I had a WCCP2 configuration (using a gre tunnel) working with Squid 3.0
+ sslBump patches, but would like to move up to Squid 3.1 to resolve
some quirks.
Here is the wccp configuration I was using with Squid 3.0:
wccp2_router 10.10.10.1
wccp2_address 10.10.10.250
wccp2_service dynamic 80
wccp2_service_info 80 protocol=tcp flags=dst_ip_hash priority=240
ports=80,443
When Squid is running, the UDP socket is visible:
webcache# sockstat | grep squid
squid squid 25857 6 udp4 *:50592 *:*
squid squid 25857 12 tcp4 *:3128 *:*
squid squid 25857 13 udp4 10.10.10.250:2048 10.10.10.1:2048
squid squid 25855 5 dgram -> /var/run/log
I have setup a packet trace to capture UDP port 2048 packets and
restarted Squid, but I never see any traffic pass through port 2048 (I
would at least expect to see the WCCP "here I am" packet). This
correlates to the WCCP status on the Cisco router that reports 0 cache
engines are using service identifier 80.
I've set debugging_options to 80,5 and this is all that is logged to
cache.log:
2009/01/14 09:38:58| Starting Squid Cache version 3.1.0.3 for
i386-portbld-freebsd7.1...
2009/01/14 09:38:58.883| wccpInit: Called
2009/01/14 09:38:58.883| wccp2Init: Called
2009/01/14 09:38:58.883| wccp2InitServices: called
2009/01/14 09:38:58.883| wccpConnectionOpen: Called
2009/01/14 09:38:58.883| WCCPv1 disabled.
2009/01/14 09:38:58.883| wccp2ConnectionOpen: Called
2009/01/14 09:38:58.883| Accepting WCCPv2 messages on port 2048, FD 13.
2009/01/14 09:38:58.883| Initialising all WCCPv2 lists
I've built Squid 3.1.0.3 under FreeBSD using this configuration:
./configure --with-default-user=squid --bindir=/usr/local/sbin
--sbindir=/usr/local/sbin --datadir=/usr/local/etc/squid
--libexecdir=/usr/local/libexec/squid --localstatedir=/usr/local/squid
--sysconfdir=/usr/local/etc/squid --enable-removal-policies=lru heap
--disable-linux-netfilter --disable-linux-tproxy --disable-epoll
--enable-auth=basic digest --enable-basic-auth-helpers=DB NCSA PAM MSNT
SMB squid_radius_auth YP --enable-digest-auth-helpers=password
--enable-external-acl-helpers=ip_user session unix_group wbinfo_group
--enable-storeio=ufs diskd --disable-snmp --enable-ssl
--with-openssl=/usr --enable-wccpv2 --disable-ident-lookups
--enable-ipfw-transparent --enable-icap-client --disable-kqueue
--disable-ipv6 --disable-optimizations --enable-err-languages=Armenian
Azerbaijani Czech Estonian Finnish Greek Hebrew Hungarian Japanese
Korean Lithuanian Polish Portuguese Romanian Serbian Simplify_Chinese
Slovak Traditional_Chinese Turkish bg ca cs da de en en-au en-gb en-nz
en-us es fr id it ja nl pt-br ru sv uk zh-cn
--enable-default-err-language=en-us --prefix=/usr/local
--mandir=/usr/local/man --infodir=/usr/local/info/ i386-portbld-freebsd7.1
Any hints?
Thanks,
Guy
--
Guy Helmer, Ph.D.
Chief System Architect
Palisade Systems, Inc.