Re: [squid-users] Re: WCCP configuration
Henrik, Thanks for your reply. You said we should use only either transparent or tproxy and not both, but i feel we need to use both, like http_port 3128 tproxy tranparent based on the following. The parseHttpRequest() function needs to parse the Host: header in the http request. However, it only does this if the conn-port-transparent or conn-port-accel is true (if the http_port option has either transparent or accel) Squid version -- Squid 2.7 Stable 5. This is only my understanding, any advice from you is appreciated. Regards, vk From: vivek...@aol.in [mailto:vivek...@aol.in] We have configured as squid+tproxy. The squid ip is not displayed and only the client ip is displayed when we do the proxy test. But after configuring wccp we find that the server ip is displayed in the proxy test instead of the client ip. http_port 3128 transparent tproxy You should only use one of transparent or tproxy, not both. transparent for transparent interception (NAT style) tproxy for TPROXY interception. Regards Henrik You are invited to Get a Free AOL Email ID. - http://webmail.aol.in
Re: [squid-users] Re: WCCP configuration
Hello Hendrik, I am facing some issues while implementing Squid + Tproxy and WCCP. There is no problem with squid + Transparent + WCCP. cache.log as follows... 2009/01/12 08:36:11| clientTryParseRequest: FD 155 (189.50.133.254:1955) Invalid Request 2009/01/12 08:36:18| clientTryParseRequest: FD 114 (189.50.133.254:1956) Invalid Request 2009/01/12 08:36:25| clientTryParseRequest: FD 78 (189.50.133.254:1957) Invalid Request 2009/01/12 08:36:33| clientTryParseRequest: FD 60 (189.50.133.254:1958) Invalid Request 2009/01/12 08:36:40| clientTryParseRequest: FD 60 (189.50.133.254:1959) Invalid Request 2009/01/12 08:36:47| clientTryParseRequest: FD 42 (189.50.133.254:1960) Invalid Request 2009/01/12 08:36:55| clientTryParseRequest: FD 159 (189.50.133.254:1961) Invalid Request 2009/01/12 08:37:02| clientTryParseRequest: FD 77 (189.50.133.254:1962) Invalid Request access.log as follows... TCP_DENIED/400 1415 GET / - NONE/- text/html TCP_DENIED/400 1415 GET / - NONE/- text/html squid.conf... http_port 3128 transparent. tcp_outgoing_address is configured. /usr/local/sbin/iptables -t tproxy -A PREROUTING -i wccp -p tcp -m tcp --dport 80 -j TPROXY --on-port 3128. . Squid version : Squid 2.7 Stable 5. Kernel : linux-2.6.20.21 OS : FC 8 Router IOS : 2800 Software, Version 12.4(13b) Regards, vk From: vivek...@aol.in [mailto:vivek...@aol.in] We have configured as squid+tproxy. The squid ip is not displayed and only the client ip is displayed when we do the proxy test. But after configuring wccp we find that the server ip is displayed in the proxy test instead of the client ip. http_port 3128 transparent tproxy You should only use one of transparent or tproxy, not both. transparent for transparent interception (NAT style) tproxy for TPROXY interception. Regards Henrik You are invited to Get a Free AOL Email ID. - http://webmail.aol.in
RE: [squid-users] Re: WCCP configuration
From: vivek...@aol.in [mailto:vivek...@aol.in] We have configured as squid+tproxy. The squid ip is not displayed and only the client ip is displayed when we do the proxy test. But after configuring wccp we find that the server ip is displayed in the proxy test instead of the client ip. http_port 3128 transparent tproxy You should only use one of transparent or tproxy, not both. transparent for transparent interception (NAT style) tproxy for TPROXY interception. Regards Henrik
Re: [squid-users] Re: WCCP configuration
Amos, Thanks for your reply. Sorry, we are not using TPROXY but cttporxy 2.6.20-2.0.6, iptables 1.3.8 and linux kernal 2.6.20.21. Cisco IOS 2800 Ver 12.4 (13b) WCCP+Tranparent proxy works good. Trproxy without wccp works well by not revealing the server ip and only displaying the client ip. But once the wccp is enabled with tproxy, the sever ip is revealed instead of the client ip. Please scroll down below to check our previous mails. Any suggestions please. VK -Original Message- From: Amos Jeffries squ...@treenet.co.nz To: Ritter, Nicholas nicholas.rit...@americantv.com Cc: vivek...@aol.in; squid-users@squid-cache.org Sent: Sat, 10 Jan 2009 8:06 am 0ASubject: Re: [squid-users] Re: WCCP configuration Ritter, Nicholas wrote: With TProxy, I think you need to use Squid3-HEAD to reliably fix your issueAmos would know for sure. Nick Yes. Squid-2.* has no support for TPROXY v4.1+ 3.1.0.3 or later is needed. Which is at least an RC beta now, more stable that pure 3.HEAD alpha code. Also the squid.conf and configure details have changed. http://wiki.squid-cache.org/Features/Tproxy4 Amos From: vivek...@aol.in [mailto:vivek...@aol.in] Sent: Fri 1/9/2009 8:39 A M To: hen...@henriknordstrom.net Cc: squid-users@squid-cache.org; squ...@treenet.co.nz Subject: [squid-users] Re: WCCP configuration Hi, Thanks for the reply. It did help us solve the problem. But there is a new issue. We have configured as squid+tproxy. The squid ip is not displayed and only the client ip is displayed when we do the proxy test. But after configuring wccp we find that the server ip is displayed in the proxy test instead of the client ip. We also find that the http request is pathetically slow. squid.conf =0 A wccp2_service_info 80 protocol=tcp flags=src_ip_hash priority=240 ports=80 wccp2_service dynamic 90 wccp2_service_info 90 protocol=tcp flags=dst_ip_hash,ports_source priority=240 ports=80 http_port 3128 transparent tproxy iptable: /usr/local/sbin/iptables -t tproxy -A PREROUTING -i wccp -p tcp -m tcp --dport 80 -j TPROXY --on-port 3128 We created a gre tunnel based on the router identifier. wccp2_router xx.xx.xxx.xx (ip of router interface connected to squid machine) The following command is assigned at the router interface connected =0 Ato the lan. ip wccp 80 redirect in ip wccp 90 redirect out Following command at the router interface connected to squid. ip wccp redirect exclude in Router : Cisco IOS Software, 2800 Software (C2800NM-ADVIPSERVICESK9-M), Version 12.4(13b) Kernel : linux-2.6.20.21 IPtable : iptables-1.3.8 Os Ver : squid-2.7 Stable 5 #lsmod ip_gre 19616 0 iptable_filter 11136 0 ipt_TPROXY 11136 1 ipt_REDIRECT 10624 0 xt_tcpudp 11904 1 reiserfs 235144 5 iptable_tproxy 23036 2 ipt_TPROXY iptable_nat15492 1 iptable_tproxy ip_nat 24620 3 ipt_REDIRECT,iptable_tproxy,iptable_nat ip_tables 25448 3 iptable_filter,iptable_tproxy,iptable_nat x_tables 23560 5 ipt_TPROXY,ipt_REDIRECT,xt_tcpudp,iptable_nat,ip_tables ip_conntrack 53400 3 iptable_tproxy,iptable_nat,ip_nat The internet works, b ut the browsing is dead slow. Temporarily we have bypassed squid to browse the net. Thanks VK -Original Message- From: Henrik Nordstrom hen...@henriknordstrom.net To: vivek...@aol.in Cc: squ...@treenet.co.nz; squid-us...@squid-cache.org Sent: Thu, 8 Jan 2009 12:05 am Subject: Re: WCCP configuration ons 2009-01-07 klockan 08:46 -0500 skrev vivek...@aol.in: wccp2_router xxx.xx.xxx.xxx wccp_version 4 wccp2_forwarding_method 1 wccp2_return_method 1 wccp2_assignment_method 1 wccp2_service dynamic 8 0 wccp2_service_info 80 protocol=tcp flags=src_ip_hash priority=240 ports=80 wccp2_service dynamic 90 wccp2_service_info 90 protocol=tcp flags=dst_ip_hash,ports_source priority=240 ports=80 Router Eth0 - connected to lan. Eth1 - connecte to squid. Have you also configured * A loopback address on the router, giving it a easily identified router ID * the required GRE/WCCP tunnel interface on the Squid server * disabled rp_filter on the above GRE/WCCP interface. * And adjusted the REDIRECT/NAT rules to act on traffic=2 0received on the GRE/WCCP interface configured above? Service Identifier: web-cache Number of Service Group Clients: 1 Number of Service Group Routers: 1 Total Packets s/w Redirected:11336 Process: 0
Re: [squid-users] Re: WCCP configuration
vivek...@aol.in wrote: Amos, Thanks for your reply. Sorry, we are not using TPROXY but cttporxy 2.6.20-2.0.6, iptables 1.3.8 and linux kernal 2.6.20.21. Cisco IOS 2800 Ver 12.4 (13b) WCCP+Tranparent proxy works good. Trproxy without wccp works well by not revealing the server ip and only displaying the client ip. But once the wccp is enabled with tproxy, the sever ip is revealed instead of the client ip. Please scroll down below to check our previous mails. Any suggestions please. Other than checking your squid is built with --enable-linux-tproxy, none from me sorry. cttproxy was obsolete and officially unsupported before I ever heard of it. Amos VK -Original Message- From: Amos Jeffries squ...@treenet.co.nz To: Ritter, Nicholas nicholas.rit...@americantv.com Cc: vivek...@aol.in; squid-users@squid-cache.org Sent: Sat, 10 Jan 2009 8:06 am 0ASubject: Re: [squid-users] Re: WCCP configuration Ritter, Nicholas wrote: With TProxy, I think you need to use Squid3-HEAD to reliably fix your issueAmos would know for sure. Nick Yes. Squid-2.* has no support for TPROXY v4.1+ 3.1.0.3 or later is needed. Which is at least an RC beta now, more stable that pure 3.HEAD alpha code. Also the squid.conf and configure details have changed. http://wiki.squid-cache.org/Features/Tproxy4 Amos From: vivek...@aol.in [mailto:vivek...@aol.in] Sent: Fri 1/9/2009 8:39 A M To: hen...@henriknordstrom.net Cc: squid-users@squid-cache.org; squ...@treenet.co.nz Subject: [squid-users] Re: WCCP configuration Hi, Thanks for the reply. It did help us solve the problem. But there is a new issue. We have configured as squid+tproxy. The squid ip is not displayed and only the client ip is displayed when we do the proxy test. But after configuring wccp we find that the server ip is displayed in the proxy test instead of the client ip. We also find that the http request is pathetically slow. squid.conf =0 A wccp2_service_info 80 protocol=tcp flags=src_ip_hash priority=240 ports=80 wccp2_service dynamic 90 wccp2_service_info 90 protocol=tcp flags=dst_ip_hash,ports_source priority=240 ports=80 http_port 3128 transparent tproxy iptable: /usr/local/sbin/iptables -t tproxy -A PREROUTING -i wccp -p tcp -m tcp --dport 80 -j TPROXY --on-port 3128 We created a gre tunnel based on the router identifier. wccp2_router xx.xx.xxx.xx (ip of router interface connected to squid machine) The following command is assigned at the router interface connected =0 Ato the lan. ip wccp 80 redirect in ip wccp 90 redirect out Following command at the router interface connected to squid. ip wccp redirect exclude in Router : Cisco IOS Software, 2800 Software (C2800NM-ADVIPSERVICESK9-M), Version 12.4(13b) Kernel : linux-2.6.20.21 IPtable : iptables-1.3.8 Os Ver : squid-2.7 Stable 5 #lsmod ip_gre 19616 0 iptable_filter 11136 0 ipt_TPROXY 11136 1 ipt_REDIRECT 10624 0 xt_tcpudp 11904 1 reiserfs 235144 5 iptable_tproxy 23036 2 ipt_TPROXY iptable_nat15492 1 iptable_tproxy ip_nat 24620 3 ipt_REDIRECT,iptable_tproxy,iptable_nat ip_tables 25448 3 iptable_filter,iptable_tproxy,iptable_nat x_tables 23560 5 ipt_TPROXY,ipt_REDIRECT,xt_tcpudp,iptable_nat,ip_tables ip_conntrack 53400 3 iptable_tproxy,iptable_nat,ip_nat The internet works, b ut the browsing is dead slow. Temporarily we have bypassed squid to browse the net. Thanks VK -Original Message- From: Henrik Nordstrom hen...@henriknordstrom.net To: vivek...@aol.in Cc: squ...@treenet.co.nz; squid-users@squid-cache.org Sent: Thu, 8 Jan 2009 12:05 am Subject: Re: WCCP configuration ons 2009-01-07 klockan 08:46 -0500 skrev vivek...@aol.in: wccp2_router xxx.xx.xxx.xxx wccp_version 4 wccp2_forwarding_method 1 wccp2_return_method 1 wccp2_assignment_method 1 wccp2_service dynamic 8 0 wccp2_service_info 80 protocol=tcp flags=src_ip_hash priority=240 ports=80 wccp2_service dynamic 90 wccp2_service_info 90 protocol=tcp flags=dst_ip_hash,ports_source priority=240 ports=80 Router Eth0 - connected to lan. Eth1 - connecte to squid. Have you also configured * A loopback address on the router, giving it a easily identified router ID * the required GRE/WCCP tunnel interface on the Squid server * disabled rp_filter on the above GRE/WCCP interface. * And adjusted the REDIRECT/NAT rules to act on traffic=2 0received on the GRE/WCCP interface configured above? Service Identifier: web-cache Number of Service Group Clients: 1 Number of Service Group
[squid-users] Re: WCCP configuration
Hi, Thanks for the reply. It did help us solve the problem. But there is a new issue. We have configured as squid+tproxy. The squid ip is not displayed and only the client ip is displayed when we do the proxy test. But after configuring wccp we find that the server ip is displayed in the proxy test instead of the client ip. We also find that the http request is pathetically slow. squid.conf wccp2_service_info 80 protocol=tcp flags=src_ip_hash priority=240 ports=80 wccp2_service dynamic 90 wccp2_service_info 90 protocol=tcp flags=dst_ip_hash,ports_source priority=240 ports=80 http_port 3128 transparent tproxy iptable: /usr/local/sbin/iptables -t tproxy -A PREROUTING -i wccp -p tcp -m tcp --dport 80 -j TPROXY --on-port 3128 We created a gre tunnel based on the router identifier. wccp2_router xx.xx.xxx.xx (ip of router interface connected to squid machine) The following command is assigned at the router interface connected to the lan. ip wccp 80 redirect in ip wccp 90 redirect out Following command at the router interface connected to squid. ip wccp redirect exclude in Router : Cisco IOS Software, 2800 Software (C2800NM-ADVIPSERVICESK9-M), Version 12.4(13b) Kernel : linux-2.6.20.21 IPtable : iptables-1.3.8 Os Ver : squid-2.7 Stable 5 #lsmod ip_gre 19616 0 iptable_filter 11136 0 ipt_TPROXY 11136 1 ipt_REDIRECT 10624 0 xt_tcpudp 11904 1 reiserfs 235144 5 iptable_tproxy 23036 2 ipt_TPROXY iptable_nat15492 1 iptable_tproxy ip_nat 24620 3 ipt_REDIRECT,iptable_tproxy,iptable_nat ip_tables 25448 3 iptable_filter,iptable_tproxy,iptable_nat x_tables 23560 5 ipt_TPROXY,ipt_REDIRECT,xt_tcpudp,iptable_nat,ip_tables ip_conntrack 53400 3 iptable_tproxy,iptable_nat,ip_nat The internet works, but the browsing is dead slow. Temporarily we have bypassed squid to browse the net. Thanks VK -Original Message- From: Henrik Nordstrom hen...@henriknordstrom.net To: vivek...@aol.in Cc: squ...@treenet.co.nz; squid-users@squid-cache.org Sent: Thu, 8 Jan 2009 12:05 am Subject: Re: WCCP configuration ons 2009-01-07 klockan 08:46 -0500 skrev vivek...@aol.in: wccp2_router xxx.xx.xxx.xxx wccp_version 4 wccp2_forwarding_method 1 wccp2_return_method 1 wccp2_assignment_method 1 wccp2_service dynamic 80 wccp2_service_info 80 protocol=tcp flags=src_ip_hash priority=240 ports=80 wccp2_service dynamic 90 wccp2_service_info 90 protocol=tcp flags=dst_ip_hash,ports_source priority=240 ports=80 Router Eth0 - connected to lan. Eth1 - connecte to squid. Have you also configured * A loopback address on the router, giving it a easily identified router ID * the required GRE/WCCP tunnel interface on the Squid server * disabled rp_filter on the above GRE/WCCP interface. * And adjusted the REDIRECT/NAT rules to act on traffic received on the GRE/WCCP interface configured above? Service Identifier: web-cache Number of Service Group Clients: 1 Number of Service Group Routers: 1 Total Packets s/w Redirected:11336 Process: 0 Fast: 0 CEF: 11336 Looks fine. Is there any simple way of configuring WCCP. We have beating round the bush all day long to configure wccp. WCCP as such is configured. But something is missing in the interception at the proxy. Most likely the GRE interface mentioned above. Regards Henrik You are invited to Get a Free AOL Email ID. - http://webmail.aol.in
RE: [squid-users] Re: WCCP configuration
With TProxy, I think you need to use Squid3-HEAD to reliably fix your issueAmos would know for sure. Nick From: vivek...@aol.in [mailto:vivek...@aol.in] Sent: Fri 1/9/2009 8:39 AM To: hen...@henriknordstrom.net Cc: squid-users@squid-cache.org; squ...@treenet.co.nz Subject: [squid-users] Re: WCCP configuration Hi, Thanks for the reply. It did help us solve the problem. But there is a new issue. We have configured as squid+tproxy. The squid ip is not displayed and only the client ip is displayed when we do the proxy test. But after configuring wccp we find that the server ip is displayed in the proxy test instead of the client ip. We also find that the http request is pathetically slow. squid.conf wccp2_service_info 80 protocol=tcp flags=src_ip_hash priority=240 ports=80 wccp2_service dynamic 90 wccp2_service_info 90 protocol=tcp flags=dst_ip_hash,ports_source priority=240 ports=80 http_port 3128 transparent tproxy iptable: /usr/local/sbin/iptables -t tproxy -A PREROUTING -i wccp -p tcp -m tcp --dport 80 -j TPROXY --on-port 3128 We created a gre tunnel based on the router identifier. wccp2_router xx.xx.xxx.xx (ip of router interface connected to squid machine) The following command is assigned at the router interface connected to the lan. ip wccp 80 redirect in ip wccp 90 redirect out Following command at the router interface connected to squid. ip wccp redirect exclude in Router : Cisco IOS Software, 2800 Software (C2800NM-ADVIPSERVICESK9-M), Version 12.4(13b) Kernel : linux-2.6.20.21 IPtable : iptables-1.3.8 Os Ver : squid-2.7 Stable 5 #lsmod ip_gre 19616 0 iptable_filter 11136 0 ipt_TPROXY 11136 1 ipt_REDIRECT 10624 0 xt_tcpudp 11904 1 reiserfs 235144 5 iptable_tproxy 23036 2 ipt_TPROXY iptable_nat15492 1 iptable_tproxy ip_nat 24620 3 ipt_REDIRECT,iptable_tproxy,iptable_nat ip_tables 25448 3 iptable_filter,iptable_tproxy,iptable_nat x_tables 23560 5 ipt_TPROXY,ipt_REDIRECT,xt_tcpudp,iptable_nat,ip_tables ip_conntrack 53400 3 iptable_tproxy,iptable_nat,ip_nat The internet works, but the browsing is dead slow. Temporarily we have bypassed squid to browse the net. Thanks VK -Original Message- From: Henrik Nordstrom hen...@henriknordstrom.net To: vivek...@aol.in Cc: squ...@treenet.co.nz; squid-users@squid-cache.org Sent: Thu, 8 Jan 2009 12:05 am Subject: Re: WCCP configuration ons 2009-01-07 klockan 08:46 -0500 skrev vivek...@aol.in: wccp2_router xxx.xx.xxx.xxx wccp_version 4 wccp2_forwarding_method 1 wccp2_return_method 1 wccp2_assignment_method 1 wccp2_service dynamic 80 wccp2_service_info 80 protocol=tcp flags=src_ip_hash priority=240 ports=80 wccp2_service dynamic 90 wccp2_service_info 90 protocol=tcp flags=dst_ip_hash,ports_source priority=240 ports=80 Router Eth0 - connected to lan. Eth1 - connecte to squid. Have you also configured * A loopback address on the router, giving it a easily identified router ID * the required GRE/WCCP tunnel interface on the Squid server * disabled rp_filter on the above GRE/WCCP interface. * And adjusted the REDIRECT/NAT rules to act on traffic received on the GRE/WCCP interface configured above? Service Identifier: web-cache Number of Service Group Clients: 1 Number of Service Group Routers: 1 Total Packets s/w Redirected:11336 Process: 0 Fast: 0 CEF: 11336 Looks fine. Is there any simple way of configuring WCCP. We have beating round the bush all day long to configure wccp. WCCP as such is configured. But something is missing in the interception at the proxy. Most likely the GRE interface mentioned above. Regards Henrik You are invited to Get a Free AOL Email ID. - http://webmail.aol.in http://webmail.aol.in/
Re: [squid-users] Re: WCCP configuration
Ritter, Nicholas wrote: With TProxy, I think you need to use Squid3-HEAD to reliably fix your issueAmos would know for sure. Nick Yes. Squid-2.* has no support for TPROXY v4.1+ 3.1.0.3 or later is needed. Which is at least an RC beta now, more stable that pure 3.HEAD alpha code. Also the squid.conf and configure details have changed. http://wiki.squid-cache.org/Features/Tproxy4 Amos From: vivek...@aol.in [mailto:vivek...@aol.in] Sent: Fri 1/9/2009 8:39 AM To: hen...@henriknordstrom.net Cc: squid-users@squid-cache.org; squ...@treenet.co.nz Subject: [squid-users] Re: WCCP configuration Hi, Thanks for the reply. It did help us solve the problem. But there is a new issue. We have configured as squid+tproxy. The squid ip is not displayed and only the client ip is displayed when we do the proxy test. But after configuring wccp we find that the server ip is displayed in the proxy test instead of the client ip. We also find that the http request is pathetically slow. squid.conf wccp2_service_info 80 protocol=tcp flags=src_ip_hash priority=240 ports=80 wccp2_service dynamic 90 wccp2_service_info 90 protocol=tcp flags=dst_ip_hash,ports_source priority=240 ports=80 http_port 3128 transparent tproxy iptable: /usr/local/sbin/iptables -t tproxy -A PREROUTING -i wccp -p tcp -m tcp --dport 80 -j TPROXY --on-port 3128 We created a gre tunnel based on the router identifier. wccp2_router xx.xx.xxx.xx (ip of router interface connected to squid machine) The following command is assigned at the router interface connected to the lan. ip wccp 80 redirect in ip wccp 90 redirect out Following command at the router interface connected to squid. ip wccp redirect exclude in Router : Cisco IOS Software, 2800 Software (C2800NM-ADVIPSERVICESK9-M), Version 12.4(13b) Kernel : linux-2.6.20.21 IPtable : iptables-1.3.8 Os Ver : squid-2.7 Stable 5 #lsmod ip_gre 19616 0 iptable_filter 11136 0 ipt_TPROXY 11136 1 ipt_REDIRECT 10624 0 xt_tcpudp 11904 1 reiserfs 235144 5 iptable_tproxy 23036 2 ipt_TPROXY iptable_nat15492 1 iptable_tproxy ip_nat 24620 3 ipt_REDIRECT,iptable_tproxy,iptable_nat ip_tables 25448 3 iptable_filter,iptable_tproxy,iptable_nat x_tables 23560 5 ipt_TPROXY,ipt_REDIRECT,xt_tcpudp,iptable_nat,ip_tables ip_conntrack 53400 3 iptable_tproxy,iptable_nat,ip_nat The internet works, but the browsing is dead slow. Temporarily we have bypassed squid to browse the net. Thanks VK -Original Message- From: Henrik Nordstrom hen...@henriknordstrom.net To: vivek...@aol.in Cc: squ...@treenet.co.nz; squid-users@squid-cache.org Sent: Thu, 8 Jan 2009 12:05 am Subject: Re: WCCP configuration ons 2009-01-07 klockan 08:46 -0500 skrev vivek...@aol.in: wccp2_router xxx.xx.xxx.xxx wccp_version 4 wccp2_forwarding_method 1 wccp2_return_method 1 wccp2_assignment_method 1 wccp2_service dynamic 80 wccp2_service_info 80 protocol=tcp flags=src_ip_hash priority=240 ports=80 wccp2_service dynamic 90 wccp2_service_info 90 protocol=tcp flags=dst_ip_hash,ports_source priority=240 ports=80 Router Eth0 - connected to lan. Eth1 - connecte to squid. Have you also configured * A loopback address on the router, giving it a easily identified router ID * the required GRE/WCCP tunnel interface on the Squid server * disabled rp_filter on the above GRE/WCCP interface. * And adjusted the REDIRECT/NAT rules to act on traffic received on the GRE/WCCP interface configured above? Service Identifier: web-cache Number of Service Group Clients: 1 Number of Service Group Routers: 1 Total Packets s/w Redirected:11336 Process: 0 Fast: 0 CEF: 11336 Looks fine. Is there any simple way of configuring WCCP. We have beating round the bush all day long to configure wccp. WCCP as such is configured. But something is missing in the interception at the proxy. Most likely the GRE interface mentioned above. Regards Henrik You are invited to Get a Free AOL Email ID. - http://webmail.aol.in http://webmail.aol.in/ -- Please be using Current Stable Squid 2.7.STABLE5 or 3.0.STABLE11 Current Beta Squid 3.1.0.3
[squid-users] Re: WCCP configuration
ons 2009-01-07 klockan 08:46 -0500 skrev vivek...@aol.in: wccp2_router xxx.xx.xxx.xxx wccp_version 4 wccp2_forwarding_method 1 wccp2_return_method 1 wccp2_assignment_method 1 wccp2_service dynamic 80 wccp2_service_info 80 protocol=tcp flags=src_ip_hash priority=240 ports=80 wccp2_service dynamic 90 wccp2_service_info 90 protocol=tcp flags=dst_ip_hash,ports_source priority=240 ports=80 Router Eth0 - connected to lan. Eth1 - connecte to squid. Have you also configured * A loopback address on the router, giving it a easily identified router ID * the required GRE/WCCP tunnel interface on the Squid server * disabled rp_filter on the above GRE/WCCP interface. * And adjusted the REDIRECT/NAT rules to act on traffic received on the GRE/WCCP interface configured above? Service Identifier: web-cache Number of Service Group Clients: 1 Number of Service Group Routers: 1 Total Packets s/w Redirected:11336 Process: 0 Fast: 0 CEF: 11336 Looks fine. Is there any simple way of configuring WCCP. We have beating round the bush all day long to configure wccp. WCCP as such is configured. But something is missing in the interception at the proxy. Most likely the GRE interface mentioned above. Regards Henrik