On Mon, 25 Feb 2008, Adrian Chadd wrote:
On Mon, Feb 25, 2008, Manoj_Rajkarnikar wrote:
I have much simpler setup working on CentOS x86_64 2.6.23 and cisco
7204VXR IOS version 12.2(46a). squid version 2.6 STABLE17:
Which IOS release specifically? Could you throw me a "show version" ?
Sure..
iris>sh ver
Cisco Internetwork Operating System Software
IOS (tm) 7200 Software (C7200-IK9O3S-M), Version 12.2(46a), RELEASE
SOFTWARE (fc1)
Copyright (c) 1986-2007 by cisco Systems, Inc.
Compiled Thu 12-Jul-07 00:39 by pwade
Image text-base: 0x60008940, data-base: 0x6148E9F0
ROM: System Bootstrap, Version 12.1(20000824:081033)
[dbeazley-cosmos_e_LATEST 101], DEVELOPMENT
SOFTWARE
BOOTLDR: 7200 Software (C7200-BOOT-M), Version 12.0(15)S, EARLY DEPLOYMENT
RELEASE SOFTWARE (fc1
)
iris uptime is 7 weeks, 1 day, 7 hours, 27 minutes
System returned to ROM by power-on
System restarted at 06:15:24 NP Mon Jan 7 2008
System image file is "slot0:c7200-ik9o3s-mz.122-46a.bin"
iris>sh ip wccp
Global WCCP information:
Router information:
Router Identifier: XXX.XXX.XXX.XXX
Protocol Version: 2.0
Service Identifier: web-cache
Number of Cache Engines: 1
Number of routers: 1
Total Packets Redirected: 2016105442
Redirect access-list: SQUID-BYPASS-NEW
Total Packets Denied Redirect: 471709239
Total Packets Unassigned: 79667
Group access-list: -none-
Total Messages Denied to Group: 0
Total Authentication failures: 0
I'll start a wiki page with "known good" versions of IOS that work with
Squid.
(And those of you who are running Squid+WCCPv2, please fire off your
"show version" and "show ip wccp" related outputs so I can update
the list.)
Thanks!
Adrian
* recompile kernel with CONFIG_NET_IPGRE=m
* compile squid with wccpv2 support
* setup gre0 interface with some unused private IP assigned to it
* intercept in iptables :-
iptables -t nat -A PREROUTING -i gre0 -p tcp -m tcp --dport 80 -j REDIRECT
--to-port 3128
As Henrik suggested me during this setup, IPGRE module in kernel
automatically decapsulates the gre packets on the gre0 interface and it
has been doing it so far.
gre0 Link encap:UNSPEC HWaddr
00-00-00-00-FF-F8-00-00-00-00-00-00-00-00-00-00
inet addr:192.168.172.2 Mask:255.255.255.252
UP RUNNING NOARP MTU:1476 Metric:1
RX packets:1970129052 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:3666 dropped:0 overruns:0 carrier:0
collisions:3666 txqueuelen:0
RX bytes:305795313631 (284.7 GiB) TX bytes:0 (0.0 b)
[root@dns2 ~]# cat /etc/sysconfig/network-scripts/ifcfg-gre0
DEVICE=gre0
BOOTPROTO=static
BROADCAST=192.168.172.3
IPADDR=192.168.172.2
NETMASK=255.255.255.252
NETWORK=192.168.172.0
ONBOOT=yes
TYPE=Ethernet
This setup has been working nicely for me.
Manoj
Adrian
--
--
