cancel
Showing results for 
Search instead for 
Did you mean: 
junshi
Level 7

MWG7 - Clustered with WCCP - Slow downloads reported.

Hey all, we have multiple appliances all running in a clustered envrionment.

Using WCCP to direct traffic to the boxes.

We have rules to bypass caching/malware scanning for files larger than 20MB.

However, multiple sites are reporting that when enabled the MWG's are slowing the download speeds of larger files.

I have reports of 300MBs down from 1GBs ?!

I have sent multiple captures to McAfee, plus worked with my local network team, but no-one has been able to determine what is going on.

We have a 100meg pipe, that is close to saturated. Captures reveal many ACKs, duplicate packets etc....

BUT still the users are sure there is something going on.

Has anyone ran into anything similar - or have any additional ideas of where we can look?

We are currently running v7.0.2.2.0

Thanks

- J (stressed out IT guy)

(added pics of rules)

Message was edited by: junshi on 3/1/11 2:04:43 PM CST
0 Kudos
2 Replies
jont717
Level 12

MWG7 - Clustered with WCCP - Slow downloads reported.

You are going to have to provide some pictures of your rule set.

How are you bypassing large files?  There are a few ways to do this.

Are you authenticating users?

0 Kudos
junshi
Level 7

Re: MWG7 - Clustered with WCCP - Slow downloads reported.

No authentication at this point (to keep it simple for troubleshooting the basics).

Cache bypass using: header.response.get "content.lenght"

Progress bypassed using: the same as the above, but this creates a user.defined.key that I use to bypass the Antimalware rule.

(Added rules to original post)

- J

Message was edited by: junshi on 3/1/11 2:18:51 PM CST
0 Kudos