I am trying to setup an HTTP-only WCCP v2 redirection via Cisco 2811 router to a Linux-based Squid 2.6 box. The problem is that there is no content showing up in the squid access log, and web connections are slow and often timeout. I have done some research on the net and checked some things that were noted by peoples posts, but I am still a bit stumped. The router shows WCCP status as good in that the router and the cache server see each other, and there appears to be redirection occurring because 'sh ip wccp' on the router shows it, and a tcpdump session on the web cache server sees it. The router and the web cache appliance are layer 2 adjacent to each other, and on the same ip subnet, but the cache server is connected via a Cisco EtherSwitch module installed in the 2811 router, and the clients being redirected to the cache server are hanging off a different ip subnet and different layer 2 segment. I also notice that the wccp2 GRE tunnel I setup on the Linux box shows traffic in only one direction. I suspect that at least part of my problem is that I have setup the GRE tunnel wrong. I also read that WCCP functionality is buggy in various Cisco IOS versions, I have tried to figure out if the IOS version I am using is a buggy one. I attempted to use the same IOS version as is in use on a Cisco WAAS 2811 router, which is 12.4(9) but the closest I could get to that was 12.4(10c) 12.4(15)T3 exhibited the same problems. I have provided information below on my setup, can someone please provide me with some information that can help to figure out what I am doing wrong? ROUTER INFO ------------------------------------------------------------------------ ------------------- Router: Cisco 2811 running c2800nm-advsecurityk9-mz.124-10c WCCP version: 2 #sh ip wccp Global WCCP information: Router information: Router Identifier: <IIP censored> Protocol Version: 2.0 Service Identifier: web-cache Number of Service Group Clients: 1 Number of Service Group Routers: 1 Total Packets s/w Redirected: 4285 Process: 0 Fast: 0 CEF: 4285 Redirect access-list: -none- Total Packets Denied Redirect: 0 Total Packets Unassigned: 0 Group access-list: -none- Total Messages Denied to Group: 0 Total Authentication failures: 0 Total Bypassed Packets Received: 0 Other router configure directives: Clients using cache server on FastEthernet 0/0.1 Squid server is directly connected to FastEthernet 0/2/0 WCCP router config directives: ip wccp web-cache ip wccp web-cache version 2 interface fastethernet0/0.1 ip wccp web-cache redirect in SQUID INFO ------------------------------------------------------------------------ ------------------- Squid platform: CentOS 5.1 on x86_64 Squid version: CentOS bundled RPM which is squid-2.6.STABLE6-5.el5_1.2 Squid is set for transparent mode and to listen on port 80 and port 3128. The host based firewall is disabled, because I don't need redirect to 3128 from 80. (Could this be a problem, do I need iptables mangling of some sort?) squid.conf directives: http_port 80 transparent http_port 3128 transparent wccp2_router <router IP as noted in Cisco sh ip wccp router identifier> wccp2_rebuild_wait on wccp2_forwarding_method 1 wccp2_return_method 1 wccp2_assignment_method 1 wccp2_service standard 0 CENTOS Linux OS INFO ------------------------------------------------------------------------ ------------------- CentOS 5.1 x86_64 on Intel Core 2 Duo Kernel is custom compiled, version 2.6.23 /bin/echo 1 > /proc/sys/net/ipv4/ip_forward /bin/echo 0 > /proc/sys/net/ipv4/conf/default/rp_filter /bin/echo 0 > /proc/sys/net/ipv4/conf/eth0/rp_filter /sbin/modprobe ip_gre /sbin/ip tunnel add wccp2 mode gre remote <ip of Cisco router identifier as listed in the sh ip wccp command> local <same ip as eth0> dev eth0 /sbin/ifconfig wccp2 <same ip as eth0> netmask 255.255.255.255 up ifconfig output from CentOS box: eth0 Link encap:Ethernet HWaddr 00:30:1B:44:7F:11 inet addr:<IP censored> Bcast:<info censored> Mask:255.255.240.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:38474 errors:0 dropped:0 overruns:0 frame:0 TX packets:38245 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:6402032 (6.1 MiB) TX bytes:5488603 (5.2 MiB) Interrupt:19 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b) wccp2 Link encap:UNSPEC HWaddr 0A-0C-20-3C-00-00-00-00-00-00-00-00-00-00-00-00 inet addr:<same ip as eth0> P-t-P:<same ip as eth0> Mask:255.255.255.255 UP POINTOPOINT RUNNING NOARP MTU:1476 Metric:1 RX packets:36330 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:4511404 (4.3 MiB) TX bytes:0 (0.0 b)