On Thu, 24 Jun 2004, Paul P Komkoff Jr wrote: > Currently my goal is to make squid + wccp configuration working > out-of-the box. Ideally - without any extra modules. This is possible with WCCPv2 using direct routing avoiding the need of GRE/WCCP tunneling. WCCPv2 patches do exists for Squid-2.5, but may be a little hard to find.. (no official maintainer of the WCCPv2 support for Squid at the moment) > Currently, most wccp configurations are working with this module: > http://www.squid-cache.org/WCCP-support/Linux/ip_wccp.c Please note that this module is by no means clean, and lacks a lot in security. There is also a WCCP patch available to the GRE driver. This approach provides a little more security but is also more complex to set up for the same reasons and is not used very much.. http://www.swelltech.com/pengies/joe/patches/linux-2.4.8-ip_gre.patch The GRE patch is very simplistic and would do good of being properly implemented and integrated with the "ip tunnel" command for configuration of the GRE protocol (normal GRE / WCCPv1 / WCCPv2 / whatever...). > What do you think? Which way I should do? I think approach 1 (decapsulation within GRE) is most suitable. It also provides an adequate level of control on security and permissions which may be hard to accomplish if separating the two. Regards Henrik Nordström aka hno@squid-cache.org and current maintainer of the Squid ip_wccp.c module - : send the line "unsubscribe linux-net" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
