Think iptables, instead.
There is a bug in most versions of ipchains for kernel 2.4 that leads to
extreme CPU usage even under very moderate redirection load. I seem to
recall Henrik vaguely hinted that this might have been fixed in some
recent kernel revision, so maybe you'll be alright. But iptables is
superior in many ways for other reasons.
Mark Eanes wrote:
> Your explanation is much clearer. Working on the ipchains redirect now. Will let you know when it is completed and tested.
>
> Thank you very much!!
>
> Mark
>
>
>>>>Joe Cooper <joe@swelltech.com> 07/19/02 03:16PM >>>
>>>
> You're misreading the FAQ, or the FAQ is not clear enough on this point.
> Squid cannot do anything with packets that do not get to it. The
> redirection still has to happen using iptables/ipchains, regardless of
> your method of getting packets to the cache machine (i.e. WCCP, policy
> routing, L4/L7, etc.).
-- Joe Cooper <joe@swelltech.com> Web caching appliances and support. http://www.swelltech.comReceived on Fri Jul 19 2002 - 14:42:23 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:09:18 MST