RE: [squid-users] Re. Squid 2.5 with WCCP2 (on Redhat 9)

I have successfully applied the wccpv2.patch from:

http://squid.visolve.com/developments/wccpv2.htm

... To the latest Squid 2.5 Stable tarball.

This allows Squid to register itself with a target router (e.g. I_See_You
and Here_I_Am packets), but doesn't perform (de-)encapsulation of redirected
packets - that has to be carried out by the kernel.

For that I applied the ip_wccp-2_4_18.patch from:
http://squid.visolve.com/developments/wccpv2.htm

...To a 2.4.18 kernel

The GRE tunnel is not a standard GRE but modified as per the WCCP standard -
you don't set up the tunnel explicitly - loading the WCCP module and setting
an appropriate iptables PREROUTING rule from port 80 to 3128 (or whatever)
will allow the module to catch and decapsulate the incoming packets before
passing them to Squid.

Don't get too carried away with the "v2" on the end of the wccp references -
this just provides v1 functionality using v2 packet format and hello
protocol. In fact I think that the v1 implementation is more stable for
doing the same job.

Regards

Phil DG

> -----Original Message-----
> From: Simon Vella [mailto:svella@maltanet.net]
> Sent: 21 October 2003 10:11
> To: squid-users@squid-cache.org
> Subject: [squid-users] Re. Squid 2.5 with WCCP2 (on Redhat 9)
>
>
> Hi,
>
> We're trying to set up Squid 2.5 with WCCPv2 (on a Redhat 9
> server). From all the docs we found, we hardly found any info
> on WCCP2 with Squid. The only info is that found with the
> patch for Squid for WCCP2.
>
> Could you please clarify some questions?
> a) The WCCPv2 patch (found at
> http://www.swelltech.com/pengies/joe/patches/squid-2.2.wccp2.p
atch) should work with Squid 2.5, right? Is there another patch for Squid
2.5 to support WCCPv2?
b) The WCCPv2 patch for Squid makes squid talk WCCPv2 with the routers. So
why do we need the ip_wccp.o module for the kernel?
c) The Cisco router (when it has a cache in its WCCP table) sets up a GRE
tunnel with the Squid box. As such, we need the kernel to support GRE
tunneling, and we need to setup the GRE tunnel from the Linux side too,
right? Also, the linux box must be set up to forward packets.
d) The Linux box must be set up to use ip_tables to redirect the HTTP
requests received through the GRE tunnel, to the squid port (8080 in our
case). The destination IP is not changed, so does the Squid still accept the
HTTP packet because it is set in HTTP_accelerator mode?

Hope someone finds time to answer my long email :)

10x

Simon Vella

________________________________________________________________________
This e-mail has been scanned for all viruses by Star Internet. The service
is powered by MessageLabs. For more information on a proactive anti-virus
service working around the clock, around the globe, visit:
http://www.star.net.uk
________________________________________________________________________

Confidentiality Notice
This communication and the information it contains:
(a) is intended for the person(s) or Organisation(s) named above and for no other persons or organisations and,
(b) may be confidential, legally privileged and protected by law.
Unauthorised use, copying or disclosure of any of it may be unlawful.
When addressed to our clients any opinions or advice contained in this e-mail are subject to CCRE's terms and conditions of business notified to the client or expressed in the governing client engagement letter.
If you receive this communication in error, please notify us immediately, destroy any copies and delete it from your computer system.
Received on Tue Oct 21 2003 - 04:51:51 MDT