Hello Amos
Thanks for your reply.I don't think I explained my problem well
With wccp gre redirection, when the tcp syn reaches the cisco router that is set up for wccp redirection , it redirects it to the CE using wccp gre. Squid will respond with syn-ack and send it back to the router again via wccp-gre. However this is not happening. it sends it back using regular Gre (same as wccp-gre but with no wccp header)
Please refer to my attached capture .I need to get squid to put that wccp header on the return packet.In squid.conf I already specified gre return.
Are you saying squid (too!) cannot do gre return for return traffic and does normal ip forwarding?
I got squid version 3 running on ubuntu.
Thanks and regards
Yogesh Gawankar
Yogesh Gawankar
On Sunday, November 2, 2014 6:52 AM, Amos Jeffries <squid3@xxxxxxxxxxxxx> wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 2/11/2014 7:05 a.m., Yogesh Gawankar wrote:
> Hello
>
>
> I am trying to get squid to send return traffic to the cisco
> router via a gre tunnel. I am observing that squid returns traffic
> in gre tunnel this is ip in ip gre not wccp-gre . The firewall is
> dropping this packet as expected. I have gone through many posts
> online so kindly respond if you know how to get it to send return
> traffic via wccp-gre (not standard gre) or if you had any
> suggestions for me in terms of linux kernel change.
WCCP-GRE is for transmitting WCCP protocol control packets informing
the router whether the proxy is still available or not. That is all.
The HTTP traffic from router to Squid (wccp_forwarding_method) goes
through the GRE as if it were regular GRE.
The HTTP traffic from Squid to router (wccp_return_method and regular
Squid->Internet connections) is normal traffic and needs routing as
such instead of dropping or diverting back towards Squid.
Amos
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (MingW32)
iQEcBAEBAgAGBQJUVYcUAAoJELJo5wb/XPRjYAwH/RQXc3S7bH5w/5lYdLyYRQ/H
Y2GT88IdeM8gz067OMkGR7lTwzIMK4EVmb9GEQJYhLNznZB8hFDYnNDmSL3spB9F
mxHYZ4BVlDTlMLi4qHf05mrpsdEodrhF9A3H8YmzXLWHx5sxyukLfR/R7UJlP14K
S9xZa3KhKE/SERNM8iwPggNdtzdjrBhs6U2AUhmpeNjEgEiOgkgT7XRm724hMj21
9CH5kgGt4qiE5plPfSqTdyiJSBbQF5NL50g8/NSrQ4bRilTD9Fdf+kVRoSnscrAF
ViQKzc5L8s+3YMmVmXyynM0s4YPy5bj9Qgqi5nWjQG9gSBRLeedsyK1rdlcQmbQ=
=CQHA
-----END PGP SIGNATURE-----
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
Hash: SHA1
On 2/11/2014 7:05 a.m., Yogesh Gawankar wrote:
> Hello
>
>
> I am trying to get squid to send return traffic to the cisco
> router via a gre tunnel. I am observing that squid returns traffic
> in gre tunnel this is ip in ip gre not wccp-gre . The firewall is
> dropping this packet as expected. I have gone through many posts
> online so kindly respond if you know how to get it to send return
> traffic via wccp-gre (not standard gre) or if you had any
> suggestions for me in terms of linux kernel change.
WCCP-GRE is for transmitting WCCP protocol control packets informing
the router whether the proxy is still available or not. That is all.
The HTTP traffic from router to Squid (wccp_forwarding_method) goes
through the GRE as if it were regular GRE.
The HTTP traffic from Squid to router (wccp_return_method and regular
Squid->Internet connections) is normal traffic and needs routing as
such instead of dropping or diverting back towards Squid.
Amos
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (MingW32)
iQEcBAEBAgAGBQJUVYcUAAoJELJo5wb/XPRjYAwH/RQXc3S7bH5w/5lYdLyYRQ/H
Y2GT88IdeM8gz067OMkGR7lTwzIMK4EVmb9GEQJYhLNznZB8hFDYnNDmSL3spB9F
mxHYZ4BVlDTlMLi4qHf05mrpsdEodrhF9A3H8YmzXLWHx5sxyukLfR/R7UJlP14K
S9xZa3KhKE/SERNM8iwPggNdtzdjrBhs6U2AUhmpeNjEgEiOgkgT7XRm724hMj21
9CH5kgGt4qiE5plPfSqTdyiJSBbQF5NL50g8/NSrQ4bRilTD9Fdf+kVRoSnscrAF
ViQKzc5L8s+3YMmVmXyynM0s4YPy5bj9Qgqi5nWjQG9gSBRLeedsyK1rdlcQmbQ=
=CQHA
-----END PGP SIGNATURE-----
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
Attachment:
Sample.pcap
Description: Binary data
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
