Re: [squid-users] WCCP + squid 2.5-STABLE7 + linux 2.6.10 from Ronny on 2005-02-23 (squid-users)

From: Ronny <ronny@dont-contact.us>
Date: Thu, 24 Feb 2005 09:29:16 +0300

Something confusing the iptables and me. Intercepting twice on the same
logical interface is new to me.But have a question when you sniff with
tcpdump or ethereal from squid box do you see any http,something like
09:25:58.639520 sportsmed.starwave.com.http > x.x.x.x.50180: P
1048:1691(643) ack 1 win 6948 <nop,nop,timestamp 230665 2075643717> (DF)
09:25:58.645161 wirelessproxy.espn.go.com.http > x.x.x.x.x.50140: P
11312:11792(480) ack 1
But think it's a firewall thing mixed up with interfaces but all seems
ok with squid-->cisco talk.
Ronny
Jesse Guardiani wrote:

>Hello,
>
>Does anyone have WCCP v1 *or* v2 working with
>squid 2.5-STABLE7 and linux kernel 2.6.10?
>
>I've been working on this for about 3 days now,
>and I'm at a loss. I even tried squid with WCCPv2
>patch, and I've tried it with *and* without the
>ip_wccp.ko module.
>
>Cisco info:
>
>IOS: 12.2(8)T5
>
>The result is always the same:
>
>#sh ip wccp web-cache detail
>WCCP Cache-Engine information:
> IP Address: 192.168.10.2
> Protocol Version: 2.0
> State: Usable
> Initial Hash Info: 00000000000000000000000000000000
> 00000000000000000000000000000000
> Assigned Hash Info: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
> FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
> Hash Allotment: 256 (100.00%)
> Packets Redirected: 509
> Connect Time: 00:30:51
>
>Cisco is talking to squid via gre tunnel:
>
># iptunnel
>gre0: gre/ip remote any local any ttl inherit nopmtudisc
>gre1: gre/ip remote 192.168.10.1 local 192.168.10.2 dev eth0 ttl inherit
>
># ifconfig
>eth0 Link encap:Ethernet HWaddr 00:A0:C9:AD:1E:11
> inet addr:192.168.1.2 Bcast:192.168.1.255 Mask:255.255.255.0
> UP BROADCAST NOTRAILERS RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:239969 errors:0 dropped:0 overruns:0 frame:0
> TX packets:413059 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:1000
> RX bytes:39141742 (37.3 Mb) TX bytes:512338368 (488.6 Mb)
> Interrupt:20 Base address:0x8000
>
>eth0:22 Link encap:Ethernet HWaddr 00:A0:C9:AD:1E:11
> inet addr:192.168.10.2 Bcast:192.168.10.255 Mask:255.255.255.0
> UP BROADCAST NOTRAILERS RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:1130 errors:0 dropped:0 overruns:0 frame:0
> TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:1000
> RX bytes:127952 (124.9 Kb) TX bytes:0 (0.0 b)
> Interrupt:20 Base address:0x8000
>
>gre1 Link encap:UNSPEC HWaddr C0-A8-0A-02-00-00-00-00-00-00-00-00-00-00-00-00
> inet addr:127.0.0.2 P-t-P:127.0.0.2 Mask:255.255.255.255
> UP POINTOPOINT RUNNING NOARP MTU:1476 Metric:1
> RX packets:1130 errors:0 dropped:0 overruns:0 frame:0
> TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:0
> RX bytes:127952 (124.9 Kb) TX bytes:0 (0.0 b)
>
>lo Link encap:Local Loopback
> inet addr:127.0.0.1 Mask:255.0.0.0
> UP LOOPBACK RUNNING MTU:16436 Metric:1
> RX packets:2062 errors:0 dropped:0 overruns:0 frame:0
> TX packets:2062 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:0
> RX bytes:183007 (178.7 Kb) TX bytes:183007 (178.7 Kb)
>
>But I never see hits on my iptables rules:
>
># iptables -t nat -L -v
>Chain PREROUTING (policy ACCEPT 158 packets, 20654 bytes)
> pkts bytes target prot opt in out source destination
> 0 0 REDIRECT tcp -- eth0:22 any anywhere anywhere tcp dpt:www redir ports 3128
> 0 0 REDIRECT tcp -- eth0 any anywhere anywhere tcp dpt:www redir ports 3128
>
>Chain POSTROUTING (policy ACCEPT 1064 packets, 70890 bytes)
> pkts bytes target prot opt in out source destination
>
>Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
> pkts bytes target prot opt in out source destination
>
>I get this in my squid cache log:
>
>2005/02/22 22:46:00| Accepting WCCP v2 messages on port 2048, FD 13.
>2005/02/22 22:46:11| Incoming WCCP v2 I_SEE_YOU length 84.
>2005/02/22 22:46:11| Incoming WCCP2_I_SEE_YOU received id = 1.
>2005/02/22 22:46:11| Incoming WCCP2_I_SEE_YOU member change = 1 tmp=1.
>2005/02/22 22:46:22| Incoming WCCP v2 I_SEE_YOU length 132.
>2005/02/22 22:46:22| Incoming WCCP2_I_SEE_YOU received id = 2.
>2005/02/22 22:46:22| Incoming WCCP2_I_SEE_YOU member change = 1 tmp=2.
>2005/02/22 22:46:31| Incoming WCCP v2 I_SEE_YOU length 132.
>2005/02/22 22:46:31| Incoming WCCP2_I_SEE_YOU received id = 3.
>2005/02/22 22:46:31| Incoming WCCP2_I_SEE_YOU member change = 2 tmp=2.
>2005/02/22 22:46:42| Incoming WCCP v2 I_SEE_YOU length 132.
>2005/02/22 22:46:42| Incoming WCCP2_I_SEE_YOU received id = 4.
>2005/02/22 22:46:42| Incoming WCCP2_I_SEE_YOU member change = 2 tmp=2.
>2005/02/22 22:46:47| WCCP2 Assigning Redirect
>2005/02/22 22:46:53| Incoming WCCP v2 I_SEE_YOU length 132.
>2005/02/22 22:46:53| Incoming WCCP2_I_SEE_YOU received id = 5.
>2005/02/22 22:46:53| Incoming WCCP2_I_SEE_YOU member change = 0 tmp=2.
>2005/02/22 22:46:53| Incoming WCCP2_I_SEE_YOU member change = 2.
>2005/02/22 22:47:03| Incoming WCCP v2 I_SEE_YOU length 132.
>
>The strange thing is that my test machine is set up to use
>the router as my default gateway, and the router claims it
>is redirecting packets. However, I never see any hits on iptables
>rules or in access.log, yet my test machine can still browse
>the web!
>
>Shouldn't the cisco be marking the cache as unusable or block
>the web traffic?
>
>Does anyone else have this working on a 2.6 kernel???
>
>Thanks!
>
>
>

-- 
***************************************************************************
  / ''We can't become what we need to be by remaining what we are''\
  \ ,,                                                           ,,/
***************************************************************************

Received on Wed Feb 23 2005 - 23:29:08 MST

This archive was generated by hypermail pre-2.1.9 : Tue Mar 01 2005 - 12:00:02 MST