RE: [squid-users] Problem with WCCP on OpenBSD

From: Raphael Maseko <ralph@dont-contact.us>
Date: Tue, 7 Dec 2004 07:28:19 +0200

Hi Eric,
I have never worked with OpenBSD but a lot with FreeBSD. Is your OpenBSD
using a standard GRE or you have had to "patch" it in? I experienced
something very similar to what you have described on FreeBSD 4.9 and 4.10
when I tried to implement WCCP. I must ad that this used o work fine on
previous versions where we had to put in a patch. I could not get round it
despite following different sets of instructions and the "gre man" on my
system. In fact I had to fallback on LINUX to get my WCCP working.
 
Ralph

-----Original Message-----
From: Eric J Merkel [mailto:merkel@metalink.net]
Sent: Monday, December 06, 2004 10:14 PM
To: Squid
Subject: [squid-users] Problem with WCCP on OpenBSD

I just loaded squid-2.5.STABLE7 on an OpenBSD 3.6 machine. Squid seems to be

working fine when I setup a browser proxy directly to port 3128. However, I
am attempting to setup WCCP on the Cisco router(IOS 12.2) to redirect web
traffic to the Squid cache and have run into a bit of a problem.

The Cisco shows the squid cache is available and is communication with all
the normal HERE_I_AM/I_SEE_YOU messages. The WCCP counters are incrementing
when I try to hit a web site and I see the router is redirecting packets to
the cache but the access.log does not show the requests making it to Squid.

I am assuming that my port 80->3128 redirection or the GRE un-encapsulation
is not happening right.

Here is my PF translation rule:
rdr on fxp0 inet proto tcp from any to any port 80 -> 127.0.0.1 port 3128

I do have "net.inet.ip.forwarding=1" and "net.inet.gre.wccp=1" set. I have
compiled squid with the "enable-pf-transparent" option.

Here is a short snippet from a tcpdump of the router when trying to access a

web site via WCCP.

15:03:08.951713 207.19.167.199.2048 > cache1.metalink.net.2048: udp 64
15:03:19.140050 cache1.metalink.net.2048 > 207.19.167.199.2048: udp 52
15:03:19.141997 207.19.167.199.2048 > cache1.metalink.net.2048: udp 64
15:03:20.131678 gre-proto-0x883e (gre encap)
15:03:23.128623 gre-proto-0x883e (gre encap)
15:03:29.138911 gre-proto-0x883e (gre encap)
15:03:29.160045 cache1.metalink.net.2048 > 207.19.167.199.2048: udp 52
15:03:29.161871 207.19.167.199.2048 > cache1.metalink.net.2048: udp 64

Anyone, have any idea what I missed or am doing wrong?

Thanks in advance!

===
Eric Merkel
MetaLINK Technologies, Inc

-- 
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.290 / Virus Database: 265.4.6 - Release Date: 12/5/2004
 
Received on Mon Dec 06 2004 - 22:26:10 MST

This archive was generated by hypermail pre-2.1.9 : Sat Jan 01 2005 - 12:00:01 MST