Deployment Worksheet and Cluster Limitations

On the following worksheet, you can calculate the number of appliances needed for your installation and the recommended mask field size. The recommended mask size is 1–2 bits larger than the minimum mask size for your installation.

Parameter Value Notes
Appliance Model Used  
Supported XenApp and XenDesktop Users Per Appliance Uspec = From data sheet
XenApp and XenDesktop Users on WAN Link Uwan =
User overload Factor Uoverload = Uwan/Uspec =
Supported BW Per Appliance BWspec = From data sheet
WAN Link BW BWwan =
BW Overload Factor BWoverload = BWwan/BWspec =
Number of appliances required N = max(Uoverload, BWoverload) +1 = Includes one spare
Min number of buckets Bmin = N, rounded up a power of 2 =
If SD-WAN 4000 or 5000, Bmin = 2\N, rounded up to a power of 2 =
Recommended value B = 4 \ Bmin if Bmin <= 16, else 2 \Bmin =
Number of “one” bits in address mask M = log2(B) If B=16, M=4.

Mask value: The mask value is a 32-bit address mask with several “one” bits equal to M in the worksheet provided earlier. Often these bits can be the least-significant bits in the WAN subnet mask used by your remote sites. If the masks at your remote sites vary, use the median mask. (Example: With /24 subnets, the least significant bits of the subnet are 0x00 00 nn 00. The number of bits to set to one is log2(mask size): if mask size is 16, set 4 bits to one. So with a mask size of 16 and a /24 subnet, set the mask value to 0x00 00 0f 00.): ______

The above guidelines work only if the selected subnet field is evenly distributed in your traffic, that is, that each address bit selected by the mask is a one for half the remote hosts, and a zero for the other half. Otherwise, load-balancing is impaired. This even distribution might be true for only a few bits in the network field (only 2 bits). If so with your network, instead of masking bits in the offending area of the subnet field, displace those bits to a portion of the host address field that has the 50/50 property. For example, if only three subnet bits in a /24 subnet have the 50/50 property, and you are using four mask bits, a mask of 0x00 00 07 10 avoids the offending bit at 0x00 00 0800 and displaces it to 0x00 00 00 10, a portion of the address field that is likely to have the 50/50 property if your remote subnets generally use at least 32 IP addresses each.

Parameter Value Notes
Final Mask Value  
Accelerated Bridge   Usually apA
WAN Service Group   A service group not already in use on your router (51-255)
LAN Service Group   Another unused service group
Router IP address   IP address of router interface on port facing the appliance
WCCP Protocol (usually “Auto”)  
DC Algorithm   Use “Deterministic” if you have only two appliances or are using dynamic load balancing like HSRP or GSLB. Otherwise, use “Least Disruptive.”

Configuring appliances in a WCCP cluster has the following limitations:

  • All appliances within a cluster must be the same model and use the same software release.
  • Parameter synchronization between appliances within the cluster is not automatic. Use Command Center to manage the appliances as a group.
  • SD-WAN traffic shaping is not effective, because it relies on controlling the entire link as a unit, and none of the appliances are in a position to do this. Router QoS can be used instead.
  • The WCCP-based load-balancing algorithms do not vary dynamically with load, so achieving a good load balance can require some tuning.
  • The hash method of cache assignment is not supported. Mask assignment is the supported method.
  • While the WCCP standard allows mask lengths of 1-7 bits, the appliance supports masks of 1-6 bits.
  • Multicast service groups are not supported; only unicast service groups are supported.
  • All routers using the same service group pair must support the same forwarding method (GRE or L2).
  • The forwarding and return method negotiated with the router must match: both must be GRE or both must be L2. Some routers do not support L2 in both directions, resulting in an error of “Router’s forward or return or assignment capability mismatch.” In this case, the service group must be configured as GRE.
  • SD-WAN VPX does not support WCCP clustering.
  • The appliance supports (and negotiates) only unweighted (equal) cache assignments. Weighted assignments are not supported.
  • Some older appliances, such as the SD-WAN 700, do not support WCCP clustering.
  • (SD-WAN WANOP 4000/5000 only) Two accelerator instances are required per interface in L2 mode. No more than three interfaces are supported per appliance (and then on appliances with six or more accelerator instances.)
  • (SD-WAN 4000/5000 only) WCCP control packets from the router must match one of the router IP addresses configured on the appliance for the service group. In practice, the router’s IP address for the interface that connects it to the appliance should be used. The router’s loopback IP cannot be used.

Deployment Worksheet and Cluster Limitations