Hello Daniel Epee Lea, Regarding: 2- for ip tables -A PREROUTING -s My_Network/20 -d ! My_Network/20 - i gre0 -p tcp -m tcp --dport 80 -j DNAT --to-destination my_cache_server_IP:3128 If the http traffic is very high, is it possible that DNAT can be a bottle neck? Coz I have tried something like this and I could not find any performance improvement by using proxy. Rather the performance degraded. May be something in squid configuration is wrong. Please suggest. Thanks. Regards Devel. -----Original Message----- From: Daniel EPEE LEA [mailto:epeelea@xxxxxxxxx] Sent: Wednesday, March 15, 2006 1:11 PM To: Ryan Sumida Cc: Kamel A. Baba; squid-users@xxxxxxxxxxxxxxx Subject: Re: Transparent caching problem Kamel, I used 1- For gre tunned, after loading ip_gre module at startup, I have this gre interface. You can copie it exactly the IP address in there doesn't matter. [root@cachedla network-scripts]# cat ifcfg-gre0 DEVICE=gre0 BOOTPROTO=static IPADDR=172.16.1.6 NETMASK=255.255.255.252 ONBOOT=yes IPV6INIT=no and 2- for ip tables -A PREROUTING -s My_Network/20 -d ! My_Network/20 -i gre0 -p tcp -m tcp --dport 80 -j DNAT --to-destination my_cache_server_IP:3128 This is where I was mistaken, after doing this it worked!! 3- Make sure your /etc/sysctl.conf is allright too # Controls IP packet forwarding net.ipv4.ip_forward = 1 # Controls source route verification net.ipv4.conf.default.rp_filter = 0 For more details on IP tables and GRE, please check these links ;) http://www.reub.net/node/3 http://www.squid-cache.org/mail-archive/squid-users/200510/0027.html Hope this helps, -- -------------------------- Daniel Epee Lea -- No virus found in this incoming message. Checked by AVG Free Edition. Version: 7.1.385 / Virus Database: 268.2.3/281 - Release Date: 3/14/2006 -- No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.1.385 / Virus Database: 268.2.3/281 - Release Date: 3/14/2006
