes. For small voice packets, compression can
result in reducing the required data rate to 30 – 50% of the original. The FX aggregates packets into an
Ethernet frame and sends it to a peer, where the packets are restored.
1.5.2 Reporting
Reports
Important FX Series ADC appliance events are recorded so that the following reports can be viewed:
Acceleration Statistics
Throughput Statistics
Port Statistics
WCCP Status
Aggregate Statistics
By L7 HTTP Policy
By L5 Application Policy
Current Connections
FX Series Administration Guide - Version 6.2.2 32
Chapter: Overview - FX Series
Section: FX Series AppliancesMN-FXSERIESADM6 Rev 6
Page 33
Comtech EF Data / Stampede
Monitors
WANOP Monitor
This Monitor provides a real time view of vital WANOP statistics for both the FX Series ADC
and the FX Series Remote.
QOS Monitors
The QoS Monitors provide a real time view of vital QoS statistics, including current, average
and elapsed stats. Monitors include one for Links and a second for Queues
1.5.3 Deployment Options
The FX Series ADC can run in single sided mode ADC only, in-line mode, routed mode or in WCCP mode.
The installation instructions for these are in the FX Series Installation Patterns Section.
FX Series Administration Guide - Version 6.2.2 33
Chapter: Overview - FX Series
Section: FX Series AppliancesMN-FXSERIESADM6 Rev 6
Page 34
Comtech EF Data / Stampede
1.6 FX Series Remote Appliance
1.6.1 Theory of Operation
The FX Series Remote software can run on the FX4010, the FX-4000, the FX-1005, the FX-1010 and the FX-
1000. The FX Series Remote accelerates traffic by intercepting user requests and forwarding them to the
FX Series ADC. The FX Series ADC applies deflate compression, image transformation, static and dynamic
content caching. The FX Series Remote applies static content caching, dynamic content caching, deflate
compression, Dynamic Data De-duplication, persistent connections, connection multiplexing, client side
connection termination, and TurboStreaming. To the client, the FX Series Remote appears to be the back end server. When in a two-way configuration the FX Series Remote will communicate with the FX Series
ADC via the port that the client is connecting by default. If the FX Series Remote is configured to connect
to a specific FX Series ADC then port 4922 will be used. If a connection to the FX Series ADC is not able to
be achieved then the remote appliance will go into a “pass-through” mode where the requests will be
directed to the target content server.
Most FX Series Remote configuration is accomplished with an easy-to-use browser-based tool to set
polices on the FX Series ADC appliance. The configuration policies are designed to provide full inheritance
properties, meaning that most configuration settings are shared between all FX Series Remote appliances,
but individual over-rides can be set for specific FX Series Remote appliances. Examples of policy-based
settings include:
• Bandwidth reservation and prioritization
• HTTP application optimization
• Compression and caching settings for HTTP, CIFS, POP3, SMTP, and FTP
Header Compression
As real time traffic moves to IP, there is a proliferation of traffic with small payloads. In this case, the
header bytes can be 2 to 4 times the number of payload bytes. For small voice packets, compression can
result in reducing the required data rate to 30 – 50% of the original. The FX aggregates packets into an
Ethernet frame and sends it to a peer, where the packets are restored.
Wanop Optimization and Data Compression
All TCP traffic between the FX Series Remote is compressed using intelligent data dictionaries to ensure
that repeated patterns are eliminated from subsequent accesses. Several techniques are utilized to
guarantee that the TCP communications between the FX Series Remote and the FX Series head-end
appliance are fully optimized, including:
RFC3649
"High-speed TCP for Large Congestion Windows"
Streaming
Moves data streams over multiple concurrent TCP connections between FX Series Remote appliances
and FX Series head-end appliance. This insulates the FX Series from intermittent packet loss, as data
is almost always going at full speed over at least one of the connections.
HTTP Optimization
The optimization techniques of FX Series client acceleration are built into the FX Series Remote
appliance, resulting in highly optimized delivery of HTTP applications to remote site users without
having to deploy software on individual computers. Some of the optimizations that FX Series Remote
appliance can apply to HTTP applications include:
•Caching of static objects, Cache differencing of dynamic content and Cookie Compression
FX Series Administration Guide - Version 6.2.2 34
Chapter: Overview - FX Series
Section: FX Series Remote ApplianceMN-FXSERIESADM6 Rev 6
Page 35
Comtech EF Data / Stampede
1.6.2 Reporting
Reports
Important FX Series Remote appliance events are consolidated at the FX Series ADC appliance. These
events are recorded so that the following consolidated reports can be viewed on the Remote Appliance:
Acceleration Statistics
Aggregate Statistics
Current Connections
Throughput Statistics
Aggregate Throughput
WCCP Status
By WCCP Definition
ACM QoS
By Modem
Monitors
WANOP Monitor
This Monitor provides a real time view of vital WANOP statistics for both the FX
Series ADC and the FX Series Remote.
QOS Monitors
The QoS Monitors provide a real time view of vital QoS statistics, including current,
average and elapsed stats. Monitors include one for Links and second for Queues.
1.6.3 Deployment Options
Routes
By Table
Network Status
By Interface
Of WAN Interface
Multicator
Multicator Statistics
The FX Series appliances can run in in-path mode, in routed mode or in WCCP mode.
The installation instructions for these are in the FX Series Installation Patterns Section.
FX Series Administration Guide - Version 6.2.2 35
Chapter: Overview - FX Series
Section: FX Series Remote ApplianceMN-FXSERIESADM6 Rev 6
Page 36
Comtech EF Data / Stampede
1.7 Mesh Networking with the FX Series
1.7.1 Theory of Operation
In addition to the single sided and the two sided client/server or Hub/Remote star network, we’ve now
introduced a full mesh network. We accelerate traffic from the FX Series Remote to the FX Series ADC,
with both appliances at each site.
NOTE: The FX Series Mesh can utilize the FX1005 appliances in a dual rack installation.
The FX Series Remote accelerates traffic by intercepting user requests and forwarding them to the FX
Series ADC. The FX Series ADC applies deflate compression, image transformation, static and dynamic
content caching.
The FX Series Remote applies static content caching, dynamic content caching, deflate compression,
Dynamic Data De-duplication, persistent connections, connection multiplexing, client side connection
termination, and TurboStreaming. To the client, the FX Series Remote appears to be the back-end server.
1.7.2 Mesh Capability with two FX Series appliances at each node
All optimizations are handled – Remote to ADC
Traffic shaping, is done with the FX Remote, not the FX ADC
The first ADC picks up the traffic and will accelerate/optimize it.
The configurations for each appliance are done separately and have a cable connected
between the Remote LAN port and the ADC WAN port as shown below.
Figure 1-2 FX Series Basic Mesh Connectivity Diagram
FX Series Administration Guide - Version 6.2.2 36
Chapter: Overview - FX Series
Section: Mesh Networking with the FX SeriesMN-FXSERIESADM6 Rev 6
Page 37
Comtech EF Data / Stampede
Hub/Spoke with meshing between FX Remotes, with the FX ADC hub available for web
browsing and other applications.
Figure 1-3 FX Series Hub Spoke Mesh Connectivity Diagram
FX Series Administration Guide - Version 6.2.2 37
Chapter: Overview - FX Series
Section: Mesh Networking with the FX SeriesMN-FXSERIESADM6 Rev 6
Page 38
Comtech EF Data / Stampede
1.7.3 Mesh configuration with Redundancy
The Redundancy configuration could be set up at each site to provide total redundancy
The fail to wire capability is structured between the two like devices and between the
Remotes and the ADC as shown below.
The appliances are connected in series as shown below.
See the mesh deployment installation pattern for details.
.
Figure 1-4 FX Series Mesh with Redundancy Connectivity Diagram
FX Series Administration Guide - Version 6.2.2 38
Chapter: Overview - FX Series
Section: Mesh Networking with the FX SeriesMN-FXSERIESADM6 Rev 6
Page 39
Comtech EF Data / Stampede
FX-1005 ADC
FX-4010-ADC
Max Accelerated Sessions
3,000
30,000
Data Rate Options Mbps
1, 2, 4, 6, 10, 15
10, 15, 25, 45, 70, 155, 310
Load Balancing via WCCP
Connection Management
Advanced Traffic Shaping with ACM (d)
Source IP Preservation
Optimize VLAN Tagged Data
GZIP Compression (b)
Image Reduction (c)
Content Caching
Static Caching
Redundancy - In-Path and Routed Modes
FX-1005
REM/ADC
FX-1010 REM
FX-4010 REM/ADC
Max Accelerated Sessions (a)
6,000 (a)
6,000
30,000 (a)
Data Rate Options Mbps
1, 2, 4, 6, 10, 15
2, 4, 6, 10, 15, 25
10, 15, 25, 45, 70, 155, 310, 700 (f)
Header Compression Rate (PPS) (e)
35,000
700,000
Load Balancing via WCCP
Connection Management
Traffic Shaping with ACM (d)
IP Source Preservation
Optimize VLAN Tagged Data
Multicator
Content Reduction
Bi-directional Compression
Image Reduction (c)
Dynamic Data De-duplication
Content Caching
Static Caching
Cache Differencing
TCP Optimization
Multiplexing Data Streams
Auto Updates to the Remotes
See Data Sheet Notes: (a) (b) (c) (d) (e)on next page
1.8 FX Series Appliances Data Sheet
Deploy the Stampede FX Series (ADC) as a single-sided solution to optimize traffic from your outbound
channel. For a two-sided solution, add the FX Series Remote (REM) appliance and achieve the ultimate in
application acceleration and WAN optimization.
1.8.1 Single Sided with the Application Delivery Controller (ADC)
1.8.2 Two Sided with the ADC and the Remote
FX Series Administration Guide - Version 6.2.2 39
Chapter: Overview - FX Series
Section: FX Series Appliances Data SheetMN-FXSERIESADM6 Rev 6
Figure 1-5 FX Series Appliances Data Sheet
Page 40
Comtech EF Data / Stampede
FX-4010-ADC
FX-1005-ADC
Image Size
Images Per Second
Images Per Second
10KB
1800
80
50KB
1000
35
500KB
100
35
Data Sheet Notes:
(a) When used as an ADC, the FX-1005 will handle 3000 concurrent sessions.
(b) Maximum accelerated WAN rates are a function of compressibility. If all content is being GZIP
compressed with a ratio of greater than 4:1, the maximum WAN rate may not be accelerated.
(c) The number of images handled per second is a function of image size.
(d) Available as either a stand-alone feature or part of the WAN optimization product. As a stand-
alone feature, the maximum data rate is 700 Mbps, when purchased with the WAN optimization;
the data rate is limited to the WAN optimization rate.
(e) Packets per second (PPS) is 50% outbound and 50% inbound. Header compression is currently
only available in point-to-point configurations and is not currently supported in the FX-1010.
Header Compression is currently available as either a standalone feature added to the base
configuration or part of the WAN Optimization product. When purchased without the WAN
Optimization feature the maximum rate is 700KBps. When included with WAN Optimization, the
data rate is limited to the WAN Optimization rate.
1.8.3 Configuration Models
The Base Configuration with QOS only is an option with no WAN Optimization.
Option 1 Add Header Compression (rates up to700KBps) with no WAN Optimization.
Option 2 Wan Optimization including Header Compression with rates as shown in the tables.
FX Series Administration Guide - Version 6.2.2 40
Chapter: Overview - FX Series
Section: FX Series Appliances Data SheetMN-FXSERIESADM6 Rev 6
Page 41
Comtech EF Data / Stampede
Model
FX-1005
FX-1010
FX-4010
Form Factor
1RU
1RU
1RU
Weight
2.6 lbs. (1.2kg)
13.3 lbs. (6.0 kg)
15 lbs. (6.8 kg)
Dimensions
(h x w x d)
1.7” x 8.5” x 7.4”
(43 x 215 x 188 mm)
1.7” x 17.0” x 15.6”
(44 x 431 x 395 mm)
1.7” x 16.8” x 14.0”
(43 x 427 x 356 mm)
Memory
4 GB
4 GB
16 GB
Storage
(1) 160 GB SATA
(1) 160 GB SATA
(1) 1 TB SATA III
Network Interface (GE)
Ports/Fail-to-Wire Pairs
4/1
11/0
4/1
Serial Ports
1 1 1
USB Interface Ports
2 2 2
Rack Mount Kits
1 or 2 units in 1RU
Power Supply – UL Approved,
FCC Compliant
Requires a 60 W/12V power
adapter with lock
200 W ATX power supply
unit with input range of
90~264V@ 47-63 Hz
Single Power
(200 W)
Auto (100V-240V)
Power Supply Safety/EMC
Certifications
EN 61000/IEC 6100Compliant
Australian AS/NZS Class A
FCC Part 15 Subpart B
Canada ICES-003 Class A
Europe/CE Mark
ROHS
EN 61000/IEC 61000Compliant
Australian AS/NZS Class A
FCC Part 15 Subpart B
Canada ICES-003 Class A
Europe/CE Mark
ROHS
En 60950/IEC 60950Compliant
Canada – CUL Listed
Germany –TUV Listed
Europe/CE Mark
CCC Certified
ROHS
Environment
Operating temp
0 - 40°C,
Storage temp
-20 - 60°C,
Humidity 5 - 90%
Operating temp
0 - 40°C,
Storage temp
-20 - 60°C,
Humidity 5 - 90%
Operating temp
10 - 35°C,
Storage temp
-40 - 70°C,
Humidity 8 - 90%
1.8.4 FX Series Hardware Specification
FX Series 1005FX Series 1010FX Series 4010
FX Series Administration Guide - Version 6.2.2 41
Chapter: Overview - FX Series
Section: FX Series Appliances Data SheetMN-FXSERIESADM6 Rev 6
Figure 1-6 FX Series Hardware Specifications
Page 42
Comtech EF Data / Stampede
1.8.5 FX-4010 Physical Description
Front Panel
The front panel has the power button, the reset button and 5 LEDs to visually indicate certain vital
states of the appliance.
1. Power Button
2. Reset Button
LED indicators from left to right:
1. Power 0n/Off
2. HDD (on - activity/off - no activity)
3. Management Port (on - Linking / Off - not linking)
4. Auxiliary Port (on - Linking / Off - not linking)
5. Temperature Warning
Back Panel
Using suitable RJ-45 cable, you can connect FX Series FX-4010 System to a computer, or to any other
piece of equipment that has an Ethernet connection; for example, a hub or a switch. Moreover, LAN
(eth 2) / WAN (eth3) are configured as LAN Bypass when failure events occur.
Figure 1-7 FX Series FX-4010 Back Panel
From left to right
1. Power-In Socket
2. Inputs for mouse
and keyboard
3. (2) USB 2.0 Ports
4. Serial Port
5. VGA Port
6. MGT/Control (Eth0)
7. AUX Port (Eth1)
LED indicators for MGT (Eth0) and AUX (Eth1) Ports
On/Flashing indicates that the port is linking.
Off indicates that the port is not linking.
LED indicators for LAN and WAN Ports (3) LEDs per port
Link Activity: Turns on any link speed, blinks on activity (green)
100: Turns on Mbit/s link (green).
1000: Turns on Mbit/s link (green).
Bypass: LED 1000 and LED 100 of LAN port 0 are turned on
Disconnect: LED 1000 and LED 100 of WAN port 1 are turned on
8. LAN (Eth2)
9. WAN (Eth3)
FX Series Administration Guide - Version 6.2.2 42
Chapter: Overview - FX Series
Section: FX Series Appliances Data SheetMN-FXSERIESADM6 Rev 6
Page 43
Comtech EF Data / Stampede
1.8.6 FX4010 DC Physical Description
Front Panel
The front panel has the power button, the
reset button and 5 LEDs to visually indicate
certain vital states of the appliance.
(NOTE: Actual Picture not available at time
of printing)
Front panel from right to left.
1. Power Button
2. Reset Button
LED indicators:
3. Power 0n/Off
4. HDD (on - activity/off - no activity)
5. Management Port (on - Linking / Off - not linking)
6. Auxiliary Port (on - Linking / Off - not linking)
7. Temperature Warning
Back Panel
Using suitable RJ-45 cable, you can connect FX Series FX-4010 System to a computer, or to any other
piece of equipment that has an Ethernet connection; for example, a hub or a switch. Moreover, LAN
(eth 2) / WAN (eth3) are configured as LAN Bypass when failure events occur. (NOTE: Actual Picture
not available at time of printing)
From left to right
1. Inputs for mouse and keyboard
2. (2) USB 2.0 Ports
3. Serial Port
4. VGA Port
5. MGT/Control (Eth0)
6. AUX Port (Eth1)
7. LAN (Eth2) – NOT Shown in Picture
8. WAN (Eth3) – Not Shown in Picture
9. Power-In Socket
LED indicators for MGT (Eth0) and AUX (Eth1) Ports
On/Flashing indicates that the port is linking.
Off indicates that the port is not linking.
FX Series Administration Guide - Version 6.2.2 43
Chapter: Overview - FX Series
Section: FX Series Appliances Data SheetMN-FXSERIESADM6 Rev 6
Page 44
Comtech EF Data / Stampede
Operating Environment (System)
Operating Temperature Range
5°C ~ 35°C (41°F ~ 95°F)
Non-Operating Temperature Range
-40°C ~ 60°C (-40°F ~ 140°F)
Operating Relative Humidity Range
8% ~ 90% (non-condensing)
Non-Operating Relative Humidity Range
5% - 95% (non-condensing)
Power Supply
410W DC-DC power supply (24-pin) with cable harness
DC Voltage
Voltage Range = -36V to -72V
Nominal Voltage = -48V
Max Input Current = 18A @ -48V
DC Output
5V + 3.3V ≤ 180W
+5V
35.0 Amp
+5V standby
3.0 Amp
+12V
32.0 Amp
-12V
0.5 Amp
+3.3V
20.0 Amp
Regulatory (Power Supply)
Power Supply
Safety / EMC
USA - UL listed, FCC
Canada - CUL listed
Germany - TUV Certified
Europe/CE Mark
EN 60950/IEC 60950-Compliant
CCC
LED indicators for LAN and WAN Ports (3) LEDs per port
Link Activity: Turns on any link speed, blinks on activity (green)
100: Turns on Mbit/s link (green).
1000: Turns on Mbit/s link (green).
Bypass: LED 1000 and LED 100 of LAN port 0 are turned on
Disconnect: LED 1000 and LED 100 of WAN port 1 are turned on
FX Series Administration Guide - Version 6.2.2 44
Chapter: Overview - FX Series
Section: FX Series Appliances Data SheetMN-FXSERIESADM6 Rev 6
Page 45
Comtech EF Data / Stampede
LED Indicator
Interpretation
SPEED
Amber
The connection speed is 1000Mbps
Green
The connection speed is 100Mbps
Off
The connection speed is 10Mbps.
LINK/ACT
On/Flashing (Yellow)
The port is linking.
Off
The port is not linking.
1.8.7 FX-1005 Physical Description
Front Panel
Figure 1-8 FX Series FX-1005 Front Panel
Power/Status/HDD LED (left vertical icons)
Power (Green): If the LED is on it indicates the system is powered on. If it is off, it indicates the
system is powered off.
Status(Green/Amber): If the LED is Green, it indicates that the system’s operational state is
normal. If it is Amber, it indicates that the system is malfunctioning.
HDD (Yellow): If the LED blinks, it indicates data access activities; otherwise, it remains off.
LED indicators for Network Ports:
MGT Port (Eth 0) AUX Port (Eth 1) LAN Port (Eth 2) WAN Port (Eth 2)
FX Series Administration Guide - Version 6.2.2 45
Chapter: Overview - FX Series
Section: FX Series Appliances Data SheetMN-FXSERIESADM6 Rev 6
Page 46
Comtech EF Data / Stampede
Back Panel
Reset Switch
Use a pointed object to press the reset button to reboot the system without turning off the power.
Console Port
Figure 1-9 FX Series FX-1005 Rear Panel
By using suitable rollover cable (also known as Cisco console cable), you can connect to a computer
terminal for diagnostic or configuration purpose
Two USB 2.0 Ports
It connects to any USB devices, for example, a flash drive
4 Gigabit LAN ports
Using suitable RJ-45 cable, you can connect FX Series 1005 System to a computer, or to any other
piece of equipment that has an Ethernet connection; for example, a hub or a switch.
Moreover, LAN (Eth2) and LAN (Eth3) are configured as LAN Bypass when failure events occur.
1) MGT - Management (Eth 0)
2) AUX - Auxiliary (Eth 1)
3) LAN - (Eth 2)
4) WAN - (Eth 3)
DC-in 12V Jack
The system requires a 60W/12V power adapter with lock.
Power-on Switch
It is a switch to turn on or off the power.
Summary of Specifications
Network Interface /Fail to Wire
Power Supply – UL Approved
(4) GbE ports, (1) pair bypass
200 W (Auto 100V – 200V)
FX Series Administration Guide - Version 6.2.2 46
Chapter: Overview - FX Series
Section: FX Series Appliances Data SheetMN-FXSERIESADM6 Rev 6
Page 47
Comtech EF Data / Stampede
1.8.8 FX Series FX-1005 Hardware Mounting Options
Tabletop Mounting (Standard)
(a) To mount the FX-1005 on the table, use the rubber feet in the tabletop mounting pack.
(b) Follow the following procedures as a guideline: (may be pre-attached)
(c) Place the rubber feet on the mounting spots at the bottom of the FX-1005 .
(d) Place the FX-1005 on the table using the rubber feet.
Double Unit Rack Mount (Optional Accessory)
To mount two FX-1005 systems onto the rack, use the mounting kit with the screw
pack.
(a) Follow the following procedures as a
guideline:
(b) Attaching two screws having a washer
under the head to the inner side of the
system’s chassis.
(c) Align the screws of one system with
the mounting slots of the other system
and mount the two systems side by side
by clipping them together
(d) Make sure that the attachment between
the two systems is secure and the
mounting screws are locked in place.
(e) Use the screws provided to fix the short
ear-bracket to the left and right sides of
the system as shown in the picture.
(f) Use the mounting hardware included to
attach and secure the bracket to the rack.
Installing the ear-bracket to the rear side is an alternative rack mounting
NOTE: The short-ear bracket could also be mounted at the rear side of the system. Thus, the
rear panel of the system could be mounted in the front of the rack mounting equipment.
Single Unit Rack Mount (Optional Accessory)
NOTE: Place the power adaptor in the bracket first before installing the adaptor holder.
(a) To mount the FX-1005 onto the rack, use
the mounting kit with the screw pack.
(b) Follow these procedures as a
guideline:
(c) Attach the adaptor mounting bracket
to the system by fastening 5 screws
(d) Place the adaptor in the adaptor
mounting bracket.
(e) Make sure that the power adaptor’s
AC socket is not blocked. Align the AC
socket with the holes on the mounting
bracket.
(f) You could use the adaptor holder to
hold your adaptor to prevent it from
sliding back and forth.
(g) Use 3 screws provided to fix the bracket to the left and right side of the system.
(h) Use the mounting hardware included to attach and secure the bracket to the rack.
FX Series Administration Guide - Version 6.2.2 47
Chapter: Overview - FX Series
Section: FX Series Appliances Data SheetMN-FXSERIESADM6 Rev 6
Page 48
Comtech EF Data / Stampede
Figure 1-10 FX Series FX-1010 Front Panel
1.8.9 FX-1010 Physical Description
Front Panel
Power/Status/HDD LED
Power:
If the LED is on it indicates that the system is powered on. If it is off, it indicates that the system is
powered off.
Status:
If the LED is green, it indicates that the system’s operational state is normal. If it is red, it indicates
that the system is malfunctioning.
HDD:
If the LED is on, it indicates that the system’s storage is functional. If the LED blinks, it indicates
data access activities. If it is off, it indicates that there is no hard disk present or functional.
System Panel: LCD System Panel
The LCD System Panel is programmed to display WOC on the first line and “Active” on the second.
Reset Switch:
The reset switch can be used to reboot the system without turning off the power.
Console Port:
By using suitable rollover cable or RJ-45 to DB-9 Female (Cisco console cable), you can connect to
a computer terminal for diagnostic or configuration purpose. Default terminal Configuration
Parameters: 115200 baud, 8 data bits, no parity, 1 stop bit, no flow control.
Two USB 2.0 Ports:
It connects to any USB devices, for example, a flash drive.
Management Port and Auxiliary Ports:
The Management Port is a Fast Ethernet port that can be connected for configuration or
troubleshooting purpose. It conforms to the IPMI (Intelligent Platform Management Interface)
and can be implemented on this port through the Open Platform Management Architecture
(OPMA) interface.
Eight Gigabit LAN ports (Ports 1-8)
WAN Port - LAN/WAN Port LEDs
Right LED:
If the LED is orange, it indicates that the connection speed is 1000Mbps. If the LED is green, it
indicates that the connection speed is 100Mbps. And if it is off, it indicates that the speed is
10Mbps.
Left LED:
If the LED is on, it indicates that the port is linked. If it blinks, it indicates there is traffic.
Using suitable RJ-45 cable, you can connect FX-1010 system to a computer, or to any other piece
of equipment that has an Ethernet connection; for example, a hub or a switch.
FX Series Administration Guide - Version 6.2.2 48
Chapter: Overview - FX Series
Section: FX Series Appliances Data SheetMN-FXSERIESADM6 Rev 6
Page 49
Comtech EF Data / Stampede
Back Panel
Summary of Specifications
Network Interface (11) 10/100/1000,
Figure 1-11 FX Series FX-1010 Rear Panel
4 System CPU Fans
Power-on Switch
AC Power-in socket -
200W ATX power supply unit with input range of 90~264V@47-63Hz.
Power Supply Fan
Power Supply – UL Approved 200 W (Auto 100V – 200V)
Rack Mounting
Rack mounting hardware is included with FX-1010 appliance
FX Series Administration Guide - Version 6.2.2 49
Chapter: Overview - FX Series
Section: FX Series Appliances Data SheetMN-FXSERIESADM6 Rev 6
Page 50
Comtech EF Data / Stampede
2 Initial Installation Information
2.1 Pre-Installation Information
2.1.1 Unpacking
Inspect shipping containers for damage. If shipping containers are damaged, keep them until the
contents of the shipment have been carefully inspected and checked for normal operation.
The FX Series appliance is packaged in pre-formed, reusable, cardboard cartons containing foam spacing
for maximum shipping protection.
Unpack the appliance as follows:
Step Procedure
1 Remove the appliance, and the power cord and cables from the carton.
2 Save the packing material for storage or reshipment purposes.
3 Inspect the appliance for any possible damage incurred during shipment.
4 Check the equipment and accessories against the packing list to ensure the shipment is
The FX Series supports a basic menu-driven interface, which is accessible using the console port (eth0) or
a web-based graphical user interface (GUI). Initial network configurations are managed thru the console
connection, and the optimization and general operations functions are managed via the GUI. There are
three alternate methods to connect to the FX Series Appliance
1. Attach a Monitor, keyboard and mouse to device.
2. Connect the supplied serial cable with a setting of (19200,N,8,1)
3. Attach a cross-over cable to the eth1 interface which has a static IP address of 169.254.55.55
(See FX Series Console Management Functions in Appendix)
To connect to the Web GUI using a PC with a Browser access:
http://yourFxHostname:10000 or http://IP:10000 . The default
USERID and PASSWORD are “comtech” and “comtech” for both
the console and the GUI.
2.1.3 Documentation
The latest FX series Documentation can be found on the Comtech
EF Data Web site at: http://www.comtechefdata.com/support
FX Series Administration Guide - Version 6.2.2 50
Chapter: Initial Installation Information
Section: Pre-Installation InformationMN-FXSERIESADM6 Rev 6
Page 51
Comtech EF Data / Stampede
2.2 How to Configure Appliance Management Address
2.2.1 All Installation Patterns
Log into the appliance via console or SSH session using the username: comtech and password: comtech
a. Enter no and press Enter key (disable DHCP for this interface)
5 Select option 2 “Configure IP Address”
a. Enter the IP address of the appliance and press enter
6 Select option 3 “Configure Netmask”
a. Enter the subnet mask and press the Enter key
7 Select option 0 “Return to previous menu”
8 Select option 3 “Configure Default Gateway”
a. Enter the default gateway IP address and press the Enter key
Verify network connectivity by doing a ping of the appliance address from an external device.
Depending on the environment, there are several network installation patterns that can be used.
These are each documented in following installation patterns sections.
• Section 2.3 How to configure FX Series Installation Pattern (In-Line Mode)
• Section 2.4 How to configure FX Series Installation Pattern (Routed Mode)
• Section 2.5 How to configure FX Series Installation Pattern (WCCP Mode)
• Section 2.6 How to Configure Two FX Series Appliances in a Mesh Configuration
FX Series Administration Guide - Version 6.2.2 51
Chapter: Initial Installation Information
Section: How to Configure Appliance Management AddressMN-FXSERIESADM6 Rev 6
Page 52
Comtech EF Data / Stampede
2.3 How to configure FX Series Installation Pattern (In-Line Mode)
2.3.1 Cable the Appliance
The eth2 (LAN) and eth3 (WAN) ports both need to be connected to a switch or router in which:
The eth2 (LAN) port is on the link closest to the back end servers if the appliance is an FX-ADC or
Clients if the appliance is a FX-Remote.
The eth3 (WAN) port is on the link closest to the satellite modem.
FX Series ADC FX Series Remote
2.3.2 Configure the Appliance
Login to the appliance through the browser interface at:
http://{IP_address_of_the_appliance}:10000
1.Enter the default user name “comtech” and the
default password “comtech”.
a. Click Login.
2. Go to Configuration -> General Settings
a. Change “Traffic interception mode” to “In-
Line”.
b. Click Save.
3. Go to Traffic Interfaces -> In-Path Interfaces
a. Click the Add button to add a new in-path
interface.
Enter the VLAN ID of 0. If no VLAN
tagging is to be used. Use the VLAN ID
of the VLAN if traffic is to be VLAN
tagged
Enter the IP Address.
Enter the Netmask.
Enter the Gateway.
Enter any static routes needed in the
“Routes” field.
b. Click “Add In-Path Interface”.
FX Series Administration Guide - Version 6.2.2 52
Chapter: Initial Installation Information
Section: How to configure FX Series Installation Pattern (In-Line Mode)MN-FXSERIESADM6 Rev 6
Page 53
Comtech EF Data / Stampede
4. Go to Traffic Interfaces-> LAN Interfaces.
a. Click on the “Add” button to add a new LAN
b. Click “Add LAN Interface”.
Go to Operations -> Shutdown and Restart
Click on the “Restart Service Button”
interface.
Select “eth2” in the “Physical interface”
selection box.
In the “In-Path Interface(s)” selection
box, click the IP address of the in-path
interface *from above*.
In the “Untagged in-path interface”
selection box, select the IP address of
the in-path interface *from above*.
Select “None” if the VLAN tag is to be
propagated across the WAN.
FX Series Administration Guide - Version 6.2.2 53
Chapter: Initial Installation Information
Section: How to configure FX Series Installation Pattern (In-Line Mode)MN-FXSERIESADM6 Rev 6
Page 54
Comtech EF Data / Stampede
2.4 How to configure FX Series Installation Pattern (Routed Mode)
2.4.1 Cable the Appliance
Connect the eth3 (WAN) port to a switch or a router.
2.4.2 Configure the Appliance
Login to the appliance through the browser interface at: http://{IP_address_of_the_appliance}:10000
1. Enter the default user name “comtech” and the default password “comtech”.
a. Click Login.
FX Series ADC FX Series Remote
Go to Configuration -> General Settings
a. Change “Traffic interception mode” to “Routed”
b. Click Save
2. Go to Traffic Interfaces -> In-Path Interfaces
a. Click the Add button to add a new in-path interface.
Enter the VLAN ID of 0, if no VLAN is to be
tagged. Use the VLAN ID of the VLAN if traffic is
to be VLAN tagged.
Enter the IP Address.
Enter the Netmask
Enter the Gateway
Enter any static routes needed in the “Routes”
field.
b. Click “Add In-Path Interface”
FX Series Administration Guide - Version 6.2.2 54
Chapter: Initial Installation Information
Section: How to configure FX Series Installation Pattern (Routed Mode)MN-FXSERIESADM6 Rev 6
Page 55
Comtech EF Data / Stampede
3. Go to Traffic Interfaces -> LAN Interfaces.
a. Click on the “Add” button to add a new LAN
b. Click “Add LAN Interface”.
Go to Operations -> Shutdown and Restart Click on the
“Restart Service Button”
interface.
Select “eth3” in the “Physical interface”
selection box.
In the “In-Path Interface(s)” selection box,
click the IP address of the in-path interface
*see above*.
In the “Untagged in-path interface”
selection box, select the IP address of the
in-path interface *see above*. Select
“none” if the VLAN tag is to be propagated
across the WAN.
FX Series Administration Guide - Version 6.2.2 55
Chapter: Initial Installation Information
Section: How to configure FX Series Installation Pattern (Routed Mode)MN-FXSERIESADM6 Rev 6
Page 56
Comtech EF Data / Stampede
2.5 How to configure FX Series Installation Pattern (WCCP Mode)
2.5.1 Cable the Appliance
Connect the eth2 (LAN) port to a switch or a router.
2.5.2 Configure the Appliance
Login to the appliance through the browser interface at: http://{IP_address_of_the_appliance}:10000
1. Enter the default user name “comtech” and the default password “comtech”.
a. Click Login.
2. Go to Configuration -> General Settings
c. Change “Traffic interception mode” to “WCCP”
d. Click Save
3. Go to Traffic Interfaces -> In-Path Interfaces
a. Click the Add button to add a new in-path
interface.
Enter the VLAN ID of 0.
Enter the IP Address.
Enter the Netmask
Enter the Gateway
Enter any static routes needed in the
“Routes” field.
b. Click “Add In-Path Interface”
FX Series Administration Guide - Version 6.2.2 56
Chapter: Initial Installation Information
Section: How to configure FX Series Installation Pattern (WCCP Mode)MN-FXSERIESADM6 Rev6
Page 57
Comtech EF Data / Stampede
4. Go to Traffic Interfaces -> LAN Interfaces.
a. Click on the “Add” button to add a new LAN
interface.
Select “eth3” in the “Physical interface”
selection box.
In the “In-Path Interface(s)” selection box,
click the IP address of the in-path interface
*see above*.
In the “Untagged in-path interface”
selection box, select the IP address of the inpath interface *see above*.
b. Click “Add LAN Interface”.
Go to Status -> Real-Time Monitor. Click “Restart Service”.
Go to Operations -> Shutdown and Restart Click on the
“Restart Service Button”
2.5.3 Configure WCCP Settings
Go to Traffic Interfaces -> WCCP
1. Click “Add WCCP Definition”
a. Select the IP address of the interface that will
send the WCCP messages to the router in the
“Source IP address” selection
box.
Enter the routers IP address in
the “Router address” field.
b. Select the local interface that will
receive the GRE traffic if using
GRE redirection. If using L2
redirection leave blank.
c. If using GRE redirection enter the
router identifier of the router in
the “Remote GRE tunnel
address” field. If using L2
redirection leave blank.
d. Use default value for
“Enablement”.
e. Use default value for “Critical”.
f. Select Redirection method.
g. Select the same value used for
Redirection method.
h. For L2 use Mask Assignment
scheme. For GRE use Hash
Assignment scheme. * This may
differ on highest end Cisco equipment.
i. Leave the password field blank, unless one was configured for WCCP on the Cisco device.
FX Series Administration Guide - Version 6.2.2 57
Chapter: Initial Installation Information
Section: How to configure FX Series Installation Pattern (WCCP Mode)MN-FXSERIESADM6 Rev 6
Page 58
Comtech EF Data / Stampede
j. If using “web-cache” WCCP redirection, (no source IP address preservation) enter 0 in the
k. Use the default values for “Redirect based on”, Accept traffic for”, and “Ports”.
l. If using source IP address preservation select “Enabled” for “Use additional service group”. If
m. Click “Add WCCP Definition”
Go to Operations -> Shutdown and Restart
Click on the “Restart Service Button”
NOTE:For more information on “redirection” or configuring on FX1000 appliances or older FX Series 4000
appliances, see the WCCP section: Other WCCP Configurations
“Service group number” field. If using source IP address preservation use the default value.
using “web-cache” default this value.
FX Series Administration Guide - Version 6.2.2 58
Chapter: Initial Installation Information
Section: How to configure FX Series Installation Pattern (WCCP Mode)MN-FXSERIESADM6 Rev 6
Page 59
Comtech EF Data / Stampede
2.6 How to Configure Two FX Series Appliances in a Mesh Configuration
This configuration consists of two FX Series appliances, one configured as a FX Series ADC and the second
appliance configured as a FX Remote.
NOTE: Two FX1005 appliances can be installed in a rack using the Double Unit Rack Mount (See Section
1.8.8 above - FX Series FX-1005 Hardware Mounting Options)
2.6.1 Cable the Appliances
A short cable is provided for the connection from the Remote’s LAN port to the ADC’s WAN port (the
yellow connection in the figure below:
(See picture of rear panel in section 1.8.6 above)
1. Connect the Eth3 (WAN) port of FX Remote to the satellite connection. [Blue]
2. Connect the Eth2 (LAN) port of the FX-Remote to the Eth3 (WAN) port of the FX-ADC. [Yellow]
3. Connect the Eth2 (LAN) port of the FX-ADC to the user network. [Green]
Figure 2-1 FX Series Mesh Connection Diagram
2.6.2 Configure the appliances
To configure the appliances, see Sections 2.2 How to Configure Appliance Management Address
and Section 2.6 How to Configure Two FX Series Appliances in a Mesh Configuration.
2.6.3 Mesh installation with Redundancy capability
This scenario consists of two sets of appliances at the site. The configuration for each appliance is done
separately to backup FX Series Appliances with fail to wire configuration. The configuration setups are
similar as described in Section 3.6 below and is shown diagramed here.
FX Series Administration Guide - Version 6.2.2 59
Chapter: Initial Installation Information
Section: How to Configure Two FX Series Appliances in a Mesh ConfigurationMN-FXSERIESADM6 Rev 6
Page 60
Comtech EF Data / Stampede
3 FX Series Configuration
Figure 3-1 FX Series Main Configuration Screen
3.1 Standard Configuration Overview
The following screens provide common interfaces for the FX Series appliances.
Application Policies
Customize the optimization techniques that will apply to your enterprise applications.
(See the Optimization Acceleration Settings in Section 7 below).
Authorization Realms
Web Application Policies
Layer 5 Application Policies
Management Settings
Basic Network Interfaces
The FX series reserves two ports, management and auxiliary, for management traffic.
Host Settings
Configure the host name and DNS settings to facilitate management and time
synchronization.
General Settings
The General Settings control the method of traffic interception and WCCP. In addition, this section
includes settings to configure basic HTTP settings, system time and software updates of FX-Remotes.
See Specific Sections below.
FX Series ADC Specific Settings Section
FX Series Remote Specific Settings Section
Multicator Settings
Configure reliable multicast fan-out settings for a Controller, Transmitters and Receivers.
Redundancy
Configure a redundancy cluster that can share a common configuration.
FX Series Administration Guide - Version 6.2.2 60
Chapter: FX Series Configuration
Section: Standard Configuration OverviewMN-FXSERIESADM6 Rev 6
Page 61
Comtech EF Data / Stampede
Traffic Interfaces
In-Path Interfaces
LAN Interfaces
Port Definitions
WCCP Settings
Quality of Service Settings
Hierarchy
Links
Groups
Configure In-Path Interfaces for user data.
Set speed, MTU and VLAN options of the physical LAN interfaces. .
Configure a list of port definitions.
The Web Cache Communication Protocol (WCCP) is a Cisco-developed content-routing
technology which allows you to integrate cache engines into your network infrastructure.
This screen delineates the configured relationship of Queues, Groups and Links.
Maintain QoS links. Links correspond to a satellite modems.
Maintain QoS groups which allow you to group multiple QoS queues.
Group Filters
Maintain rules which classify traffic and assign it to one of the QoS groups.
Queues
Maintain QoS Queue definitions.
Queue Filters
Maintain rules which classify traffic and assign it to one of the QoS queues.
NOTE: The screens that have specific functionality for the FX Series ADCs or the FX Series Remotes can be
found in these sections in this manual:
FX Series ADC Specific Settings Section
General Settings
FX Series Remote Specific Settings Section.
General Settings
FX Series Administration Guide - Version 6.2.2 61
Chapter: FX Series Configuration
Section: Standard Configuration OverviewMN-FXSERIESADM6 Rev 6
Page 62
Comtech EF Data / Stampede
3.2 Management Settings
3.2.1 How to Configure Network Interfaces
The FX Series reserves two ports, management and auxiliary, for management traffic. This traffic is
isolated from the ports in which accelerated traffic flows. These interfaces are tied to a management
routing table which is not used for accelerated traffic.
Figure 3-2 FX Series Basic Network Interfaces Screen
Management Interface
The management interface corresponds to the “eth0” Ethernet port. Typically the management interface
is connected to a private network where system management tools such as ssh, the management web
GUI, and SNMP are utilized.
FX Series Administration Guide - Version 6.2.2 62
Chapter: FX Series Configuration
Section: Management SettingsMN-FXSERIESADM6 Rev 6
Page 63
Comtech EF Data / Stampede
Automatically obtain IPv4 address:
If set then the FX appliance will use DHCP to obtain an IP address, subnet mask, and default gateway. The
factory default for the management interface is to use DHCP.
IPv4 Address:
This is the IP address of the management interface.
Subnet Mask:
This specifies the network that the management interface is on. The default value is
255.255.255.0.
Default Gateway:
This is the IP address of the gateway for which packets that are outside the bounds of the
management subnet will be directed. A default gateway address which is on the same subnet as
depicted by the “IPv4 address” and “Subnet mask” must be specified even if the gateway does
not exist.
Speed:
This presents a pull-down selector of speed/duplex combinations that will be set for this interface. The
default value is to automatically negotiate the speed and duplex.
Max Transmit Unit (MTU):
Specifies the max transmit unit. The default value is 1500. The range is 576 to 9000.
Auxiliary Interface
Automatically obtain IPv4 address:
If set, then the FX appliance will use DHCP to get an IP address, subnet mask, default gateway.
IPv4 address:
This is the IP address of the auxiliary interface. The factory default is 169.254.55.55.
Subnet mask:
This specifies the network that the auxiliary interface is on. The default value is 255.255.0.0.
Speed:
This presents a pull-down selector of speed/duplex combinations that will be set for this interface. The
default value is to automatically negotiate the speed and duplex.
Max Transmit Unit (MTU):
Specifies the max transmit unit. The default value is 1500. The range is 576 to 9000.
Management Static Routes
Routes:
Enter into the text area static routes which are used by the management interface.Each static
route must be entered on a separate line and must have exactly the following format:
Subnet “SubnetMask” “Gateway”
For example, to define a static route such that subnet 172.88.0.0/16 should be routed by
gateway 172.27.101.99 you would enter the following:
172.88.0.0 255.255.0.0 172.27.101.99
FX Series Administration Guide - Version 6.2.2 63
Chapter: FX Series Configuration
Section: Management SettingsMN-FXSERIESADM6 Rev 6
Page 64
Comtech EF Data / Stampede
3.2.2 How to Configure Host/DNS Settings
In most environments, configuring host names and DNS is not required for the FX to operate because for
most accelerated traffic, the IP address of the content server is resolved by the originating client before it
is processed by the FX. The host settings should be set to facilitate management and time
synchronization.
Figure 3-3 FX Series Host/DNS Settings Screen
Host/DNS Settings
Host name:
This is the host name of the appliance. This must be a “short” name and must not contain any periods. A
fully qualified name is formulated by appending a ‘.’ followed by whatever is entered into the “Domain”
field.
Domain:
This is the DNS domain of the appliance.
DNS Servers:
Enter one or more IP addresses separated by commas.
Host/DNS File Entries
Hosts:
If no DNS is available, this field allows you to map specific host names to an IP address. This may be
needed for active-passive redundant configurations. Each entry should be on a separate line. The
format of each line is: “nn.nn.nn.nn FullyQualifiedHostName OptionalShortHostName”
Where nn.nn.nn.nn is the IpV4 address that you want to assign to FullyQualifiedHostName”.
DNS Server Configuration Guidelines:
In order for the fully qualified host name to be accurate within a domain, it is a best practice to set
your local DNS server to match the IP address of the FX appliance with the name “Host name” and
“Domain” fields on this page. Or you can set a “Host File Entry” with the IP address of the FX
appliance with the fully qualified name and the short name.
FX Series Administration Guide - Version 6.2.2 64
Chapter: FX Series Configuration
Section: Management SettingsMN-FXSERIESADM6 Rev 6
Page 65
Comtech EF Data / Stampede
Figure 3-4 FX Series SNMP Edit Screen
3.2.3 How to Configure SNMP Settings
The Simple Network Management Protocol (SNMP) is an Internet-standard protocol for managing devices
on IP networks.
Settings
Basic SNMP Settings
Enable SNMP:
If ‘Yes’ then the FX will respond to SNMP requests
otherwise the SNMP services are not loaded. The
default is ‘No’.
Read-only community string:
This specifies the group of SNMP monitors that have
read-only access to the MIB. The default value is
‘public’.
Read-write community string:
Specifies the group of SNMP monitors that have readwrite access to the MIB, a typical value is ‘private’.
Traps
Enable Traps:
If ‘Yes’, then the FX will send SNMP trap messages to
the address specified in ‘Trap destination’ when certain
events occur.
Trap community:
This field specifies the community that will be included
in the trap messages that the FX sends. The default
value is ‘comtech’.
Trap destination:
This field specifies the host name or IP address of the management station that will receive
SNMP traps sent by the FX.
System Information
Name:
This is the management name assigned to this FX.
The default value is the serial number of the FX.
Location:
This optional string describes the physical location of the FX.
Contact:
This optional string specifies the contact information, typically an email address, for the FX.
FX Series Administration Guide - Version 6.2.2 65
Chapter: FX Series Configuration
Section: Management SettingsMN-FXSERIESADM6 Rev 6
Page 66
Comtech EF Data / Stampede
3.2.4 How to Configure Web Admin Settings
Figure 3-5 FX Series Web Management Interface Screen
Administration
Use SSL for the administrative Web GUI:
If “enabled” then HTTP/S must be used when managing the FX from the Web graphical user interface.
The default value is “Disabled”.
FX Series Administration Guide - Version 6.2.2 66
Chapter: FX Series Configuration
Section: Management SettingsMN-FXSERIESADM6 Rev 6
Page 67
Comtech EF Data / Stampede
3.3 Traffic Interface Settings
3.3.1 How to Configure In-Path Interfaces
The In-Path Interfaces settings allow you to maintain in-path interfaces. A list of previously defined inpath interfaces are displayed in the order in which they were defined. An existing entry may be chosen by
clicking on the IP Address. The user adds interfaces by clicking the “Add” button. Interfaces can be
“enabled” or “disabled” by checking box to the left of the IP address and clicking on the enable or disable
button. Clicking on the Interface “Name” will allow you to modify that Interface. Each of those actions
will then lead to an In-Path Interface screen.
Figure 3-6 FX Series In-Path Interfaces Screen
FX Series Administration Guide - Version 6.2.2 67
Chapter: FX Series Configuration
Section: Traffic Interface SettingsMN-FXSERIESADM6 Rev 6
Page 68
Comtech EF Data / Stampede
Best Practices for Routed Mode Configurations
If using two in-path interfaces in routed mode and both interfaces are on the same VLAN,
which is normally the case, then only one in-path interface can have a default gateway. The
in-path interface with no default gateway defined must have a routing configuration that is
comprised entirely of static routes.
In-Path Interface Definition
VLAN ID:
If this interface carries tagged VLAN traffic, then enter the VLAN ID number which is a value between 2
and 4094. Untagged traffic should have a value of 0. The default is 0.
Status:
This is the status of the In-Path interface. It must be set to “Enabled” for the In-Path interface to
receive and process data. The default is Enabled.
Address:
This is the IPv4 address of this interface.
Netmask:
This defines the subnet boundaries of this interface.
Gateway:
This is the default gateway for this interface.
Routes:
Enter into the text area static routes which are used by this in-path interface. Each static route
must be entered on a separate line and must have exactly the following format:
Subnet “SubnetMask” “Gateway”
For example, to define a static route such that subnet 172.88.0.0/16 should be routed by
gateway 172.27.101.99 you would enter either of the following supported formats:
172.88.0.0 255.255.0.0 172.27.101.99
Or 172.88.0.0 /16 172.27.101.99
Router Polling:
If enabled, then SNMP router polling will be used (over the management interface) to ascertain the routes
that should be added to the route table that is associated with this interface. The default value is
disabled. Router polling is only supported for VLAN 0.
Poll address:
This is the IPv4 address of the router which will respond to the SNMP router poll requests.
SNMP Version:
This is the version of SNMP that will be employed when making the router poll requests. The
default value is 2c.
Poll Community:
This is the SNMP community that is associated with the router poll request. The default value is
“public”.
Poll Interval (seconds):
This is the frequency in seconds that the router tables will be updated based upon the SNMP
router polling response.
FX Series Administration Guide - Version 6.2.2 68
Chapter: FX Series Configuration
Section: Traffic Interface SettingsMN-FXSERIESADM6 Rev 6
Page 69
Comtech EF Data / Stampede
In-Band Management:
Normally out-of-band management of the FX is accomplished through the management interface,
however in some scenarios, out-of-band management is not feasible and management of the device must
be performed over an in-path interface. If this is the case, only one in-path interface may be used for inband management. The default value is disabled.
Comment: This field provides a means to store useful information about the configuration
NOTE: Changing this setting requires a restart of the acceleration service on the “Operations-
>Shutdown/Restart” page..
3.3.2 How to Configure LAN Interfaces
Overview
The LAN Interface settings allow you to maintain LAN interface definitions. A list of previously defined inpath interfaces are displayed in the order in which they were defined. The user adds interfaces by clicking
the “Add” button. Interfaces can be “enabled”,“disabled” or “deleted” by checking box to the left of the
IP address and clicking on the enable, disable or delete button. Clicking on the Interface “Name” will
allow you to modify that Interface.
Working with LAN Interfaces without WAN Optimization
If you are utilizing the FX strictly for ACM QoS or packet compression, in order to configure a non-default
MTU of the network interfaces, you must define a LAN interface for all network interfaces for which the
traffic to be processed by the FX will flow through, typically these will correspond to “eth2” (LAN) and “eth3” (WAN) physical interfaces. In this case, it is recommended to have the MTU on both LAN
interfaces to be the same.
NOTE: You must only do it if you want to have a non-default MTU
Figure 3-7 FX Series LAN Interfaces Screen
Configure LAN Interfaces
Active:
If adding a new LAN interface, this field allows you to set the initial status.
Physical interface:
Select the physical interface from the pull-down.
Comment:
This field provides a place to store any user defined comment to describe the rationale for this LAN
Interface definition.
FX Series Administration Guide - Version 6.2.2 69
Chapter: FX Series Configuration
Section: Traffic Interface SettingsMN-FXSERIESADM6 Rev 6
Page 70
Comtech EF Data / Stampede
Speed:
Select speed and duplex from the pull-down.
MTU:
Specify a value between 68 and 9000. Note that when operating in “In-Line” mode, the MTU of the
WAN interface will automatically be set to match the setting of the LAN interface.
In-Path interfaces:
Select the in-path interfaces that can be connected to the physical interface. In a trunked
environment, there may be multiple in-path interfaces connected to the physical interface. VLAN tags
will be preserved.
Untagged in-path interface:
You can specify one and only one of the selections from the “In-Path interfaces(s)” field or “None” If
an in-path interface is selected then the VLAN tag associated with that in-path interface will be applied
to the traffic received before forwarding it to the WAN interface and removed when forwarding traffic
from the WAN interface. If “None” is selected then no tags are added or removed. The “None” value
will only be used when connecting to a “Trunked” interface.
MAC address:
This field specifies the Ethernet address of the interface.
This should only be set in redundant configurations where the traffic interception mode is ‘in-
line’. In this case, this field should be set to the permanent MAC address of the primary. The
permanent MAC address of this FX is shown in blue. If the field is left blank, then the
permanent address of the FX is used.
3.3.3 How to Configure Port Definitions
The Port definitions screen allows you to define which IP address and port combinations that the FX Series
ADC will listen on and what protocols should be accepted over these combinations. A port definition is
required for every IP address and port combination on which the FX Series ADC will accept connections in
a proxy mode. For each port definition you must specify the protocol that will be used. Port definitions
are only needed if you will be directing traffic to the FX Series ADC as a proxy, or from a remote software
client that is running acceleration plug-in.
A list of previously defined Port definitions is displayed in the order in which they were defined. An
existing entry may be chosen by clicking on the port. You can “Enable”, “Disable”, or “Delete” one or
more Port definitions by selecting the checkbox to the left of the port column and clicking on the desired
button. By clicking on “Add” you can add a new port definition which will bring up this port definition
screen.
Figure 3-8 FX Series Port Definitions Screen
FX Series Administration Guide - Version 6.2.2 70
Chapter: FX Series Configuration
Section: Traffic Interface SettingsMN-FXSERIESADM6 Rev 6
Page 71
Comtech EF Data / Stampede
IP
Port
Protocol - SLL
Typical Use
any
80
HTTP / Acc.
HTTP - Autosense
Transparent redirection with capability to inject
AOD.
any
8080
HTTP
Forward proxy of HTTP traffic from standard
browsers
any
4917
Acc. HTTP/L5
Accelerated traffic between standard and advanced
clients and FX Series ADC
Configure Port Definitions
In-Path Interface:
Specify the IP address that is associated with this port definition.
Port:
This field will be filled in automatically as you set the “Protocol” field. After setting these fields, you can
then override the port field to create a unique IP Address / Port combination.
Protocol:
This specifies the protocol that will run over this port. There are the following choices:
HTTP:
This choice specifies that you want the ADC to function as either a forward or reverse proxy on
this port.
Accelerated HTTP/L5:
This choice specifies that you want the ADC to use this port to service the HTTP Acceleration
Protocol (HAP) that has been extended to also accelerate non-HTTP TCP/IP based protocols at
layer 5. Accelerated HTTP/L5 is only available if you have deployed the acceleration plug-in to
your remote users.
Autosense:
This setting supports the AOD injection where both HTTP traffic and accelerated HTTP can flow
over the same port.
Comment:
This provides a place to store any user defined comment to describe the rationale for this port definition.
Status:
This allows you to control whether this port definition is enabled or disabled.
Example Port Definitions
By default, port definitions are not required to function as a one-sided FX Series ADC or as a head-end
serving FX Series Remote appliances.
The table below shows port definition setting examples:
Setting up an HTTP Forward Proxy
A forward proxy requires that an end user specifically set their browser proxy settings such that port 80
traffic is specifically directed to the IP address of an in-path interface of the ADC on a specific port (usually
8080). In order to get this to work some additional steps are required:
1. An L5 Policy must be defined for port 8080 traffic.
2. This L5 policy must have the “certified application” set as “HTTP Traffic”.
3. This L5 policy must have “Protocol” defined as “Generic TCP”.
The “Protocol” on the “Port Definition” must be defined as “HTTP”.
FX Series Administration Guide - Version 6.2.2 71
Chapter: FX Series Configuration
Section: Traffic Interface SettingsMN-FXSERIESADM6 Rev 6
Page 72
Comtech EF Data / Stampede
3.3.4 How to Configure WCCP
Overview
The Web Cache Communication Protocol (WCCP) is a Cisco-developed content-routing technology which
allows you to integrate cache engines into your network infrastructure.
WCCP Configuration Considerations
There are two basic configurations that will be used when installing an appliance.
1) Web-cache or transparent proxy interception.
In this mode of interception the FX will have the same characteristics as a standard proxy. The
Cisco device will redirect traffic to the appliance, which will then make request on behalf of the
user using the appliance’s IP address as the source.
NOTE: Only one service group is required, service group zero. On the Cisco device this will
be configured as “web-cache”.
2) Dynamic service groups or source IP address preservation
In this mode of interception the FX will the same characteristics as an in-line device. The Cisco
device will redirect traffic to the appliance, which will then make request on behalf of the user
using the user’s address as the source (spoofing).
NOTE: This configuration requires two service groups, inbound and outbound.
WCCP Cisco Device configuration
1) We will use either eth0 or eth1 when installing in a WCCP pattern.
Log into the Cisco device and identify the inbound and outbound interfaces.
These must correspond to in-path interfaces.
In the global configuration enable WCCP with the appropriate commands.
If configuring as a web-cache we will enter the following: “ip wccp web-cache”
2) For a WCCP with source IP address preservation setup.
We will enter the following commands: “ip wccp 99”, “ip wccp 96”
By default our appliances use service groups 99 for outbound traffic and 96 for
inbound traffic.
3) At the interface level if we are configuring a web-cache setup.
We will enter the following command:
For all inbound interfaces: “ip wccp web-cache redirect in”
4) At the interface level if we are configuring a source IP address preservation setup.
We will enter the following commands:
For all inbound interfaces: “ip wccp 99 redirect in”
For all outbound interfaces: “ip wccp 96 redirect in”
It is possible to control which traffic is redirected by subnet using the redirect-list
option
FX Series Administration Guide - Version 6.2.2 72
Chapter: FX Series Configuration
Section: Traffic Interface SettingsMN-FXSERIESADM6 Rev 6
Page 73
Comtech EF Data / Stampede
WCCP Definitions
This screen allows you to maintain WCCP definitions. A list of previously defined WCCP definitions is
displayed in the order in which
they were defined. An existing
entry may be chosen by clicking
on the router address. By
clicking on “Add” you can add a
new WCCP definition which will
bring up the WCCP definition
screen.
Configure WCCP Definitions
Figure 3-9 FX Series WCCP Definitions Screen
Source IP address:
This is the IP address (must have been already defined as an In-Path interface on the FX) that will be used
when sending WCCP messages to the router. The IP address must be selected from the list of in-path
interfaces.
Router address:
This is the address of the primary router to which WCCP messages will be directed. This setting must be
specified.
Local GRE tunnel address:
This is the IP address of the local end of the GRE tunnel. If this field is not specified then the “Source IP
address” will be used for the local endpoint. This field is not needed if L2 redirection is specified.
FX Series Administration Guide - Version 6.2.2 73
Chapter: FX Series Configuration
Section: Traffic Interface SettingsMN-FXSERIESADM6 Rev 6
Page 74
Comtech EF Data / Stampede
Remote GRE tunnel address:
This is the address of the router which will send the redirected traffic to the FX Series ADC in a GRE tunnel.
If this field is not set then the FX will attempt to dynamically learn the address by examining the WCCP
packets from the router. This field is not needed if L2 redirection is specified.
Enablement:
This specifies if this WCCP definition should be processed. The default value is enabled
Critical:
If set, and “Use additional service group” is disabled, then this service group is considered critical. Noncritical service groups will not attempt to negotiate WCCP with the router unless all critical members have
seen their IP address in the assignment map or hash allotment and are in a usable state.
Redirect method:
This specifies the method in which the router or switch will direct packets to the FX. The choices are
“GRE” (Generic Routing Encapsulation) or “L2” which means that the router will simply modify the MAC
destination address to point to the FX. The default is “GRE”.
Return method:
Although the FX never returns redirected packets to the router, it may be necessary to set this to “GRE”
even though “L2” was specified as the redirect method in order to successfully negotiate WCCP.
Assignment scheme:
This specifies how the router or switch will decide which FX to direct the packets. In general, this should
be set to “Mask” for switches and “Hash” for router. The default setting is “Hash”
Password:
If WCCP packet signing is required then this password must match the setting of the WCCP router. The
default is no password.
Service group number:
This is the WCCP service group that the FX should join. The default value is 96.
Redirect based on:
If “source” then the router will redirect responses from the content server to this member, otherwise the
router will redirect client requests that otherwise would have been directed to the content server.
Service groups are defined at the router. The default is the “Destination”.
Accept traffic for:
This radio button allows you to control if only specific ports or all ports should be redirected to the FX
Series FX. If “Specific Ports” selected then these are specified in the “Ports” field. If “All ports” is selected
then the WCCP router will direct all TCP and UDP traffic to the FX. The default value is “Specific Ports”.
Ports:
This defines the TCP and UDP ports that the router should transparently redirect to the FX. Up to 8 ports
may be specified separated by a comma. The default value is 80.
Ports refer to:
This indicates if the ports field pertains to the source port (for responses from content server) or
destination port (for requests from clients). The default value is “Source”.
Use additional service group:
You can define two service groups within the same WCCP definition. This is normally used if you want the
FX to preserve the source IP address of the remote clients when making requests to content servers on
behalf of those clients. However, if using the “extra” group then the definition is not deemed as noncritical and will not verify that “critical” service groups are in a usable state. If this is set you must also
enable “Preserve client IP addresses” in the “Other” section on the “Configure->General” page. See more
detailed description titled “WCCP IP Spoofing Configuration” below. The default value is “Disabled”.
FX Series Administration Guide - Version 6.2.2 74
Chapter: FX Series Configuration
Section: Traffic Interface SettingsMN-FXSERIESADM6 Rev 6
Page 75
Comtech EF Data / Stampede
User-facing service group:
This is the WCCP service group that the FX should join to receive redirected client traffic. The FX
will not attempt to join this group unless it successfully enrolls in the main service group. This
prevents the situation where client requests are redirected to the FX when it is not able to
receive server responses. The default value is 99.
Redirect based on:
If “Source IP” then the router will redirect responses from the content server to this member,
otherwise the router will redirect client requests that otherwise would have been directed to the
content server. Service groups are defined at the router. The default value is “Source IP”.
Comment:
A comment of up 80 characters can be entered into this field.
WCCP Router Configuration and Status Monitoring
Configuration:
The following is an example of some common WCCP Router “cli” commands.
conf t
ip wccp enable
ip wccp version 2
interface (specify interface carrying traffic)
ip web-cache redirect
CTRL-Z
Status Monitoring:
The following WCCP Router “cli” commands can show status:
show ip wccp
show ip wccp 99 view
show ip wccp 96 detail
term mon
debug ip wccp packets
debug ip wccp events
clear ip wccp
WCCP IP Spoofing Configuration for Routers
The FX can preserve the source IP address of the remote client when making requests on their behalf by
joining two service groups. The first service group receives the redirected client requests and is also
known as the “User-facing” service group. The second is referred to as the “Server-facing” service group
and it receives the redirected server responses. If two or more FXs have joined these service groups, then
the router will be instructed to split the load of the user-facing service group based on source IP address,
and the responses of the server-facing service group will be split based on destination IP address. This
technique ensures that the response will be directed to the same FX that originated the request on behalf
of the remote user.
The recommended router configuration is to use three interfaces, each corresponding to a different
subnet. To illustrate the setup, we provide an example configuration along with a “show running-config”
that is compatible with the default WCCP settings of the FX.
Example:
Interface A: (Ethernet0/0)
This is the user-facing subnet that receives redirected requests from clients.
Interface B: (Ethernet0/1)
This is the server-facing subnet that receives redirected responses from the content server.
FX Series Administration Guide - Version 6.2.2 75
Chapter: FX Series Configuration
Section: Traffic Interface SettingsMN-FXSERIESADM6 Rev 6
Page 76
Comtech EF Data / Stampede
Interface C: (Ethernet1/0)
FX subnet
Service group 99
This should be defined to handle redirected outbound requests from the users destined for the
subnets on Interface B. “Interface C” must be excluded from this to avoid loop-backs that would
otherwise occur when FXs spoof the user IP addresses.
Service group 96
Should be defined to handle redirected responses from content servers that would have
otherwise been sent out on “Interface-A”.
#show running-config
Building configuration...
Current configuration: 948 bytes
!
version 12.2
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname 2600-lab
!
enable password xxxx
!
memory-size iomem 10
ip subnet-zero
ip wccp 96
ip wccp 99
!
!
no ip domain-lookup
ip domain-name example.enterprise.com
ip name-server 192.168.101.202
!
!
interface Ethernet0/0
ip address 192.168.103.224 255.255.255.0
ip wccp 96 redirect out
half-duplex
!
interface Ethernet0/1
ip address 192.168.101.224 255.255.255.0
ip wccp 99 redirect out
half-duplex
!
interface Ethernet1/0
ip address 192.168.106.224 255.255.255.0
The subnets:
A: User (192.168.103.xxx subnet)
B: Content servers - all other subnets via gateway at 192.168.101.158
C: FXs (192.168.106.xxx)
FX Series Administration Guide - Version 6.2.2 76
Chapter: FX Series Configuration
Section: Traffic Interface SettingsMN-FXSERIESADM6 Rev 6
Page 77
Comtech EF Data / Stampede
no ip route-cache
ip wccp redirect exclude in
half-duplex
!
ip classless
ip route 0.0.0.0 0.0.0.0 192.168.101.158
ip http server
ip pim bidir-enable
WCCP IP Spoofing Configuration for Switches
Switches tend to have less CPU power than a router but on the other hand they have the ability to handle
traffic flow decisions in hardware. In order to leverage the hardware switching capabilities the following
configuration settings are recommended:
On the FX, use “L2” Redirection method
On the FX, use “Mask” assignment scheme
On the FX, do not define separate service group definition records, instead set the “Use
additional service group field”, this is because the Cisco L2 expects the same WCCP source port
to be used to conduct WCCP negotiations.
On the switch, use “redirect in” to direct packet flow to the appliance.
On the switch, never use “redirect-out”
On the switch, do not use “redirect exclude in”
In the same subnet scenario described above, the following is an example of a configuration for an
intelligent switch:
#show running-config
.
.
.
!
ip routing
ip wccp 96
ip wccp 99
!
interface Vlan1
ip address 192.168.101.225 255.255.255.0
ip wccp 96 redirect in
!
interface Vlan3
ip address 192.168.103.225 255.255.255.0
ip wccp 99 redirect in
!
interface Vlan5
ip address 192.168.105.225 255.255.255.0
!
interface Vlan6
description for 106 subnet
ip address 192.168.106.225 255.255.255.0
!
FX Series Administration Guide - Version 6.2.2 77
Chapter: FX Series Configuration
Section: Traffic Interface SettingsMN-FXSERIESADM6 Rev 6
Page 78
Comtech EF Data / Stampede
Other WCCP Configurations
Using “redirect-list” to select specific redirection
For testing purposes, or to gradually stage traffic redirection to the FX Series ADC, a Cisco router will
support redirection by either access control lists or group lists. For example:
ip wccp 99 redirect-list access-list
LAN and In-Path Interface Requirements for WCCP
The FX Series uses the eth2 physical interface to conduct the WCCP protocol with the router or switch and
also to receive redirected requests and responses. Therefore in order to configure WCCP, you must
define an in-path interface with an IP address that is on the same subnet as the Cisco router or switch.
The gateway for this in-path interface must be that of the Cisco router or switch interface the appliance
is connected to. The VLAN ID must be 0. Following this, a LAN interface must be defined for eth3 and
assigned to the aforementioned In-Path interface.
Configuring WCCP on earlier models
On FX-1000 and some earlier models of FX-4000, the specialized fail-to-wire network interface card
requires that an eth3 LAN interface be defined in order to run WCCP over eth2, even though it’s not
actually used. Therefore, on an FX-1000, an in-path interface with a non-existent VLAN must be defined.
This in-path interface must subsequently be assigned to a LAN interface for eth3. It is not required that
the eth3 physical interface be cabled to anything.
FX Series Administration Guide - Version 6.2.2 78
Chapter: FX Series Configuration
Section: Traffic Interface SettingsMN-FXSERIESADM6 Rev 6
Page 79
Comtech EF Data / Stampede
3.4 Quality of Service
3.4.1 Theory of Operations for QoS and Traffic Shaping
Structure
There are two levels of groups and a third level of queues that can be configured. Traffic coming into
the appliance is separated by filters into the level 1 groups. This traffic can subsequently be
separated by filters into a second level of groups, and then filtered into queues where traffic will be
released to the WAN based on the QoS and shaping rules defined. The groups as well as the queues
have a MIR and a CIR defined that is used to control that amount of traffic that is allowed to pass
through the groups and queues to the WAN.
Links
Links represent physical connections within the network. Links are used to bring any data rate
limitations into the traffic shaper that is imposed by the physical connection. Each link can be a
point-to-point connection or it can be a point-to-multipoint connection. The network can have a mix
of links. Each of the far side points will have a peer FX. In the case of the point-to-multipoint link,
there is one peer for each remote “multipoint”. The link rate is the data rate of the outbound
modem. ACM as well as CCM is supported in the link, if ACM is enabled, then the FX will read the
data rate from the modem.
Traffic Shaping
The traffic shaper consists of two levels of groups and an additional level of queues. Traffic from the
queues is enabled onto the WAN interface. The groups are used to separate the traffic into the
appropriate queues. Each group can have a MIR and CIR data rate associated with it, which gives
further refinement on the traffic shaping.
A point-to-multipoint link can have Level 1 groups that span multiple remote points, all within the
same link. When doing WAN/OP functions, the peer FX will be automatically discovered, and once
discovered, WAN optimization will occur. However, when doing header compression, the remote
peer must be configured. This is done on the Level 2 Group configuration screen.
Each group has a CIR (Committed Information Rate) and MIR (Maximum Information Rate) associated
with it. Data moving through a group will have the same priority. Each peer group’s CIR will be met if
possible, if not, then each will get their share using Stochastic Fair Weighting. If the CIR’s can be met,
then each peer group will be allowed up to its MIR amount of traffic, again, sharing traffic using
Stochastic Fair Weighting.
Some care must be taken in setting the MIR’s and CIR’s. The sum of the CIR’s of the children need to
be less than or equal to the CIR of the parent. This means that the sum of the CIR’s of the queues
that children of a Level 2 Group must be less than that groups CIR, and the sum of the CIR’s of level 2
Groups that are children of a Llevel1 Group must be less than that groups CIR. A child’s MIR must be
less than or equal to its parents MIR.
Once data makes it to a queue, it can be released to the WAN based on group priority, CIR and MIR.
Traffic Control Properties
Queue drain algorithm:
This specifies the drain method for scheduling outbound packets for all Queue definitions. The drain
algorithm is set by the link and applies to all queues associated with that link.
Strict Priority:
In the Strict Priority Drain algorithm, higher priority queues are depleted before lower
priority queues pass traffic. Traffic is capped at the link rate.
FX Series Administration Guide - Version 6.2.2 79
Chapter: FX Series Configuration
Section: Quality of ServiceMN-FXSERIESADM6 Rev 6
Page 80
Comtech EF Data / Stampede
Min-Max:
The Min-Max drain algorithm is priority based. If there is enough data rate available,
each queue will receive their respective CIR. If there is not sufficient data rate to satisfy
all requested CIRs, then traffic will be dropped starting with the lowest priority queue
and progressing through the queues in ascending priority until the requested CIR is met.
When traffic is dropped from queues with the same priority, then each of the equal
queues will have traffic dropped proportionally.
Once all requested CIRs are met, if there is additional data rate that can be filled, it will
be allocated to the queues in order of priority starting with the highest. Each queue is
given additional data rate up to the requested rate, or MIR, whichever is lowest. If there
are queues at the same priority, they are granted additional data rate proportionally
FX Series Administration Guide - Version 6.2.2 80
Chapter: FX Series Configuration
Section: Quality of ServiceMN-FXSERIESADM6 Rev 6
Page 81
Comtech EF Data / Stampede
3.4.2 QoS Configuration Hierarchy Screen
This screen represents all of the hierarchy within the QoS system in the appliance. Configuration is not
done in this screen, but it does provide links to the configuration screens for the parameters displayed
here.
Important Considerations
Internal Signaling Traffic:
Internal signaling traffic represents control messages sent between FXs when header
compression is in use. This traffic is sent at the highest priority and is not considered in the CIR.
The amount of internal signaling is a function of the types of FX units on each side of the link. If
there is are FX4010s on both sides of the link, then the internal signaling in both directions will be
30 kbps duplex and 15 kbps simplex. If all of the FXs are FX1005s then the amount of internal
signaling will be 6 kbps duplex and 3 kbps simplex. Finally if there is an FX4010 on one side and
all FX1005’s on the other, the amount of signaling will be 18 kbps, 15 kbps + 3 kbps. In addition,
if the compression tunnels are not completely configured, then the amount of traffic can be
significantly higher.
ARP Traffic:
Generally it is important to set up queues and filters such that ARP traffic is sent at the highest
priority.
In the table, there is one row for each queue. The table represents the hierarchy of the QoS tree, with
parents to the left and children to the right. Because there is one row per queue, the groups and the links
will likely show up multiple times in the table. If a level 2 group has 3 children queues, then it will show
up in 3 lines. If a level 1 group has 8 descendent queues, it will show up on 8 lines.
Figure 3-10 FX Series QoS Hierarchy Screen
Configuration Parameters
Link
Name:
This is the name given to the link. There are two basic ways to add a link. One is to navigate to the
Configuration\Quality of Service\Link page and select the add button. The other is to navigate to
Configuration\Quality of Service\Link\Add... Once a link is added, it will show up here by name and
its name will link back to the link configuration page. It is possible and normal for a specific link to
show up on multiple lines.
FX Series Administration Guide - Version 6.2.2 81
Chapter: FX Series Configuration
Section: Quality of ServiceMN-FXSERIESADM6 Rev 6
Page 82
Comtech EF Data / Stampede
Data Rate:
This gives the configured data rate for the link. If the modem is configured for ACM, this will indicate
the rate that is read from the modem.
Group Level 1
Filter:
This is a list of all filters defined to get to the group immediately to the right in the table. It is also a
hyper link that will take you to the group filter page. There are two basic ways to add a filter. One is
to navigate to the Configuration\Quality of Service\Group Filters page and select the add button. The
other is to navigate to Configuration\Quality of Service\Group Filters\Add.
Name:
This is the name given to the group. There are two basic ways to add a group. One is to navigate to
the Configuration\Quality of Service\Group page and select the add button. The other is to navigate
to Configuration\Quality of Service\Group\Add. The name is a hyper link that group’s configuration
page. At each level, there is a default group. This is the group where traffic that is not otherwise
selected by a filter will go. This group by default will have the name “Default”. This name can
changed and another group can be selected as the default. The default queue will be designated by
the asterisk “*” appended to the name.
CIR:
This is the Committed Information Rate of the group. Setting this to a number higher than the
configured Link rate will result in an error.
MIR:
This is the Maximum Information Rate of the group.
Group Level 2
Filter:
This is a list of all filters defined to get to the group immediately to the right in the table. It is also a
hyper link that will take you to the group filter page. There are two basic ways to add a filter. One is
to navigate to the Configuration\Quality of Service\Group Filters page and select the add button. The
other is to navigate to Configuration\Quality of Service\Group Filters\Add.
Name:
This is the name given to the group. There are two basic ways to add a group. One is to navigate to
the Configuration\Quality of Service\Group page and select the add button. The other is to navigate
to Configuration\Quality of Service\Group\Add. The name is a hyper link that group’s configuration
page. At each level, there is a default group. This is the group where traffic that is not otherwise
selected by a filter will go. This group by default will have the name “Default”. This name can
changed and another group can be selected as the default. The default queue will be designated by
the asterisk “*” appended to the name.
CIR:
This is the Committed Information Rate of the group. Setting this to a number higher than the
configured parent rate will result in an error.
MIR:
This is the Maximum Information Rate of the group.
Queue
Filter:
This is a list of all filters defined to get to the queue immediately to the right in the table. It is also a
hyper link that will take you to the queue filter page. There are two basic ways to add a filter. One is
to navigate to the Configuration\Quality of Service\Queue Filters page and select the add button.
The other is to navigate to Configuration\Quality of Service\Queue Filters\Add.
FX Series Administration Guide - Version 6.2.2 82
Chapter: FX Series Configuration
Section: Quality of ServiceMN-FXSERIESADM6 Rev 6
Page 83
Comtech EF Data / Stampede
Name:
This is the name given to the queue. There are two basic ways to add a queue. One is to navigate to
the Configuration\Quality of Service\Queue page and select the add button. The other is to navigate
to Configuration\Quality of Service\Queue\Add. The name is a hyper link that queue’s configuration
page. At each level, there is a default queue. This is the queue where traffic that is not otherwise
selected by a filter will go. This queue by default will have the name “Default”. This name can
changed and another queue can be selected as the default. The default queue will be designated by
the asterisk “*” appended to the name.
CIR:
This is the Committed Information Rate of the queue. Setting this to a number higher than the
configured parent rate will result in an error.
MIR:
This is the Maximum Information Rate of the queue.
Prio:
This is the priority of the queue. Priorities range from 1 as the highest, to 8 as the lowest.
HC:
This indicates if Header Compression is enabled for the queue. If yes, it could be header or header
and payload. Only 31 queues can have HC enabled.
Warning Icon:
If a red exclamation icon appears in an object name, this indicates a
configuration warning. These warnings that the configuration will still
function but can’t meet the specified criteria due to conflicting
parameters. If you hover over the icon, text will appear that advises of
the configuration conflict. The following messages are possible:
Too much CIR configured. Increase CIR for this object, or decrease CIR for the children
Too much CIR configured. Decrease CIR for this object, or increase CIR for the parent.
Too much MIR configured. Decrease MIR for this object, or increase MIR for the parent.
FX Series Administration Guide - Version 6.2.2 83
Chapter: FX Series Configuration
Section: Quality of ServiceMN-FXSERIESADM6 Rev 6
Page 84
Comtech EF Data / Stampede
Figure 3-12 F Series QoS Link Edit Screen
3.4.3 How to Configure QoS Links
This screen allows you to maintain QoS links. Links correspond to a satellite modem (or a set of satellite
modems in 1:1 redundancy) that will be polled to ascertain the current transmit-rate capacity. If no
satellite modems are to be polled, then a ‘clear sky rate’ may be specified. Each link sets a cap on the
maximum transmit-rate for all of the ‘Groups’ that are members of this link.
A list of previously defined links will be displayed. An existing entry may be chosen by clicking on the link
name. Other buttons at the bottom of the screen are as follows:
Figure 3-11 FX Series QoS Links Screen
Add to create a new QoS link.
Enable / Disable/ Delete one or more links that are selected by the checkbox to the left of the
link name.
Links
Name:
This field is a logical name that is
used as a reference for the
‘Member of’ field when ‘Groups’
are defined. This field must be
unique and must be entered.
Enabled:
This selects whether the link
definition is enabled or not. If
disabled then all filters
associated with the groups that
are members of this link become
inoperative.
Comment:
This field provides a place to
store any user defined comment
to describe the rationale for this
link definition.
Clear sky data rate (kbps):
This is the output data rate that
will be used if the FX is unable to
read a rate from the modem or if
modem polling is disabled.
FX Series Administration Guide - Version 6.2.2 84
Chapter: FX Series Configuration
Section: Quality of ServiceMN-FXSERIESADM6 Rev 6
Page 85
Comtech EF Data / Stampede
Drain algorithm:
This field specifies the drain method for scheduling outbound packets for all Queue definitions.
Strict Priority:
In the Strict Priority Drain algorithm, higher priority queues are depleted before lower priority queues
pass traffic. Traffic is capped at the link rate.
Min-Max:
The Min-Max drain algorithm is priority based. If there is enough data rate available, each queue will
receive their respective CIR. If there is not sufficient data rate to satisfy all requested CIRs, then
traffic will be dropped starting with the lowest priority queue and progressing through the queues in
ascending priority until the requested CIR is met.
When traffic is dropped from queues with the same priority, then each of the equal queues will have
traffic dropped proportionally. Once all requested CIRs are met, if there is additional data rate that
can be filled, it will be allocated to the queues in order of priority starting with the highest. Each
queue is given additional data rate up to the requested rate, or MIR, whichever is lowest. If there are
queues at the same priority, they are granted additional data rate proportionally.
Poll satellite modem:
Enable or Disable polling of the satellite modem over the FX management interface. The default value is
‘Disabled’. For 1:1 redundancy, both a primary and secondary modem may be specified, in which case the
transmit data rate capacity of the modem which identifies itself as the “active” will be used for bandwidth
allocation calculations. The FX assumes that both the primary and secondary modems are configured
with the same SNMP community and are the same modem type.
Primary 1 IP address:
This is the IP address of the primary satellite modem. (This field must be entered if polling is
enabled).
Secondary 2 IP address:
For 1:1 redundancy, this is the IP address of the secondary modem. If the secondary modem
responds, then its rate will be used. If a second modem is specified, then the FX assumes that both
are configured with the same SNMP community.
SNMP community:
This is the read-only community of the satellite modems.
Poll frequency (msecs):
This is the number of milliseconds that the FX waits between polls to ascertain the data rate from the
modem. (Default: 250)
Reserve bandwidth (kbps):
The data rate that the FX delivers data is the Ethernet frame rate. This parameter sets the amount of
bandwidth that will be held in reserve. The FX will deliver data at the rate read from the modem
minus this rate. This will allow for any mismatch between the Ethernet frame rate, and the rate that
the modem reports.
Modem type:
This allows you to set the CEFD satellite modem type. (Default: CDM-750). If ‘Other’ is chosen then
the following fields become accessible to ascertain the transmit data rate and redundancy mode:
FX Series Administration Guide - Version 6.2.2 85
Chapter: FX Series Configuration
Section: Quality of ServiceMN-FXSERIESADM6 Rev 6
Page 86
Comtech EF Data / Stampede
Redundancy OID:
The OID of the SNMNP query string used to ascertain whether the modem is in ‘active’ or ‘standby’
mode.
Redundancy match value:
Specifies a string to compare against to indicate the matching response to the ‘Redundancy
mode OID’ to determine if the satellite is in active mode.
Transmit rate OID:
The OID of the query string used to ascertain the current transmit data rate capacity. The
response to this query must be a numeric value.
Rate multiplier value:
The response to the ‘Transmit rate OID’ query is multiplied by this value to determine the data
rate in bits per second. The default multiplier value is 1.
Redundancy
States (As shown in the QoS Real-Time Monitor):
ONLINE:
Active modem, link speed will be determined by this modem
OFFLINE:
This modem is considered a backup; this state is only entered when the value polled from
redundancy OID does not match the “Redundancy match value”
NOT RESPONDING:
Modem does not respond to SNMP polls
The FX will continually poll all modems specified, transmit link speed will be determined by the
“ONLINE” modem. The online modem is determined as follows:
CASE 1: Only one modem is specified, this modem reports one of two states “ONLINE” or
“NOT RESPONDING”
CASE 2: Two modems are specified, polling the “Redundancy OID” matches the
“Redundancy match value”.
The FX assumes that a modem is unresponsive (NOT RESPONDING) if either of the following
cases is satisfied:
CASE 1: The modem has not yet been polled.
CASE 2: After 20 consecutive poll failures the modem status will change to “NOT
RESPONDING” in the QoS Real-Time Monitor and report a data rate of zero Kbps. If
the modem fails to respond in one second, it is considered an unsuccessful poll.
Unsuccessful polls will have an aggregate poll time of one polling cycle plus two
seconds for the ONLINE modem and one second for the OFFLINE modem.
The FX will attempt to determine data rate and redundancy state (if requested) over the
management interface. Modems polling will continue regardless of state, state will change when
a modem changes state or begins responding to SNMP polls.
NOTE: If both modems report “offline” or“not responding” the output QoS rate will
become the clear sky data of the LINK.
FX Series Administration Guide - Version 6.2.2 86
Chapter: FX Series Configuration
Section: Quality of ServiceMN-FXSERIESADM6 Rev 6
Page 87
Comtech EF Data / Stampede
How to Verifying ACM QoS Connectivity
To verify that the FX is correctly ascertaining the data rate from the modem, navigate to “Status>View Current Status->ACM QoS->By Modem” This causes the current data rate from all modems
which were defined to be displayed, as well as tallies of successful and unsuccessful poll operations.
Figure 3-13 FX Series ACM QOS Status by Modem Report
FX Series Administration Guide - Version 6.2.2 87
Chapter: FX Series Configuration
Section: Quality of ServiceMN-FXSERIESADM6 Rev 6
Page 88
Comtech EF Data / Stampede
Figure 3-14 FX Series QoS Groups
Figure 3-15 FX Series QoS Group Edit Screen
3.4.4 How to Configure QoS Groups
This function allows you to maintain
QoS groups. QoS groups allow you to
group multiple QoS queues (or subgroups of QoS queues) into the same
link. A common packet compression
peer address is also specified on a per
QoS group basis. An existing entry may
be chosen by clicking on the group
name. Clicking on a column header will
sort the list based upon the contents of
the column. Other buttons at the
bottom of the screen are as follows:
Add to create a new QoS
group
Enable/ Disable/Delete one or
more groups that are selected
by the checkbox to the left of
the group name.
NOTE: If disabled, then this
group and all queues or subgroups that are members of this group
are not used.
Name:
This field is a logical name that
is used as a reference for the
‘Member of’ field when
‘Groups’ are defined. This
field must unique and must be
entered.
Enabled:
This selects whether the group
is enabled or not. If disabled
then this group and all queues
or sub-groups that are
members of this group are not
used.
Comment:
This provides a place to store
any user defined comment to
describe the rationale for this
group.
Member of:
This selects the link or higher-level group that this group is a member of.
CIR (kbps):
This specifies the “Committed Information Rate” in kbps (1000 bits per second). The range is 0 up to the
licensed rate. If the FX WAN optimization feature is not licensed then up to 700000 can be specified. The
default is 0. This field is disabled if “Strict Priority” was configured as the drain algorithm.
FX Series Administration Guide - Version 6.2.2 88
Chapter: FX Series Configuration
Section: Quality of ServiceMN-FXSERIESADM6 Rev 6
Page 89
Comtech EF Data / Stampede
Figure 3-16 FX Series QoS Group Filters
MIR (kbps):
This specifies the “Maximum Information Rate” in kbps (1000 bits per second). The range is 0 up to the
licensed rate. If the FX WAN optimization feature is not licensed then up to 700000 can be specified. If 0
is specified, some packets may still be sent at a very low rate, to inhibit all traffic then a “DROP” queue
should be defined. The default is the max licensed rate. This field is disabled if “Strict Priority” was
configured as the drain algorithm.
Default for unmatched packets:
If set, then this is the group that packets which have not matched any of the group filters at this level will
be directed to. If no group is designated as 'Default', then unmatched packets will be directed to an
arbitrary group.
Header compression:
If set to ‘yes’ then the traffic associated with queues that are members of this group, which also have
packet compression enabled, is aggregated and encapsulated in Ethernet frames and sent directly to the
MAC address specified in the 'Peer MAC address’ field. You can subsequently enable/disable header
compression on a per QoS queue basis. The default setting is ‘No’.
Peer MAC address:
This setting specifies the MAC address of the WAN Interface of the FX which will receive the
encapsulated compressed and aggregated packets. The MAC address must be specified in
format xx:xx:xx:xx:xx:xx where each 'xx' is a hex digit. If no peer MAC address is entered in a
second level group, then the inherited peer MAC address from the first level group is used, this
address is shown in blue.
MAC address of this device:
This is a ‘display-only’ field that shows the MAC
address of the WAN interface of this device
which can be copied and pasted when
configuring the peer.
Group Filters:
This is a read-only list of group filters that are
currently assigned to this group.
3.4.5 How to Configure QoS Group Filters
Group filters are rules which classify traffic and
assign it to one of the QoS groups. A list of
previously defined group filters is displayed in order
of rank. Clicking on a column header sorts the list
based upon the contents of the column. Other
buttons at the bottom of the screen are as follows:
Add:
Create a new QoS queue
Enable/Disable/Delete:
Enable/Disable/Delete one or more QoS
queues that are selected by the checkbox to
the left of the queue name.
All filters that reference the deleted queues
become unassigned.
‘+’ – Increase the rank of a group filter.
‘-‘– Decrease the rank of a group filter.
FX Series Administration Guide - Version 6.2.2 89
Chapter: FX Series Configuration
Section: Quality of ServiceMN-FXSERIESADM6 Rev 6
Page 90
Comtech EF Data / Stampede
Figure 3-17 FX Series QoS Group Filters Edit Screen
If the user checks a box and clicks “Add” the rank is set based upon the rank of the selected item. Each of
those actions will bring up a ‘Group Filter screen. The rules in the pick-list are sorted based upon Rank.
“+" and "-" buttons at the bottom of the pick list move selected rules up or down in rank, multiple items
can be selected for the rank adjustment. An existing entry may be chosen by clicking on the group filter
name.
Clicking on the Queue “Name” will allow you to modify that Queue. Each of those actions will then lead
to a Queue definition screen. The Default Queue is pre-defined and may only be deleted if other queues
exist. Its initial priority is 8, the lowest priority.
Name:
This identifies the customer/function of the filter. This
field must be entered and must be unique.
Enabled:
This selects whether the group filter is enabled or not.
Group:
Selects which group that traffic that matches the
criteria specified in this group filter should be directed
to.
This field may be left unassigned during definition, but
must be eventually be assigned for them to take effect.
Protocol:
Select between *, IP, MPLS. The default is * (all protocols). If ‘IP’ is selected then the ‘MPLS label’ field is
inaccessible. If ‘*’ is selected then all fields except ‘VLAN’ are inaccessible. If ‘MPLS’ is selected, then the
‘Destination and Source subnets’ fields, are inaccessible.
VLAN:
Enter either 0 or a VLAN ID between 2 and 4094. Only one may be selected. 0 indicates untagged traffic
as the selection criteria. The default is any VLAN.
MPLS label:
If MPLS was selected as the protocol then a decimal value between 0 and 1048575 may be entered. If no
value is entered then all MPLS labels will match the filter criteria. If there are multiple MPLS labels, the
filter will only match the first label encountered in the packet.
Destination subnets:
This is specified in CIDR format. Multiple subnets may be separated by a comma. The default is ‘*’ (any
subnet). Acceleration tunnels utilized by FX WAN Optimization may not maintain the original application
destination address, therefore this field should not be used when classifying FX Wanop traffic unless an
application policy is defined to prevent tunnel sharing between different destination subnets.
Source subnets:
This is specified in CIDR format. Multiple subnets may be separated by a comma. The default is ‘*’ (any
subnet)
FX Series Administration Guide - Version 6.2.2 90
Chapter: FX Series Configuration
Section: Quality of ServiceMN-FXSERIESADM6 Rev 6
Page 91
Comtech EF Data / Stampede
Figure 3-19 FX Series QoS Queue Edit Screen
3.4.6 How to Configure QOS Queues
These settings allow you to manage QoS Queues. A list of previously defined queues will be displayed in
order of priority. Clicking on a column header will sort the list based upon the contents of the column. An
existing entry may be chosen by clicking on the queue name which leads to the Queues Add/Edit Screen.
Other buttons at the bottom provide these functions:
Add – Create a new QoS queue
Enable/Disable/Delete – Enable/Disable/Delete one or more QoS queues that are selected by the
checkbox to the left of the queue name. All filters that reference the deleted queues become
unassigned. The Default Queue is always defined. It is initial priority is 8, the lowest priority and
is associated with the Default Filter.
Figure 3-18 FX Series QoS Queues
Name:
This field is a logical name that is used as a
reference when queue filters are defined.
This field must be entered.
Enabled:
This selects whether the queue is enabled
or not.
Group:
This specifies the group that this queue is a
member of.
Scheduling Discipline:
This specifies the order in which packets in
this queue are scheduled for transmission.
The choices are:
Stochastic Fair Weighted
The scheduler will attempt to evenly
distribute outbound traffic based on
hashing the source and destination
addresses.
This is the default choice and prevents one
traffic flow from consuming all bandwidth assigned to this queue at the expense of other flows
assigned to this queue.
When there is high link congestion this method may introduce miniscule delays.
FX Series Administration Guide - Version 6.2.2 91
Chapter: FX Series Configuration
Section: Quality of ServiceMN-FXSERIESADM6 Rev 6
Page 92
Comtech EF Data / Stampede
Strictly ordered
Packets are sent in the order that they are received. This may be a good choice for signaling traffic
where there can be absolutely no disruption in packet transmission.
DROP
Packets directed to this queue are discarded.
CIR (kbps):
This specifies the “Committed Information Rate” in kbps (1000 bits per second). The range is 0 up to the
licensed rate. If the FX WAN optimization feature is not licensed, then up to 700000 kbps can be specified.
The default is 0. This field is disabled if “Strict Priority” was configured as the drain algorithm.
Note: To minimize jitter, set the CIR for high priority traffic high enough to accommodate peak
usage requirements.
MIR (kbps):
This specifies the “Maximum Information Rate” in kbps (1000 bits per second). The range is 0 up to the
licensed rate. If the FX WAN optimization feature is not licensed then up to 500000 can be specified. If 0
is specified, some packets may still be sent at a very low rate, to inhibit all traffic then a “DROP” filter
should be defined. The default is the max licensed rate. This field is disabled if “Strict Priority” was
configured as the drain algorithm.
Priority:
This is the drain priority for the queues. Classes of equal priorities will be treated the same, with rates
split proportionally between them. The minimum value (highest priority) is 1; the maximum value (lowest
priority) is 8.
Default for unmatched packets:
If set, then this is the queue that packets which have not matched any of the queue filters in a group will
be directed to. If no queue is designated as 'Default' for a group, then unmatched packets will be directed
to the lowest priority queue in the group.
Header compression:
This enables/disables header compression and packet aggregation for this queue. For header
compression to occur, you must also configure header compression in the group this queue is a member
of. If header compression is enabled then WAN optimization features such as caching can’t be performed
on traffic associated with this queue. When configuring header compression, you can choose to perform
header compression, or both header and payload compression.
Aggregation interval (msecs):
This specifies the packet aggregation flush interval in milliseconds if packet compression is enabled.
The minimum and default value is 10 msec. The maximum is 1000 msec.
Threshold to trigger payload compression:
If ‘header and payload’ compression is selected, this value specifies the minimum payload size to
trigger payload compression. The default is 300 bytes.
Filters:
This is a read-only list of filters that are currently assigned to this queue.
FX Series Administration Guide - Version 6.2.2 92
Chapter: FX Series Configuration
Section: Quality of ServiceMN-FXSERIESADM6 Rev 6
Page 93
Comtech EF Data / Stampede
Figure 3-20 FX Series QoS Queue Filter Edit Screen
3.4.7 How to Configure QoS Queue Filters
The fields on this screen dictate how traffic will be directed to a queue
Name:
This summarizes the customer/function of the filter. This field must be entered and must be unique.
Enabled:
This selects whether the queue is enabled or not
Queue:
Selects which queue that traffic that matches the criteria specified in this
filter definition should be directed. This field may be left blank during
definition, but must be eventually be assigned.
Protocol:
Select between * / IP/ UDP / TCP / FTP / ARP / ICMP / MPLS / SCTP / PTPv1 /
PTPv2. Only one choice may be selected. The default is * (all protocols).
If FTP is selected, the FX
automatically tracks the data ports
associated with FTP transfers by
monitoring the activity on the FTP
control port, which is defaulted to
ports 20.21 upon initial selection. To
maintain Multicator transmitter
functionality when performing QOS
on non-standard FTP ports an
additional QOS filter must be
created for FTP that utilizes port 21.
The FTP control port may be
changed.
If MPLS is selected, only MPLS
label, MPLS experimental bits, VLAN
and VLAN priority fields may be
selected as filter criteria, otherwise
these fields are disabled.
If ARP, PTPv1, PTPv2, or FTP is
selected, then this filter can’t be
assigned to a queue for which
packet compression is enabled.
If PTPv1 or PTPv2 is selected, only
DSCP, VLAN, VLAN priority, Destination subnets, and Source subnets may be selected. If PTPv2 is
selected, in addition to PTPv2 running over UDP, the filter will also check for packets on ethertype
88f7, in which case IP specific options do not apply.
If SCTP is selected, only DSCP, VLAN, VLAN priority, Destination subnets, and Source subnets may be
selected.
DSCP:
Select one of the choices from the pull-down menu of DCSP choices. Only one choice may be selected).
The default is * (any)
FX Series Administration Guide - Version 6.2.2 93
Chapter: FX Series Configuration
Section: Quality of ServiceMN-FXSERIESADM6 Rev 6
Page 94
Comtech EF Data / Stampede
VLAN:
Enter either 0 or a VLAN ID between 2 and 4094. Only one may be selected. 0 indicates untagged traffic as
the selection criteria. The default is * (any VLAN)
VLAN Priority:
Choose between ‘any’ or a priority value between 0 and 7. Only one choice may be selected. The default
is * (any VLAN priority)
MPLS Label:
If MPLS was selected as the protocol then a decimal value between 0 and 1048575 may be entered. If no
value is entered then all MPLS labels will match the filter criteria. If there are multiple MPLS labels, the
filter will only match the first label encountered in the packet.
MPLS experimental bits:
If MPLS was selected as the protocol then you can choose a value between 0 and 7 as match criteria. If ‘*’
is chosen then the filter does not use the experimental bits in the match criteria, otherwise all bits must
match exactly.
Destination Subnets:
This is specified in CIDR format. Multiple subnets may be separated by a comma. The default is ‘*’ (any
subnet). Acceleration tunnels utilized by FX WAN Optimization may not maintain the original application
destination address, therefore this field should not be used when classifying FX WANOP traffic unless an
application policy is defined to prevent tunnel sharing between different destination subnets.
Destination Ports:
Port ranges can be specified by either entering the lowest port followed by ‘-‘, followed by highest port; or
multiple ports may be entered separated by comma. The destination port is relative to the FX.
Source Subnets:
This is specified in CIDR format. Multiple subnets may be separated by a comma. The default is ‘*’ (any
subnet)
Source Ports:
Port ranges can be specified by either entering the lowest port followed by ‘-‘, followed by highest port; or
multiple ports may be entered separated by comma. The source port is relative to the FX. Acceleration
tunnels utilized by FX WAN Optimization do not maintain the original application source port; therefore
this field should not be used when classifying FX WANOP traffic.
NOTE: When specifying multiple fields as selection criteria the choices are logically “ANDed” when
formulating a match. Multiple selections within a field are logically “ORed” when formulating a
match.
FX Series Administration Guide - Version 6.2.2 94
Chapter: FX Series Configuration
Section: Quality of ServiceMN-FXSERIESADM6 Rev 6
Page 95
Comtech EF Data / Stampede
3.5 FX Series Multicator
The Multicator is a set of three components of the FX Series which allow controlled reliable content
distribution via multicast. These components are as follows:
Multicator Controller (MC)
Within a Multicator deployment, there is one, and only one, FX SERIES ADC appliance which must be
designated as an MC.
An MC is the central point where Multicator configuration parameters are stored. The MC ensures that
only one multicast transmission is occurring at a time. The MC ensures that if there is a network outage, a
multicast which was in progress will resume from the point where the outage occurred. The MC
maintains a central log of all Multicator events.
Multicator Transmitter (MT)
This component actually performs the multicast of the content after checking with the MC. Any FX Series
ADC or FX Series Remote can function as a Multicator Transmitter (MT) if the license is enabled. The MT
employs world renowned open source technology to reliably deliver content via multicast.
NOTE: Any FTP program can be used to upload content to the MT.
Multicator Receiver (MR)
This component receives the content which is transmitted by the MT. Upon completion of a successful
reception of new content, the MR uploads this content to a local FTP server.
NOTE: Any combination of MC, MT, and MR may be configured on the same appliance as long as
there exists one, and only one MC in the Multicator deployment.
Theory of Operation
A powerful new content distribution system can now be set up with the separately licensed “Multicator”
feature. This feature allows a user to upload a file to an FX Series device via FTP. The file is then reliably
multicast to a group of receivers. The receivers then upload the content to a local FTP server. The
Multicator employs the “Content Distribution Control Protocol” (CDCP) to ensure that only one multicast
transmission is in progress.
Sequence of Events
1. Files are deposited on the Transmitter (Sender) using a standard FTP client.
2. The Transmitter then notifies the Controller that it has data to send and is granted permission
to reliably multicast the data across the WAN.
3. Under the direction of the Controller, the Transmitter establishes a reliable multicast
connection to the Receivers.
4. The Transmitter sends the files to each of the Receivers.
5. Each Receiver sends an acknowledgment of receipt to the Controller.
6. Each receiver uses FTP to send the files to the respective server.
NOTE: In order to configure Multicator, at least one In-Path interface must be defined and
operational.
FX Series Administration Guide - Version 6.2.2 95
Chapter: FX Series Configuration
Section: FX Series MulticatorMN-FXSERIESADM6 Rev 6
Page 96
Comtech EF Data / Stampede
1 of 2
3.5.1 Multicator Settings
Figure 3-21 FX Series Multicator General/Controller Edit Screen
General Settings
Source Interface:
For transmitters and receivers, this is the interface used when communicating with the controller. For the
controller, this is the interface used when transmitters and receivers communicate
Note: In routed mode this should always be the interface designated as the WAN interface
Controller Address:
This is the address of the controller that the transmitter/receiver will communicate with. If this device is a
controller and a transmitter or receiver this address should match the "Source Interface" field.
Controller Port:
The port that the controller will use to communicate with transmitters and receivers, if this appliance is a
transmitter or receiver it is the port used to communicate with the controller
Multicator Controller Settings
Enable Multicast Controller:
This setting enables the multicast controller on this appliance. Only one controller should be
enabled on a network. The default is "Disabled".
Multicast Address:
This is the multicast IPv4 address that will be used to transfer files via reliable multicast. This
address is communicated to the transmitters and receivers. The default value is 224.0.55.55.
Multicast Port:
This is the multicast port that will be used to transfer files via reliable multicast. This port is
communicated to the transmitters and receivers. The default value is 4929.
Transaction Rate:
This is the max speed that a multicast transmitter will transmit a file. The default value is based
off the license.
FX Series Administration Guide - Version 6.2.2 96
Chapter: FX Series Configuration
Section: FX Series MulticatorMN-FXSERIESADM6 Rev 6
Page 97
Comtech EF Data / Stampede
2 of 2
Figure 3-22 FX Series Multicator Transmitter/Receiver Edit Screen
Multicator Transmitter Settings
Enable Multicast Transmitter:
This setting enables the multicast transmitter on this appliance.
Incoming FTP User:
This is the user name that must be used when content is uploaded to the FX appliance. The
default is "mc".
Incoming FTP Password:
This is the password that must be used when content is uploaded to the FX appliance. The
default password is “comtech”.
Multicator Receiver Settings
Enable Multicast Receiver:
This setting enables the multicast receiver on this appliance.
FTP Server:
This is the IP address of the FTP server into which newly received content will be fanned-out.
FTP User:
This is the user name used when transferring new content to the FTP server.
FTP Password:
This is the password which will be used when transferring new content to the FTP server.
FTP Directory:
This optional parameter is the directory where new content will be transferred. If this directory
does not already exist, it will be created before the file is transferred. The default is none.
FX Series Administration Guide - Version 6.2.2 97
Chapter: FX Series Configuration
Section: FX Series MulticatorMN-FXSERIESADM6 Rev 6
Page 98
Comtech EF Data / Stampede
FTP Retries:
This is the number of times to attempt to send the file to the FTP server before both deleting it
and moving on to the next or keeping it and moving on to the next. The receiver will attempt to
resend all failed files when the acceleration service is restarted or the "Retry Failed FTP" button is
pressed.
FTP seconds between retries:
This pull-down allows you to select number of seconds which will elapse between each attempt
to send the file to the FTP server.
Action on FTP failure:
This specifies the action to take if the FTP retry limit is exceeded. If delete is selected the file will
be delete, otherwise the file will be stored until the "Retry Failed FTP" button is clicked or the
acceleration service is restarted.
Retry Failed FTP:
This button will cause any files that failed FTP transfer to be re-sent to the FTP server. This action
is only valid if "Action on FTP Failure" is set to "keep"
Purge Failed FTP:
This button will delete any files which are pending to be re-sent to the FTP server. This action is
only valid if "Action on FTP Failure" is set to "keep".
Note: If disk utilization reaches 80%, a purge of all files that failed FTP transfer will
automatically occur.
3.5.2 How to set the Multicator General Configuration
1. Log into the browser interface of the appliance.
2. Click the Configuration link; Click the Multicator link.
3. Select the appropriate interface in the "Source Interface" field in the "General Settings" section. In
routed mode this should always be the WAN facing interface.
4. Enter the IP address of the controller for the transmitter and receiver in the "Controller Address"
field. If this is the controller enter the IP address in the "Source Interface" field.
5. Enter the port the transmitter/receiver will communicate with the controller on. If this appliance is
also a controller, this is the port it will listen on.
3.5.3 How to set the Multicator Controller Configuration
1. Log into the browser interface of the appliance.
2. Click the Configuration link; Click the Multicator link.
3. Click the enable radio button in the “Enable Multicast Controller” field in the "Multicator Controller
Section"
4. Enter the multicast IP address you wish to use in the “Multicast Address” field. Default: 224.0.55.55
5. Enter the port you wish to use for multicast in the “Multicast Port” field. Default: 4929
6. Enter the rate at which data should be transmitted via multicast in the “Transaction Rate” field.
Default: The licensed rate of the appliance.
3.5.4 How to set the Multicator Transmitter Configuration
1. Log into the browser interface of the appliance.
2. Click the Configuration link; Click the Multicator link.
3. Click the enable radio button in the “Enable Multicast Transmitter” field in the "Multicator
Transmitter" section.
4. Enter the username used in FTP file submissions to the transmitter in the "Incoming FTP user" field.
Default: mc
5. Enter the password used in FTP file submissions to the transmitter in the “Incoming FTP Password”
field. Default: comtech
FX Series Administration Guide - Version 6.2.2 98
Chapter: FX Series Configuration
Section: FX Series MulticatorMN-FXSERIESADM6 Rev 6
Page 99
Comtech EF Data / Stampede
3.5.5 How to set the Multicator Receiver Configuration
1. Log into the browser interface of the appliance.
2. Click the Configuration link; Click the Multicator link.
3. Click the enable radio button in the “Enable Multicast Receiver” field in the "Multicator Receiver"
section.
4. Enter the controller port of the Multicator controller. Default: 4929
5. In the “FTP Server” field, enter the IP address of the FTP server that will receive the file delivered to
the receiver via multicast.
6. In the “FTP User” field, enter the user name for the FTP server that will receive the file delivered to
the receiver via multicast.
7. Default: anonymous
8. In the “FTP Password” field, enter the password for the FTP server where the file received via
multicast will be placed.
9. Default: no directory, file deposited in FTP root
10. In the “FTP Directory” field, enter the directory on the FTP server where the file received via multicast
will be placed.
11. In the "FTP Retries" field select the number of times the receiver should attempt to deliver a file to
the FTP server before abandoning the file transfer. Default: 5
12. In the "FTP seconds between retries" field select the number of second between FTP retry attempts.
Default: 10
13. In the “Action on FTP failure” field, select the action to be taken on the file if the file transfer fails and
all retry attempts have been exhausted. Default: Keep.
FX Series Administration Guide - Version 6.2.2 99
Chapter: FX Series Configuration
Section: FX Series MulticatorMN-FXSERIESADM6 Rev 6
Page 100
Comtech EF Data / Stampede
3.6 Redundancy
This section allows you to configure 1:1 redundancy with fail over in which a secondary FX, with the same
configuration as the primary FX, polls for the existence of the primary FX, and takes over its nonmanagement IP addresses when the primary does not respond to the poll. When the primary FX comes
back up, the secondary FX will relinquish the IP addresses. This section also allows you to configure
shared configurations between members of an appliance pool. This is useful to synchronize
configurations in a WCCP cluster.
Figure 3-23 FX Series Redundancy Edit Screen
3.6.1 Redundancy Configuration Settings
Redundancy
This must be enabled if either the 1:1 Redundancy with fail over or “Automatically synchronize
configurations” feature is required.
Primary Appliance:
This is the host name of the primary (master) FX.
Secondary Appliance:Enter the ‘short’ host name or IP address of the secondary FX that will engage if the primary FX becomes
inoperable. The secondary appliance continually polls the primary appliance and if the primary appliance
does not respond then the secondary appliance asserts control over the realm of IP addresses that
external clients connect to. When the primary appliance becomes operational again, the secondary will
relinquish control of these IP addresses. This parameter is not required if only synchronizing configuration
changes to member pool appliances is being configured.
Authentication Key:
By default, this key is generated automatically. For 1:1 Redundancy with fail over, the secondary
appliance's key must match the primary appliance's key. This requires manually copying the primary
appliance's key and pasting it into this field on the secondary appliance (after deleting the secondary
appliance's generated key).
FX Series Administration Guide - Version 6.2.2 100
Chapter: FX Series Configuration
Section: RedundancyMN-FXSERIESADM6 Rev 6
Loading...
+ hidden pages
You need points to download manuals.
1 point = 1 manual.
You can buy points or you can get point for every manual you upload.