OS: CentOS 5,5, 2.6.18-194.26.1.el5
Squid 2.6.STABLE21 (from repo, with --enable-wccpv2 options)
Cisco 7201 (Cisco IOS Software, 7200 Software (C7200P-IK91S-M),
Version 12.2(31)SB17, RELEASE SOFTWARE (fc1), image file
c7200p-ik91s-mz.122-31.SB17.bin)
I can not configure a transparent proxy.
I hereby make the following:
Cisco 7201
----------------------------------------
...
ip wccp web-cache redirect-list PROXY
...
interface GigabitEthernet0/0
ip address ...
ip nat outside
...
interface GigabitEthernet0/1
no ip address
interface GigabitEthernet0/1.100
encapsulation dot1Q 100
ip unnumbered Loopback3
no ip unreachables
ip wccp web-cache redirect out
ip nat inside
...
ip access-list extended PROXY
deny ip host 192.168.2.2 any
deny ip 192.168.1.0 0.0.0.255 192.168.0.0 0.000.255.255
permit tcp 192.168.1.0 0.0.0.255 any eq www
deny ip any any
...
----------------------------------------
squid.conf
----------------------------------------
wccp2_router 192.168.255.250 (loopback on C7201)
wccp2_address 192.168.2.2
wccp2_forwarding_method 1
wccp2_return_method 1
...
----------------------------------------
GRE-tunnel script
----------------------------------------
#!/bin/sh
ip tunnel add lnk0 mode gre remote 192.168.255.250 local 192.168.2.2 dev eth0
ifconfig lnk0 11.22.33.44 up
/sbin/iptables -t nat -A PREROUTING -i lnk0 -p tcp --dport 80 -j DNAT
--to-destination 192.168.2.2:3128
echo 1 > /proc/sys/net/ipv4/ip_forward
echo 0 > /proc/sys/net/ipv4/conf/default/rp_filter
echo 0 > /proc/sys/net/ipv4/conf/all/rp_filter
echo 0 > /proc/sys/net/ipv4/conf/lo/rp_filter
echo 0 > /proc/sys/net/ipv4/conf/$IF_MAIN/rp_filter
echo 0 > /proc/sys/net/ipv4/conf/$IF_PTP/rp_filter
----------------------------------------
Cisco info
----------------------------------------
#show ip wccp web-cache
Global WCCP information:
Router information:
Router Identifier: 192.168.255.250 (loopback)
Protocol Version: 2.0
Service Identifier: web-cache
Number of Cache Engines: 0
Number of routers: 0
Total Packets Redirected: 0
Redirect access-list: PROXY
Total Packets Denied Redirect: 0
Total Packets Unassigned: 0
Group access-list: -none-
Total Messages Denied to Group: 0
Total Authentication failures: 0
Total Bypassed Packets Received: 0
#show ip wccp web-cache detail
WCCP Cache-Engine information:
Web Cache ID: 192.168.2.2
Protocol Version: 2.0
State: NOT Usable
Redirection: L2
Packet Return: L2
Packets Redirected: 0
Connect Time: 00:00:21
Assignment: MASK
#show ip wccp web-cache view
WCCP Routers Informed of:
-none-
WCCP Cache Engines Visible:
192.168.2.2
WCCP Cache Engines NOT Visible:
-none-
----------------------------------------
Based on the results 'show ip wccp', Cisco does not see the Squid, as
cache-engine.
Advise what I need to fix it?
--
WBR, Alibek
