Search squid archive

Squid and WCCP v1 (squid-2.5.STABLE11-3.FC3) on Fedora Core 3 (2.6.9-1.667smp)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Greetings.

Sorry for the long message. We are trying to implement Transparent/Interception caching using the following: -- Squid 2.5 Stable 11 (We were able to obtain an RPM for Fedora Core 3) with WCCP v1
-- Fedora Core 3 (64-bit, 2.6.9-1.667smp)
-- Cisco Router (IOS 12.2)
in the following configuration (not real IP addresses and interface designations used):

|-----------------------| | Squid (2.5 S11) | | Fedora Core 3 | |-----------------------| eth 0 | 201. 1.1.2/255.255.255.252 | | | int 0/0 | 201.1.1.1/255.255.255.252 | int 0/1 |------------------------------| ------------------------- to Internet * Networks of ATM interface | | 203.1.1.1/255.255.255.224 Dial Up Users via various ------------------------------------| Cisco Router (IOS 12.2) | Terminal Servers 202.1.1.1/255.255.255.252 | | 203.1.1.2/255.255.255.224 |------------------------------|-------------------------- to Internet * int 0/2 * The two network interfaces (int 0/1 and int 0/2) are connected to the same network and load balanced via OSPF. (Please pardon the interface designations on the router as I am not too familiar with it and we have no administrative control of the router)

On the router (IOS 12.2):
-- As mentioned above, connections to the internet (int 0/1 and int 0/2) are load balanced over OSPF -- An access list has been defined on ATM interface for various networks (dialups, DSL, etc.) -- We have turned CEF off on the interface connected to the Squid CACHE (we actually tried it with CEF as well). -- WCCP v1 is enabled and applied at the 2 outbound internet connections (int 0/1 and int 0/2) with "redirect out" option -- We have also tried to apply WCCP v1 at the ATM interface with "redirect in" option. -- WCCP v1 was enabled and applied to the various interfaces as detailed above with access lists (as specified above, defined for the ATM interface)

On the Linux Box (FC3, 2.6.9-1.667smp):
-- We used the WCCP v1 module on Squid as pre-compiled with the RPM.
-- We are using GRE instead of WCCP patch as we have read in the FAQs and lists that this is the implementation to use for kernel versions >= 2.6.9. -- We are also using iptables to redirect traffic coming in from port 80 to 3128 (the squid port we are using).. -- We specified and enabled the appropriate variables in squid.conf for both transparent/interception caching and WCCP v1.

Configurations used:
We have tried the various setups as detailed in the following URLs:
-- http://www.squid-cache.org/mail-archive/squid-users/200505/0678.html
-- http://www.sublime.com.au/squid-wccp/
-- http://www.reub.net/node/3
-- http://www.spc.int/it/TechHead/Wccp-squid.html

Symptoms:
We were able to configure it so that the Cisco Router WCCP v1 configuration actually registers the Squid Server as a usable Cache Engine. We also traced the GRE connections via the following Linux commands:
-- tethereal -V -s 1500 port 2048
-- tcpdump -lenx -s 1500 port 2048
and we see the "Here I Am" and "I See You" packets and observed the following:
-- the "Here I Am" packets specify that 0 to 255 buckets ARE NOT ASSIGNED.
-- the "I See You" packets specify that 0 to 255 buckets ARE ASSIGNED. Also, we can see the router configuration specifying our squid server registered in the web cache. On the router, using the "show ip wccp" command, we see the counter "Total Packets Redirected" being incremented. When we issue the "show ip wccp web-caches" command, the "Web Cache ID:" parameter displays 0.0.0.0. Also, when we issue the "show ip wccp web-cache view" command, the "WCCP Routers Informed of:" parameter and the "WCCP Cache Engines NOT Visible:" parameter show "-- none --" and "WCCP Cache Engines Visible:" parameter shows the IP address of the squid server (201. 1.1.2). We are unable to issue any debug commands on the router as this is a production router (we have no other router to implement on) and this might make the router hang.

Problems:
-- On the squid server, we see nothing coming through port 80 (using the "tcpdump -n port 80" linux command) eventhough, as mentioned above, we are registered with the Cisco WCCP configuration and the "Total Packets Redirected" is incrementing.
-- We do not see anything being recorded on the squid server's access.log.


Some Questions:
-- Is there a definitive how-to on implementing WCCP v1 on Linux for kernels 2.6.9 and above? -- Has anyone had a successful installtation of Squid 2.5 Stable 11 with WCCPv1 connected to a Cisco router (IOS 12.1 or 12.2) on Fedora Core 3(kernel version 2.6.9 smp)? -- How can we further see that is happening or debug without using the router's debug commands (if there are any other ways)? -- Do we need to switch to WCCP v2 using the patch available from the squid developer site (http://devel.squid-cache.org/projects.html#visolve_wccpv2) in order for Transparent/Interception caching to work? -- Any word on if (or when) full WCCP v2 (with multiple router and multiple cache) will be or has been implemented (either as a patch or part of the distribution)? Will this support load balancing protocols on the router (OSPF, HSRP, VRRP)? -- Just in case anybody knows, how are the access lists implemented with regards to the WCCP v1 setting? I read in one article (http://www.squid-cache.org/Doc/FAQ/FAQ-17.html) that this list should contain IP addresses that should be excluded from transparent caching, or something to that effect (the exact words were "IP addresses which you do not wish to be transparently redirected to your cache"). I just wanted to confirm if this was correct.

We would appreciate any help you could give on the matter.

Thank you and good day.

-- Oliver --


[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux