> Hi,
> Our proxy/wccp setup has been working fine for a number of years now.
> For some reason, it has stopped working today, without anything changed at
> all.
> What I have managed to find out from tcpdump and debug logs, is the
> following :
> 12:17:43.601737 eth0 < gre-proto-0x883E (gre encap)
> 12:17:43.602104 eth0 < gre-proto-0x883E (gre encap)
> 12:17:43.611881 eth0 < gre-proto-0x883E (gre encap)
> 12:17:43.615020 eth0 < gre-proto-0x883E (gre encap)
> 12:17:43.642575 eth0 < gre-proto-0x883E (gre encap)
> Tcpdump output above then i came across
> 12:13:47.042691 eth0 > dialup.sx.com.au > gw1.mel.satlink.net.au: icmp:
> dialup.sx.com.au protocol 47 unreachable [tos 0xc0]
> Why would it be saying unreachable on port 47?
> I have my browser settings set to our proxy IP along with the port and it
> just sits there, then times out.
can't help you much re: failure.
what the above shows doesn't have much to do with wccp. it's just
someone tunneling gre, rfc1853 style. perhaps you have a specific deny
acl or just a default deny all statement, but one of your boxes is
returning an icmp 3/0 to the source ip that indicates the destination
was unreachable for that packet. Please note it is NOT "port" 47.
GRE is a separate protocol, like udp is to icmp. generic routing
encapsulation. ports are an abstraction of a transport, like tcp.
protocol numbers define transports. icmp, tcp, udp, etc.
i'm no ninja, but i don't think that traffic has anything to do with
wccp problems...
rgdz
Received on Mon Aug 06 2001 - 01:53:30 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:01:29 MST