|
|
|
|
|
|
| Author |
Message |
Shoebottom, Bryan
*nix forums addict
Joined: 14 Sep 2005
Posts: 58
|
 Posted: Thu Jul 13, 2006 5:17 pm Post subject:
2.6S1 WCCP2 problems
|
|
|
Hey,
I can't seem to get wccpv2 working in squid 2.6Stable1. My wccp config is as follows:
wccp2_router 10.10.101.1
wccp2_forwarding_method 1
wccp2_return_method 1
wccp2_service standard 0
My router only seems to see L2 redirection even though I have specified GRE/WCCP:
ROUTER#sho ip wcc we d
WCCP Cache-Engine information:
Web Cache ID: 10.10.101.3
Protocol Version: 2.0
State: NOT Usable
Redirection: L2
Packet Return: L2
Packets Redirected: 0
Connect Time: 00:00:29
Assignment: MASK
ROUTER#
After 30 seconds, the connect time for the cache restarts. I am running a 2.6.17 kernel which supports WCCP in the GRE module and have this loaded as gre0.
Has anyone else gotten this to work under the new 2.6 release yet? Anyone have any suggestions?
Thanks,
Bryan |
|
| Back to top |
|
 |
Shoebottom, Bryan
*nix forums addict
Joined: 14 Sep 2005
Posts: 58
|
| Posted: Fri Jul 14, 2006 6:27 pm Post subject:
RE: 2.6S1 WCCP2 problems
|
|
|
Does anyone have this problem on 2.6S1???
With debug on on the router I get this error:
Here_I_Am packet from 10.10.101.3 w/bad rcv_id 00000000
Any help would be appreciated.
Thanks,
Bryan
-----Original Message-----
From: Shoebottom, Bryan [mailto:BShoebottom@fanshawec.ca]
Sent: July 13, 2006 1:18 PM
To: squid-users@squid-cache.org
Subject: [squid-users] 2.6S1 WCCP2 problems
Hey,
I can't seem to get wccpv2 working in squid 2.6Stable1. My wccp config is as follows:
wccp2_router 10.10.101.1
wccp2_forwarding_method 1
wccp2_return_method 1
wccp2_service standard 0
My router only seems to see L2 redirection even though I have specified GRE/WCCP:
ROUTER#sho ip wcc we d
WCCP Cache-Engine information:
Web Cache ID: 10.10.101.3
Protocol Version: 2.0
State: NOT Usable
Redirection: L2
Packet Return: L2
Packets Redirected: 0
Connect Time: 00:00:29
Assignment: MASK
ROUTER#
After 30 seconds, the connect time for the cache restarts. I am running a 2.6.17 kernel which supports WCCP in the GRE module and have this loaded as gre0.
Has anyone else gotten this to work under the new 2.6 release yet? Anyone have any suggestions?
Thanks,
Bryan |
|
| Back to top |
|
|
Adrian Chadd
*nix forums beginner
Joined: 16 May 2002
Posts: 40
|
| Posted: Sat Jul 15, 2006 2:04 am Post subject:
Re: 2.6S1 WCCP2 problems
|
|
|
On Fri, Jul 14, 2006, Shoebottom, Bryan wrote:
| Quote: | Does anyone have this problem on 2.6S1???
With debug on on the router I get this error:
Here_I_Am packet from 10.10.101.3 w/bad rcv_id 00000000
|
You need to include the hardware/IOS version of the cisco you're talking to.
There's some versions which just don't plain work.
Adrian |
|
| Back to top |
|
|
tino
*nix forums beginner
Joined: 10 Jul 2006
Posts: 6
|
| Posted: Mon Jul 17, 2006 3:11 am Post subject:
Re: 2.6S1 WCCP2 problems
|
|
|
give me this data :
-cisco router version & ios version
-cisco runnning config
-kernel version
-iptables setting
-output of ifconfig
-when ./configure , your need add this options --enable_wccpv2
rgds,
Tino
----- Original Message -----
From: "Shoebottom, Bryan" <BShoebottom@fanshawec.ca>
To: <squid-users@squid-cache.org>
Sent: Saturday, July 15, 2006 1:27 AM
Subject: RE: [squid-users] 2.6S1 WCCP2 problems
Does anyone have this problem on 2.6S1???
With debug on on the router I get this error:
Here_I_Am packet from 10.10.101.3 w/bad rcv_id 00000000
Any help would be appreciated.
Thanks,
Bryan
-----Original Message-----
From: Shoebottom, Bryan [mailto:BShoebottom@fanshawec.ca]
Sent: July 13, 2006 1:18 PM
To: squid-users@squid-cache.org
Subject: [squid-users] 2.6S1 WCCP2 problems
Hey,
I can't seem to get wccpv2 working in squid 2.6Stable1. My wccp config is
as follows:
wccp2_router 10.10.101.1
wccp2_forwarding_method 1
wccp2_return_method 1
wccp2_service standard 0
My router only seems to see L2 redirection even though I have specified
GRE/WCCP:
ROUTER#sho ip wcc we d
WCCP Cache-Engine information:
Web Cache ID: 10.10.101.3
Protocol Version: 2.0
State: NOT Usable
Redirection: L2
Packet Return: L2
Packets Redirected: 0
Connect Time: 00:00:29
Assignment: MASK
ROUTER#
After 30 seconds, the connect time for the cache restarts. I am running a
2.6.17 kernel which supports WCCP in the GRE module and have this loaded as
gre0.
Has anyone else gotten this to work under the new 2.6 release yet? Anyone
have any suggestions?
Thanks,
Bryan |
|
| Back to top |
|
|
Adrian Chadd
*nix forums beginner
Joined: 16 May 2002
Posts: 40
|
| Posted: Mon Jul 17, 2006 12:50 pm Post subject:
Re: 2.6S1 WCCP2 problems
|
|
|
On Mon, Jul 17, 2006, Shoebottom, Bryan wrote:
| Quote: | I'm not going to say it's not a cisco problem because they seem to change their code with every release, but i only changed the cache configuration to use 2.6S1 and not 2.5S12. I will try the debug (all on our development network) and send in the results. Thanks for the suggestions.
|
Hopefully the logs will give us a hint as to why WCCP isn't working.
How much interest is there in getting Squid-2.6 and WCCPv2 working
well?
Adrian |
|
| Back to top |
|
|
Adrian Chadd
*nix forums beginner
Joined: 16 May 2002
Posts: 40
|
| Posted: Mon Jul 17, 2006 1:28 pm Post subject:
Re: 2.6S1 WCCP2 problems
|
|
|
On Mon, Jul 17, 2006, Shoebottom, Bryan wrote:
| Quote: | Adrian,
The interest is 100%. If I can't get wccpv2 to work in 2.6, i will stay with 2.5. As for the debug, i will post what is in the cache.log file, i also got 5 core file for every time squid tried to start:
|
You need to fix this first before we try to fix WCCP2.
This error sounds like the diskd stuff isn't setup right - double-check your SYSV shared
memory and message queue configuration and get squid-2.6 stable.
Adrian
| Quote: |
FATAL: msgget failed
Squid Cache (Version 2.6.STABLE1): Terminated abnormally.
CPU Usage: 0.008 seconds = 0.004 user + 0.004 sys
Maximum Resident Size: 0 KB
Page faults with physical i/o: 0
FATAL: msgget failed
Squid Cache (Version 2.6.STABLE1): Terminated abnormally.
CPU Usage: 0.004 seconds = 0.004 user + 0.000 sys
Maximum Resident Size: 0 KB
Page faults with physical i/o: 0
FATAL: msgget failed
Squid Cache (Version 2.6.STABLE1): Terminated abnormally.
CPU Usage: 0.008 seconds = 0.004 user + 0.004 sys
Maximum Resident Size: 0 KB
Page faults with physical i/o: 0
FATAL: msgget failed
Squid Cache (Version 2.6.STABLE1): Terminated abnormally.
CPU Usage: 0.004 seconds = 0.004 user + 0.000 sys
Maximum Resident Size: 0 KB
Page faults with physical i/o: 0
FATAL: msgget failed
Squid Cache (Version 2.6.STABLE1): Terminated abnormally.
CPU Usage: 0.004 seconds = 0.004 user + 0.000 sys
Maximum Resident Size: 0 KB
Page faults with physical i/o: 0
Thanks,
Bryan Shoebottom CCNA
Network/UNIX Administrator
Network Services & Computer Operations
Fanshawe College
-----Original Message-----
From: Adrian Chadd [mailto:adrian@creative.net.au]
Sent: Mon 7/17/2006 8:50 AM
To: Shoebottom, Bryan
Cc: Jeremy Hall; squid-users@squid-cache.org
Subject: Re: [squid-users] 2.6S1 WCCP2 problems
On Mon, Jul 17, 2006, Shoebottom, Bryan wrote:
I'm not going to say it's not a cisco problem because they seem to change their code with every release, but i only changed the cache configuration to use 2.6S1 and not 2.5S12. I will try the debug (all on our development network) and send in the results. Thanks for the suggestions.
Hopefully the logs will give us a hint as to why WCCP isn't working.
How much interest is there in getting Squid-2.6 and WCCPv2 working
well?
Adrian
|
|
|
| Back to top |
|
|
tino
*nix forums beginner
Joined: 10 Jul 2006
Posts: 6
|
| Posted: Wed Jul 19, 2006 12:25 am Post subject:
Re: 2.6S1 WCCP2 problems
|
|
|
RE: [squid-users] 2.6S1 WCCP2 problems http_port 3128 transparent
vhost vport=80
tcp_outgoing address 10.10.10.1
wccp2_router 10.10.10.2
wccp2_forwarding_method 1
wccp2_return_method 1
wccp2_service standard 0
As far I know, kernel 2.6.9 & up , you do need bringing up loopback0 at
cisco router (this is because wccp will use it as router identifier)
#at router :
interface lo0
ip address 172.0.0.1 255.255.255.252
no shut
#-at squid:
insmod ip_gre
ifconfig gre0 up
ip addr add 172.0.0.2 255.255.255.252 dev gre0
If you shut loopback0, wccp mechanism still alive at router, but no traffic
being redirected ( gre_tunnel is established between lo0<-->gre0 & via this
tunnel where web-traffic redirected)
Also put "ip wccp web-cache exclude in" in the router interface where squid
attached & make sure it is not same vlan where traffic redirected
regards
Tino
----- Original Message -----
From: Shoebottom, Bryan
To: tino ; squid-users@squid-cache.org
Sent: Tuesday, July 18, 2006 7:06 PM
Subject: RE: [squid-users] 2.6S1 WCCP2 problems
Tino,
Our lookback interface is not configured and never has been in the past for
caches to work. You do bring up an interesting point of the IP address of
the gre interface. In the past i have simply used an IP that is not on our
network, maybe i can't do that anymore. What wccp directives do you have
configured in your squid.conf?
Thanks,
Bryan
-----Original Message-----
From: tino [mailto:tino.kriswanto@gmail.com]
Sent: Mon 7/17/2006 8:17 PM
To: Shoebottom, Bryan; squid-users@squid-cache.org
Subject: Re: [squid-users] 2.6S1 WCCP2 problems
Hi, Bryan
what is your interface loopback0 status & ip address at L3 6500 ? It should
be in the same subnet with your gre0 ip address.
I'm running 6500 earlier version than yours (supervisor engine-1a & msfc1),
ip cef enable, & wccpv2 work ok with squid-2.6S1, I'm using kernel 2.6.15.7
with ip_gre loaded from kernel module.
It also work when I put squid-2.6.S1 with 3620 router, ios 12.2(t) &
as5300, ios 12.0.7(t)
also, make sure iptables loaded first before running squid
rgds,
Tino
----- Original Message -----
From: Shoebottom, Bryan <mailto:BShoebottom@fanshawec.ca>
To: tino <mailto:tino.kriswanto@gmail.com> ;
squid-users@squid-cache.org
Sent: Monday, July 17, 2006 7:29 PM
Subject: RE: [squid-users] 2.6S1 WCCP2 problems
-6500 running code 12.1(26)E
-ip wccp we redirect in configured on vlans
ip wccp web-cache
-2.6.17
-/sbin/iptables -t nat -A PREROUTING -i gre0 -p tcp -m tcp --dport
80 -j REDIRECT --to-ports 3128
eth0 Link encap:Ethernet HWaddr 00:14:C2:C3:3B:1D
inet addr:10.10.101.3 Bcast:10.10.101.7
Mask:255.255.255.248
inet6 addr: fe80::214:c2ff:fec3:3b1d/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:53302 errors:0 dropped:0 overruns:0 frame:0
TX packets:41745 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:7311146 (6.9 MiB) TX bytes:6586185 (6.2 MiB)
Interrupt:185
gre0 Link encap:UNSPEC HWaddr
00-00-00-00-BD-BF-A8-4C-00-00-00-00-00-00-00-00
inet addr:10.2.1.1 Mask:255.255.255.252
UP RUNNING NOARP MTU:1476 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:104 errors:0 dropped:0 overruns:0 frame:0
TX packets:104 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:19992 (19.5 KiB) TX bytes:19992 (19.5 KiB)
I have enabled wccp2 when configuring squid.
Thanks,
Bryan
-----Original Message-----
From: tino [mailto:tino.kriswanto@gmail.com]
Sent: Sun 7/16/2006 11:11 PM
To: Shoebottom, Bryan; squid-users@squid-cache.org
Subject: Re: [squid-users] 2.6S1 WCCP2 problems
give me this data :
-cisco router version & ios version
-cisco runnning config
-kernel version
-iptables setting
-output of ifconfig
-when ./configure , your need add this options --enable_wccpv2
rgds,
Tino
----- Original Message -----
From: "Shoebottom, Bryan" <BShoebottom@fanshawec.ca>
To: <squid-users@squid-cache.org>
Sent: Saturday, July 15, 2006 1:27 AM
Subject: RE: [squid-users] 2.6S1 WCCP2 problems
Does anyone have this problem on 2.6S1???
With debug on on the router I get this error:
Here_I_Am packet from 10.10.101.3 w/bad rcv_id 00000000
Any help would be appreciated.
Thanks,
Bryan
-----Original Message-----
From: Shoebottom, Bryan [mailto:BShoebottom@fanshawec.ca]
Sent: July 13, 2006 1:18 PM
To: squid-users@squid-cache.org
Subject: [squid-users] 2.6S1 WCCP2 problems
Hey,
I can't seem to get wccpv2 working in squid 2.6Stable1. My wccp
config is
as follows:
wccp2_router 10.10.101.1
wccp2_forwarding_method 1
wccp2_return_method 1
wccp2_service standard 0
My router only seems to see L2 redirection even though I have
specified
GRE/WCCP:
ROUTER#sho ip wcc we d
WCCP Cache-Engine information:
Web Cache ID: 10.10.101.3
Protocol Version: 2.0
State: NOT Usable
Redirection: L2
Packet Return: L2
Packets Redirected: 0
Connect Time: 00:00:29
Assignment: MASK
ROUTER#
After 30 seconds, the connect time for the cache restarts. I am
running a
2.6.17 kernel which supports WCCP in the GRE module and have this
loaded as
gre0.
Has anyone else gotten this to work under the new 2.6 release yet?
Anyone
have any suggestions?
Thanks,
Bryan |
|
| Back to top |
|
|
Henrik Nordstrom
*nix forums Guru
Joined: 01 Feb 2005
Posts: 2377
|
| Posted: Wed Jul 19, 2006 2:04 pm Post subject:
Re: 2.6S1 WCCP2 problems
|
|
|
ons 2006-07-19 klockan 07:25 +0700 skrev tino:
| Quote: | RE: [squid-users] 2.6S1 WCCP2 problems http_port 3128 transparent
vhost vport=80
|
why vhost and vport=80? These are for accelerator/reverse proxy mode,
not Internet proxies.. The transparent keyword takes care of all which
is needed in transparent interception.
| Quote: | #-at squid:
insmod ip_gre
ifconfig gre0 up
ip addr add 172.0.0.2 255.255.255.252 dev gre0
|
I would say it's better to create a new GRE tunnel for the router.
ip tunnel add wccp mode gre remote ip.of.router
ip addr add proxy.server.ip/32 dev wccp
ip link set wccp up
and intercepted packets redirected by the router should be coming in on
the virtual wccp interface, where they can easily be redirected to Squid
iptables -t nat -A PREROUTING -i wccp -p tcp -j REDIRECT --to 3128
You quite likely also need to disable reverse-path lookups on the wccp
interface
echo 0 >/proc/sys/net/ipv4/conf/wccp/rp_filter
IP forwarding does not need to be enabled.
Regards
Henrik |
|
| Back to top |
|
|
Bryan Shoebottom
*nix forums beginner
Joined: 19 Jul 2006
Posts: 2
|
| Posted: Wed Jul 19, 2006 7:50 pm Post subject:
Re: 2.6S1 WCCP2 problems
|
|
|
Tino,
Thanks for your config, i added the vhost and vport=80 options to my
config, but i am still having the same problems. As for lo0 on the
router, i have never had to setup this up in the past but i tried it
anyway and it made no difference. When i have talked to the Cisco guys
before they stated that WCCP simply needs an IP and will grab any
configured IP on the router, it doesn't matter. I think i am going to
submit a bug, i don't know why squid is sending back a bad id.
Thanks,
Bryan
On Tue, 2006-07-18 at 20:25 -0400, tino wrote:
| Quote: | RE: [squid-users] 2.6S1 WCCP2 problems http_port 3128
transparent
vhost vport=80
tcp_outgoing address 10.10.10.1
wccp2_router 10.10.10.2
wccp2_forwarding_method 1
wccp2_return_method 1
wccp2_service standard 0
As far I know, kernel 2.6.9 & up , you do need bringing up loopback0
at
cisco router (this is because wccp will use it as router identifier)
#at router :
interface lo0
ip address 172.0.0.1 255.255.255.252
no shut
#-at squid:
insmod ip_gre
ifconfig gre0 up
ip addr add 172.0.0.2 255.255.255.252 dev gre0
If you shut loopback0, wccp mechanism still alive at router, but no
traffic
being redirected ( gre_tunnel is established between lo0<-->gre0 & via
this
tunnel where web-traffic redirected)
Also put "ip wccp web-cache exclude in" in the router interface where
squid
attached & make sure it is not same vlan where traffic redirected
regards
Tino
----- Original Message -----
From: Shoebottom, Bryan
To: tino ; squid-users@squid-cache.org
Sent: Tuesday, July 18, 2006 7:06 PM
Subject: RE: [squid-users] 2.6S1 WCCP2 problems
Tino,
Our lookback interface is not configured and never has been in the
past for
caches to work. You do bring up an interesting point of the IP
address of
the gre interface. In the past i have simply used an IP that is not
on our
network, maybe i can't do that anymore. What wccp directives do you
have
configured in your squid.conf?
Thanks,
Bryan
-----Original Message-----
From: tino [mailto:tino.kriswanto@gmail.com]
Sent: Mon 7/17/2006 8:17 PM
To: Shoebottom, Bryan; squid-users@squid-cache.org
Subject: Re: [squid-users] 2.6S1 WCCP2 problems
Hi, Bryan
what is your interface loopback0 status & ip address at L3 6500 ? It
should
be in the same subnet with your gre0 ip address.
I'm running 6500 earlier version than yours (supervisor engine-1a &
msfc1),
ip cef enable, & wccpv2 work ok with squid-2.6S1, I'm using kernel
2.6.15.7
with ip_gre loaded from kernel module.
It also work when I put squid-2.6.S1 with 3620 router, ios 12.2(t) &
as5300, ios 12.0.7(t)
also, make sure iptables loaded first before running squid
rgds,
Tino
----- Original Message -----
From: Shoebottom, Bryan <mailto:BShoebottom@fanshawec.ca
To: tino <mailto:tino.kriswanto@gmail.com> ;
squid-users@squid-cache.org
Sent: Monday, July 17, 2006 7:29 PM
Subject: RE: [squid-users] 2.6S1 WCCP2 problems
-6500 running code 12.1(26)E
-ip wccp we redirect in configured on vlans
ip wccp web-cache
-2.6.17
-/sbin/iptables -t nat -A PREROUTING -i gre0 -p tcp -m tcp
--dport
80 -j REDIRECT --to-ports 3128
eth0 Link encap:Ethernet HWaddr 00:14:C2:C3:3B:1D
inet addr:10.10.101.3 Bcast:10.10.101.7
Mask:255.255.255.248
inet6 addr: fe80::214:c2ff:fec3:3b1d/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:53302 errors:0 dropped:0 overruns:0
frame:0
TX packets:41745 errors:0 dropped:0 overruns:0
carrier:0
collisions:0 txqueuelen:1000
RX bytes:7311146 (6.9 MiB) TX bytes:6586185 (6.2
MiB)
Interrupt:185
gre0 Link encap:UNSPEC HWaddr
00-00-00-00-BD-BF-A8-4C-00-00-00-00-00-00-00-00
inet addr:10.2.1.1 Mask:255.255.255.252
UP RUNNING NOARP MTU:1476 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:104 errors:0 dropped:0 overruns:0 frame:0
TX packets:104 errors:0 dropped:0 overruns:0
carrier:0
collisions:0 txqueuelen:0
RX bytes:19992 (19.5 KiB) TX bytes:19992 (19.5 KiB)
I have enabled wccp2 when configuring squid.
Thanks,
Bryan
-----Original Message-----
From: tino [mailto:tino.kriswanto@gmail.com]
Sent: Sun 7/16/2006 11:11 PM
To: Shoebottom, Bryan; squid-users@squid-cache.org
Subject: Re: [squid-users] 2.6S1 WCCP2 problems
give me this data :
-cisco router version & ios version
-cisco runnning config
-kernel version
-iptables setting
-output of ifconfig
-when ./configure , your need add this options
--enable_wccpv2
rgds,
Tino
----- Original Message -----
From: "Shoebottom, Bryan" <BShoebottom@fanshawec.ca
To: <squid-users@squid-cache.org
Sent: Saturday, July 15, 2006 1:27 AM
Subject: RE: [squid-users] 2.6S1 WCCP2 problems
Does anyone have this problem on 2.6S1???
With debug on on the router I get this error:
Here_I_Am packet from 10.10.101.3 w/bad rcv_id 00000000
Any help would be appreciated.
Thanks,
Bryan
-----Original Message-----
From: Shoebottom, Bryan [mailto:BShoebottom@fanshawec.ca]
Sent: July 13, 2006 1:18 PM
To: squid-users@squid-cache.org
Subject: [squid-users] 2.6S1 WCCP2 problems
Hey,
I can't seem to get wccpv2 working in squid 2.6Stable1. My
wccp
config is
as follows:
wccp2_router 10.10.101.1
wccp2_forwarding_method 1
wccp2_return_method 1
wccp2_service standard 0
My router only seems to see L2 redirection even though I have
specified
GRE/WCCP:
ROUTER#sho ip wcc we d
WCCP Cache-Engine information:
Web Cache ID: 10.10.101.3
Protocol Version: 2.0
State: NOT Usable
Redirection: L2
Packet Return: L2
Packets Redirected: 0
Connect Time: 00:00:29
Assignment: MASK
ROUTER#
After 30 seconds, the connect time for the cache restarts. I
am
running a
2.6.17 kernel which supports WCCP in the GRE module and have
this
loaded as
gre0.
Has anyone else gotten this to work under the new 2.6 release
yet?
Anyone
have any suggestions?
Thanks,
Bryan
|
|
|
| Back to top |
|
|
Bryan Shoebottom
*nix forums beginner
Joined: 19 Jul 2006
Posts: 2
|
| Posted: Wed Jul 19, 2006 7:54 pm Post subject:
Re: 2.6S1 WCCP2 problems
|
|
|
Henrik,
I will give that a shot. Is there any reason why this isn't in the FAQ?
This is the first place i checked when my config didn't work.
Thanks,
Bryan
On Wed, 2006-07-19 at 10:04 -0400, Henrik Nordstrom wrote:
| Quote: | ons 2006-07-19 klockan 07:25 +0700 skrev tino:
RE: [squid-users] 2.6S1 WCCP2 problems http_port 3128 transparent
vhost vport=80
why vhost and vport=80? These are for accelerator/reverse proxy mode,
not Internet proxies.. The transparent keyword takes care of all which
is needed in transparent interception.
#-at squid:
insmod ip_gre
ifconfig gre0 up
ip addr add 172.0.0.2 255.255.255.252 dev gre0
I would say it's better to create a new GRE tunnel for the router.
ip tunnel add wccp mode gre remote ip.of.router
ip addr add proxy.server.ip/32 dev wccp
ip link set wccp up
and intercepted packets redirected by the router should be coming in on
the virtual wccp interface, where they can easily be redirected to Squid
iptables -t nat -A PREROUTING -i wccp -p tcp -j REDIRECT --to 3128
You quite likely also need to disable reverse-path lookups on the wccp
interface
echo 0 >/proc/sys/net/ipv4/conf/wccp/rp_filter
IP forwarding does not need to be enabled.
Regards
Henrik |
|
|
| Back to top |
|
|
tino
*nix forums beginner
Joined: 10 Jul 2006
Posts: 6
|
| Posted: Thu Jul 20, 2006 12:27 am Post subject:
Re: 2.6S1 WCCP2 problems
|
|
|
Yes,
check your rp_filter=0
Be sure to try your squid in non-transparent (fill the proxy in client
browser) is work well
You also had to search topics in web
http://www.squid-cache.org/mail-archive/squid-users/200502/0909.html
rgds,
Tino
----- Original Message -----
From: "Bryan Shoebottom" <bshoebottom@fanshawec.ca>
To: "Henrik Nordstrom" <henrik@henriknordstrom.net>
Cc: "tino" <tino.kriswanto@gmail.com>; <squid-users@squid-cache.org>
Sent: Thursday, July 20, 2006 2:54 AM
Subject: Re: [squid-users] 2.6S1 WCCP2 problems
| Quote: | Henrik,
I will give that a shot. Is there any reason why this isn't in the FAQ?
This is the first place i checked when my config didn't work.
Thanks,
Bryan
On Wed, 2006-07-19 at 10:04 -0400, Henrik Nordstrom wrote:
ons 2006-07-19 klockan 07:25 +0700 skrev tino:
RE: [squid-users] 2.6S1 WCCP2 problems http_port 3128 transparent
vhost vport=80
why vhost and vport=80? These are for accelerator/reverse proxy mode,
not Internet proxies.. The transparent keyword takes care of all which
is needed in transparent interception.
#-at squid:
insmod ip_gre
ifconfig gre0 up
ip addr add 172.0.0.2 255.255.255.252 dev gre0
I would say it's better to create a new GRE tunnel for the router.
ip tunnel add wccp mode gre remote ip.of.router
ip addr add proxy.server.ip/32 dev wccp
ip link set wccp up
and intercepted packets redirected by the router should be coming in on
the virtual wccp interface, where they can easily be redirected to Squid
iptables -t nat -A PREROUTING -i wccp -p tcp -j REDIRECT --to 3128
You quite likely also need to disable reverse-path lookups on the wccp
interface
echo 0 >/proc/sys/net/ipv4/conf/wccp/rp_filter
IP forwarding does not need to be enabled.
Regards
Henrik |
|
|
| Back to top |
|
|
Henrik Nordstrom
*nix forums Guru
Joined: 01 Feb 2005
Posts: 2377
|
| Posted: Thu Jul 20, 2006 2:51 pm Post subject:
Re: 2.6S1 WCCP2 problems
|
|
|
ons 2006-07-19 klockan 15:54 -0400 skrev Bryan Shoebottom:
| Quote: | I will give that a shot. Is there any reason why this isn't in the FAQ?
|
Lack of people having time to update the FAQ?
Regards
Henrik |
|
| Back to top |
|
|
Henrik Nordstrom
*nix forums Guru
Joined: 01 Feb 2005
Posts: 2377
|
| Posted: Thu Jul 20, 2006 3:17 pm Post subject:
Re: 2.6S1 WCCP2 problems
|
|
|
ons 2006-07-19 klockan 15:50 -0400 skrev Bryan Shoebottom:
| Quote: | before they stated that WCCP simply needs an IP and will grab any
configured IP on the router, it doesn't matter. I think i am going to
submit a bug, i don't know why squid is sending back a bad id.
|
Perhaps your problem matches bug #1584? "Cache unable to register with
WCCPv2" <url:http://www.squid-cache.org/bugs/show_bug.cgi?id=1584>
Note: Bug #1584 is about an IOS issue where IOS incorrectly rejects WCCP
control channel packets as duplicates if their IP level packet ID is 0.
For correct operation IOS should be looking at the WCCP message ID, not
the IP packet ID. The IP packet ID should be ignored completely, only
relevant in handling of fragmented IP packets which is not the case
here.
Regards
Henrik |
|
| Back to top |
|
|
Google
|
|
| Back to top |
|
|
|
|
The time now is Mon Dec 01, 2008 9:29 pm | All times are GMT
|
|
Loans | Debt Management | Proxy | Loans | Mortgage Calculator
|
|
Copyright © 2004-2005 DeniX Solutions SRL
|
|
|
|
Other DeniX Solutions sites:
Unix/Linux blog |
electronics forum |
medicine forum |
science forum |
|
|
Privacy Policy
|
Powered by phpBB © 2001, 2005 phpBB Group
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
Forum index
»
Apps
»
Squid
