Search squid archive

RE: squid + wccp

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Thank you for your reply. iptables -t nat -L now shows the entry

Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination
REDIRECT   tcp  --  anywhere             anywhere            tcp dpt:http
redir ports 3128

Cache.log is showing wccp2 configured properly

2009/02/08 09:10:00| Accepting transparently proxied HTTP connections at
192.168.114.15, port 3128, FD 14.
2009/02/08 09:10:00| HTCP Disabled.
2009/02/08 09:10:00| Accepting WCCPv2 messages on port 2048, FD 15.
2009/02/08 09:10:00| Initialising all WCCPv2 lists
2009/02/08 09:10:00| Ready to serve requests.


Regards,

Ramzi


-----Original Message-----
From: Amos Jeffries [mailto:squid3@xxxxxxxxxxxxx] 
Sent: Sunday, February 08, 2009 2:39 PM
To: rabdallah@xxxxxxxxx
Cc: squid-users@xxxxxxxxxxxxxxx
Subject: Re:  squid + wccp

Ramzi Abdallah wrote:
> I am trying with no luck to setup squid Version 3.0.STABLE10 (Fedora core
9)
> with wccp2. The configuration seems to be ok at least this is what the
debug
> logs are showing however squid does not receive any traffic. I tested
squid
> by pointing the browser to its IP and it works fine.
> 
> GRE tunnel and iptables configuration:
> --------------------------------------
> ip tunnel add wccp0 mode gre remote 192.168.114.250 local 192.168.114.15
dev
> eth0
> ip addr add 192.168.114.15/32 dev wccp0
> ip link set wccp0 up
> 
> iptables -t nat -A PREROUTING -i wccp0 -p tcp -m tcp --dport 80 -j
REDIRECT
> --to-port 3128
> 
> 
> for some reason iptables -L is not showing anything

iptables by default shows "-t filter"

try: iptables -t nat -L


> 
> squid configuration:
> -------------------
> http_port 192.168.114.15:3128 transparent
> wccp2_router 192.168.114.250
> wccp2_forwarding_method 1
> wccp2_return_method 1
> wccp2_service standard 0
> 
> 
> GRE tunnel on the squid server
> -------------------------------
> wccp0     Link encap:UNSPEC  HWaddr
> C0-A8-72-0F-62-00-F4-3F-00-00-00-00-00-00-00-00
>           inet addr:192.168.114.15  P-t-P:192.168.114.15
> Mask:255.255.255.255
>           UP POINTOPOINT RUNNING NOARP  MTU:1476  Metric:1
>           RX packets:898 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:0
>           RX bytes:36632 (35.7 KiB)  TX bytes:0 (0.0 b)
> 
> tcpdump output
> --------------
> [root@mail ~]# tcpdump -i wccp0
> tcpdump: WARNING: arptype 778 not supported by libpcap - falling back to
> cooked socket
> tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
> listening on wccp0, link-type LINUX_SLL (Linux cooked), capture size 96
> bytes
> 12:55:08.548572 IP 192.168.114.24.58324 > 216.239.59.99.http: S
> 1289957374:1289957374(0) win 8192 <mss 1460,nop,wscale 2,nop,nop,sackOK>
> 12:55:11.528111 IP 192.168.114.24.58324 > 216.239.59.99.http: S
> 1289957374:1289957374(0) win 8192 <mss 1460,nop,wscale 2,nop,nop,sackOK>
> 12:55:17.530878 IP 192.168.114.24.58324 > 216.239.59.99.http: S
> 1289957374:1289957374(0) win 8192 <mss 1460,nop,nop,sackOK>
> 12:55:29.537282 IP 192.168.114.24.58325 > 216.239.59.103.http: S
> 3738044508:3738044508(0) win 8192 <mss 1460,nop,wscale 2,nop,nop,sackOK>
> 12:55:32.530428 IP 192.168.114.24.58325 > 216.239.59.103.http: S
> 3738044508:3738044508(0) win 8192 <mss 1460,nop,wscale 2,nop,nop,sackOK>
> 12:55:38.535350 IP 192.168.114.24.58325 > 216.239.59.103.http: S
> 3738044508:3738044508(0) win 8192 <mss 1460,nop,nop,sackOK>
> 12:55:50.547796 IP 192.168.114.24.58326 > 216.239.59.104.http: S
> 1946578578:1946578578(0) win 8192 <mss 1460,nop,wscale 2,nop,nop,sackOK>
> 12:55:53.558196 IP 192.168.114.24.58326 > 216.239.59.104.http: S
> 1946578578:1946578578(0) win 8192 <mss 1460,nop,wscale 2,nop,nop,sackOK>
> 12:55:59.580059 IP 192.168.114.24.58326 > 216.239.59.104.http: S
> 1946578578:1946578578(0) win 8192 <mss 1460,nop,nop,sackOK>
> 12:56:11.576625 IP 192.168.114.24.58334 > gv-in-f147.google.com.http: S
> 2444367043:2444367043(0) win 8192 <mss 1460,nop,wscale 2,nop,nop,sackOK>
> 12:56:14.587049 IP 192.168.114.24.58334 > gv-in-f147.google.com.http: S
> 2444367043:2444367043(0) win 8192 <mss 1460,nop,wscale 2,nop,nop,sackOK>
> 
> Cisco Router configuration
> --------------------------
> gatekeeper#sh ver
> Cisco Internetwork Operating System Software
> IOS (tm) C2600 Software (C2600-IK9O3S3-M), Version 12.3(18), RELEASE
> SOFTWARE (fc3)
> Technical Support: http://www.cisco.com/techsupport
> Copyright (c) 1986-2006 by cisco Systems, Inc.
> Compiled Wed 15-Mar-06 14:16 by dchih
> Image text-base: 0x80008098, data-base: 0x81A0888C
> 
> ROM: System Bootstrap, Version 12.1(3r)T2, RELEASE SOFTWARE (fc1)
> ROM: C2600 Software (C2600-IK9O3S3-M), Version 12.3(18), RELEASE SOFTWARE
> (fc3)
> 
> gatekeeper uptime is 10 hours, 43 minutes
> System returned to ROM by reload at 02:43:47 GMT Sun Feb 8 2009
> System restarted at 02:46:30 GMT Sun Feb 8 2009
> System image file is "flash:c2600-ik9o3s3-mz.123-18.bin"
> 
> 
> interface FastEthernet0/0
>  description Office LAN
>  ip address 192.168.114.250 255.255.255.0
>  ip wccp web-cache redirect in
>  ip nat inside
>  ip nbar protocol-discovery
>  ip route-cache flow
>  duplex auto
>  speed auto
> 
> 
> gatekeeper#sh ip wccp
> Global WCCP information:
>     Router information:
>         Router Identifier:                   192.168.114.250
>         Protocol Version:                    2.0
> 
>     Service Identifier: web-cache
>         Number of Cache Engines:             1
>         Number of routers:                   1
>         Total Packets Redirected:            30
>         Redirect access-list:                -none-
>         Total Packets Denied Redirect:       0
>         Total Packets Unassigned:            0
>         Group access-list:                   -none-
>         Total Messages Denied to Group:      0
>         Total Authentication failures:       0
> 
> ----
> gatekeeper#sh ip wccp web-cache detail
> WCCP Cache-Engine information:
>         Web Cache ID:          192.168.114.15
>         Protocol Version:      2.0
>         State:                 Usable
>         Initial Hash Info:     00000000000000000000000000000000
>                                00000000000000000000000000000000
>         Assigned Hash Info:    FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
>                                FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
>         Hash Allotment:        256 (100.00%)
>         Packets Redirected:    30
>         Connect Time:          04:21:48
> 
> 
> Router wccp debug
> 
> .Feb  7 21:11:09.541: WCCP-PKT:S00: Sending I_See_You packet to
> 192.168.114.15 w/ rcv_id 00000377
> .Feb  7 21:11:19.550: WCCP-PKT:S00: Received valid Here_I_Am packet from
> 192.168.114.15 w/rcv_id 00000377
> .Feb  7 21:11:19.550: WCCP-PKT:S00: Sending I_See_You packet to
> 192.168.114.15 w/ rcv_id 00000378
> .Feb  7 21:11:29.558: WCCP-PKT:S00: Received valid Here_I_Am packet from
> 192.168.114.15 w/rcv_id 00000378
> .Feb  7 21:11:29.558: WCCP-PKT:S00: Sending I_See_You packet to
> 192.168.114.15 w/ rcv_id 00000379
> .Feb  7 21:11:39.567: WCCP-PKT:S00: Received valid Here_I_Am packet from
> 192.168.114.15 w/rcv_id 00000379

Does the squid cache.log show anything similar?


Amos
-- 
Please be using
   Current Stable Squid 2.7.STABLE6 or 3.0.STABLE13
   Current Beta Squid 3.1.0.5
[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux