Search squid archive

RE: wccp working config example

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Amos.

Thank you very much, it started working, i was missing the 'iptables -t
nat -A POSTROUTING -j MASQUERADE'... what is the purpose of that?

And regarding the output of iptables -t filter -L *:

iptables: No chain/target/match by that name

Should the output be other?

Best regards and many many many many many many many thanks!
Nuno Silva


-----Mensagem original-----
De: Amos Jeffries [mailto:squid3@xxxxxxxxxxxxx] 
Enviada: quarta-feira, 10 de Setembro de 2008 9:41
Para: Nuno Silva
Cc: Dan Letkeman; squid-users
Assunto: Re:  wccp working config example

Nuno Silva wrote:
> Hi there Dan.
> 
>  
> 
> I'm having the same problem, i have read many diferent 'recipes' to
put 
> wcccpv2 working on squid, but nothing yet.
> 
> In all posts I read, i done everything, ipforward set to 1, gre
tunnel, 
> iptables, and the only thing I can see is the browser message saying 
> that the server is taking too long to respond
> 
>  
> 
> router#*sh ip wccp*
> 
> Global WCCP information:
> 
>     Router information:
> 
>         Router Identifier:                   194.xxx.xxx.xxx
> 
>         Protocol Version:                    2.0
> 
>  
> 
>     Service Identifier: web-cache
> 
>         Number of Cache Engines:             1
> 
>         Number of routers:                   1
> 
>         *_Total Packets Redirected:            1168_*
> 
>         Redirect access-list:                wccp-redirect
> 
>         Total Packets Denied Redirect:       51649
> 
>         Total Packets Unassigned:            11
> 
>         Group access-list:                   -none-
> 
>         Total Messages Denied to Group:      0
> 
>         Total Authentication failures:       0
> 
>         Total Bypassed Packets Received:     0
> 
>  
> 
> When the packets start to be redirect to the squid, I start getting 
> delays...the the failing message L
> 
>  
> 
> On the Squid side, monitoring the gre1 tunnel, I can see incoming
traffic:
> 
>  
> 
> gre1      Link encap:UNSPEC  HWaddr 
> C2-41-97-F9-00-00-00-00-00-00-00-00-00-00-00-00 
> 
>           inet addr:127.0.0.2  P-t-P:127.0.0.2  Mask:255.255.255.255
> 
>           UP POINTOPOINT RUNNING NOARP  MTU:1476  Metric:1
> 
>           *RX packets:38903* errors:0 dropped:0 overruns:0 frame:0
> 
>           TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
> 
>           collisions:0 txqueuelen:0
> 
>           *RX bytes:5151686* (4.9 MiB)  TX bytes:0 (0.0 b)
> 
>  
> 
>  
> 
> *squid:/home/pp# iptables -t nat -L*
> 
> Chain PREROUTING (policy ACCEPT)
> 
> target     prot opt source               destination        
> 
> REDIRECT   tcp  --  anywhere             anywhere            tcp
dpt:www 
> redir ports 3128
> 
> REDIRECT   tcp  --  anywhere             anywhere            tcp 
> dpt:webcache redir ports 3128
> 
> REDIRECT   tcp  --  anywhere             anywhere            tcp 
> dpt:8000 redir ports 3128
> 
>  
> 
> Chain POSTROUTING (policy ACCEPT)
> 
> target     prot opt source               destination        
> 
>  
> 
> Chain OUTPUT (policy ACCEPT)
> 
> target     prot opt source               destination        
> 
>  
> 

Try adding this to iptables:

iptables -t nat -A POSTROUTING -j MASQUERADE


also what is the status of these as relating to web traffic to/from
squid:
  iptables -t filter -L *


Thing to look out for in Nuno's problem is traffic from the squid box 
being redirected back at itself anywhere down the chain. In squid box 
iptables and also the cisco box.

Amos

> 
>  
> 
> I need held to find out what's wrong!
> 
> Router info:
> 
> IOS Software, 7200 Software (C7200-P-M), Version 12.2(25)S5, RELEASE 
> SOFTWARE (fc1)
> 
>  
> 
>  
> 
>  
> 
>  
> 
>  
> 
>  
> 
> -----Mensagem original-----
> De: Amos Jeffries [mailto:squid3@xxxxxxxxxxxxx]
> Enviada: quarta-feira, 10 de Setembro de 2008 3:48
> Para: Dan Letkeman
> Cc: squid-users
> Assunto: Re:  wccp working config example
> 
>  
> 
>  > Hello,
> 
>  > 
> 
>  > I have spent all day working on trying to get a working wccp config
> 
>  > with squid and a 2811 router running (C2800NM-ADVENTERPRISEK9-M),
> 
>  > Version 12.4(21)
> 
>  > 
> 
>  > I have had it working before with a 2621 router running a 12.3 ios.
> 
>  > 
> 
>  > I have read about 20 different posts/blogs with various different
> 
>  > instructions.  If anyone has any configuration example or
instruction
> 
>  > list that is complete for a certain version of squid/linux/ios I
would
> 
>  > like to give it a try.
> 
>  
> 
> WCCP is a little tricky as there are three parts to the config and all
> 
> three are completely interchangeable depending on the hardware and
squid
> 
> release involved.
> 
>  
> 
> We are building a section in the config examples wiki pages to help
> 
> though.  http://wiki.squid-cache.org/ConfigExamples/Intercept
> 
> The two pieces currently there already for WCCPv2 combine to a working
> 
> config Cisco->FreeBSD for reference. Some older examples not yet
checked
> 
> and cleaned up are in http://wiki.squid-cache.org/ConfigExamples with
Wccp
> 
> in their names.
> 
>  
> 
> If you get the config for your router going I'd be interested in
adding
> 
> the bits for future reference.
> 
>  
> 
> Amos
> 
>  
> 
>  
> 
>  
> 
>  
> 
> No virus found in this incoming message.
> 
> Checked by AVG - http://www.avg.com
> 
> Version: 8.0.169 / Virus Database: 270.6.19/1663 - Release Date: 
> 09-09-2008 19:04
> 


-- 
Please use Squid 2.7.STABLE4 or 3.0.STABLE8


No virus found in this incoming message.
Checked by AVG - http://www.avg.com 
Version: 8.0.169 / Virus Database: 270.6.19/1663 - Release Date:
09-09-2008 19:04
[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux