Re: [squid-users] Squid + SLB + Transparent Mode (policy based routing) (corections to previous email)

From: Valton Hashani <valton@dont-contact.us>
Date: Wed, 25 Feb 2004 14:13:05 +0100

I have tried using WCCP with Cisco 7200 but I had problems opening SSL
pages. Sometimes it worked sometimes not. I tried every possibility (using
different squid directives) to make it work and got various answers from
this mailing list, but I didn't find any stable solution. So I decided to
use policy based routing for tranparent mode. This worked and it is still
working very well.

I have now a solution using Cisco IOS SLB for multi squid-cache servers
working in transparent mode. SLB now is load-balancing only incomming
requests.

This is my setup:

3 squid-cache servers P4 using Linux Gentoo 1.4
RAM 512MB
CPU 2GHz (cache size 512 KB)
2 scsi disks
and

1 Cisco 7200 router

squid interface setup:
I squid machine:
ifconfig eth0 10.0.0.1 netmask 255.255.255.0 broadcast 10.0.0.255
ifconfig eth0:1 <public ip> netmask 255.255.255.29
ifconfig lo <virtual servers ip> netmask 255.255.255.255
default route <outside>
II squid machine:
ifconfig eth0 10.0.0.2 netmask 255.255.255.0 broadcast 10.0.0.255
ifconfig eth0:1 <public ip> netmask 255.255.255.29
ifconfig lo <virtual servers ip> netmask 255.255.255.255
default route <outside>
III squid machine:
ifconfig eth0 10.0.0.3 netmask 255.255.255.0 broadcast 10.0.0.255
ifconfig eth0:1 <public ip> netmask 255.255.255.29
ifconfig lo <virtual servers ip> netmask 255.255.255.255
default route <outside>

CISCO router setup:
ip slb serverfarm HTTP
 predictor leastconns
 real 10.0.0.1
  weight 3
  faildetect numconns 20
  retry 5
  inservice
 real 10.0.0.2
  weight 2
  faildetect numconns 20
  retry 5
  inservice
 real 10.0.0.3
  weight 3
  faildetect numconns 20
  retry 5
  inservice
!
ip slb vserver CACHESERVER
 virtual <virtual ip address> tcp www
 serverfarm HTTP
 inservice
!
interface FastEthernet0/0
 ip address <public ip> 255.255.255.x
 ip information-reply
 duplex full
 arp snap
!
interface FastEthernet1/0
 ip address 10.0.0.254 255.255.255.0
 duplex full
!
and
this is the routing table
Gateway of last resort is <outside> to network 0.0.0.0

     x.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C <subnet> is directly connected, FastEthernet0/0
S <virtual server ip>/32 is directly connected, Null0
     10.0.0.0/24 is subnetted, 1 subnets
C 10.0.0.0 is directly connected, FastEthernet1/0
S* 0.0.0.0/0 [1/0] via <outside>

SLB#

Thank you all for your assistance,

Valton Hashani

----- Original Message -----
From: "Henrik Nordstrom" <hno@squid-cache.org>
To: "Valton Hashani" <valton@ipko.org>
Cc: <squid-users@squid-cache.org>
Sent: Wednesday, February 25, 2004 11:26 AM
Subject: Re: [squid-users] Squid + SLB + Transparent Mode (policy based
routing)

> On Wed, 25 Feb 2004, Valton Hashani wrote:
>
> > Hi all,
> >
> > I am trying to set a configuration for multi squid-cache servers (in
> > transparent mode), load-balanced using Cisco IOS SLB.
>
> If you are running in transparent mode with Cisco routers/switches and
> need load balancing I recommend using WCCP.
>
> Server load balancing is more suited for non-transparent operation.
>
> Regards
> Henrik
>
>
Received on Wed Feb 25 2004 - 06:13:04 MST

This archive was generated by hypermail pre-2.1.9 : Mon Mar 01 2004 - 12:00:03 MST