On Fri, 23 Sep 2011 16:49:24 +0530, benjamin fernandis wrote:
Hi All,
I am trying to deploy squid with existing network for cache gain and
tproxy feature.I configured squid properly there is no error.I can
see
traffic in access.log and iptables tproxy rule but at end users end
they are getting squid error page with request time out.
What could be the mistake behind this problem.?
Is there anything remaining in squid?
It has recently been brought to my attentino that the rp_filter system
underwent a re-designe in kernel 2.6.32 and what we had in the wiki is
doing the opposite (strict blocking) of what we wanted (loose checks
default, none on the interface). Check your rp_filter values they should
be "2" now where previously we were advising "1", and "0" on the
interface where TPROXY is happening.
reference : http://wiki.squid-cache.org/Features/Tproxy4
squid version: 3.1.15
os : fedora 15
Squid in network:
ROUTER ------------> PBR CONFIGURATION ( FOR port 80 traffic
pass to squid from bandwith shapper , for port 80 traffic pass
internet to squid)
|
|
SWITCH
| |
| | -----SQUID BOX
|
BANDWITH
SHAPPER
|
|
END USERS
Kindly guide me to solve this abnormal problem.
Thanks,
Benjamin
