Search squid archive

Re: WCCP / no return traffic on gre interface

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Wow. Thanks Henrik!  This is the command that got it going:
echo 0 >/proc/sys/net/ipv4/conf/gre1/rp_filter

I thought for sure that I had run across documentation that told me to
enable rp_filter.  Oh, it's working now.  Now on the WCCPv2....

When I try enabling version 2 I get the following error while sniffing
my external interface:

15:17:12.108896 IP 150.125.125.185 > 150.125.127.142: ICMP
150.125.125.185 protocol 47 port 34878 unreachable, length 84

(150.125.127.142 is the automatic router ID that is displayed under: sh ip wccp)

The only that has changed in squid is commenting out wccp_router
150.125.125.186 and adding the following lines:
wccp2_router 150.125.125.186
#wccp2_version 4
wccp2_rebuild_wait on
wccp2_forwarding_method 1
wccp2_return_method 1
wccp2_assignment_method 1
wccp2_service standard 0
wccp2_weight 10000

Any thoughts?

Thanks again,

-- Chad
On 5/9/07, Henrik Nordstrom <henrik@xxxxxxxxxxxxxxxxxxx> wrote:
ons 2007-05-09 klockan 08:48 -0400 skrev Chad Harrelson:
> Hello list,
>   I am still battling WCCP...  My ultimate goal is to get WCCPv2
> functioning properly on a RHEL5 box (squid-2.6.STABLE6-3.el5)
> 2.6.18-8.el5xen -- connected to a Cisco 7600 (with SUP 720) ISO
> 12.2(18).  Since I am having no luck with WCCPv2 I have been using v1.
>  I have gotten as far as seeing http traffic leaving my gre interface
> but I do not see that same traffic on eth0 (my external interface) and
> of course the packets do not reach the destination.  Here are my
> relavant configs:
>
> modprobe ip_gre
> iptunnel add gre1 mode gre remote 150.125.125.186 local
> 150.125.125.185 dev eth0
> ifconfig gre1  150.125.125.187 netmask 255.255.255.248 up    (I have
> tried many variations on IP addresses here. Having a real routable IP
> is the only I can avoid seeing ICMP proto 47 unreachable errors on
> eth0)

You also need to disable rp_filter, and set up iptables interception
rules. See the FAQ.

http://wiki.squid-cache.org/SquidFaq/InterceptionProxy#head-a7fed84c39e23407b93737da0815d1e6ed926a4f

http://wiki.squid-cache.org/SquidFaq/InterceptionProxy#head-935dbe4ef8ea8e21c1e04cc7753a09095c0d8285

http://wiki.squid-cache.org/SquidFaq/InterceptionProxy#head-1baf52754892d9355e3aa292dd70d96d74608b9b

Regards
Henrik



[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux