Hi,
I have a similar issue with WCCP + RHEL ES v4 and
Cisco 1700 Series IOS 12.4(1a), my Router seems to be
allright though, but it looks like the problem is
with the ip_wccp module that I downloaded from
squid-cache.org website, that does not support ip-gre.
Therefore I cannot load the ip_gre module in the
kernel and create the gre tunnel.
Please any hint where to find a patch ip_gre module
that support WCCP ?
I wondered if it was a problem specific to the kernel
2.6.9-22.ELsmp #1 SMP that I run (RHEL ES v4 Update2).
Should I go back to Kernel 2.4 ???
Thanks for your help,
Regards,
Daniel
--- Graham Blake <grahamb@ssimicro.com> wrote:
> Hi there,
> I have spent three days beating my head against a
> problem that
> appears to be a case of dueling Cisco bugs.
>
> I recently swapped a router out, replacing a 3640
> with IOS 12.2 and
> installing a 3845 with 12.4(5) SP Services. We had
> WCCP running for
> eternity without problem on the 3640, but WCCP died
> an ignoble death
> on the new router. It appears that WCCP would not
> work at all with ip
> cef enabled, but with ip cef disabled, various and
> sundry websites
> would not work - particularly websites requiring
> some form of
> authenticaion - Slashdot, Hotmail, different web
> forums, etc.
>
> It looks like the warring bugs are akin to
> CSCsb89463 (Symptoms: WCCP
> doesnt redirect packets with ip cef enabled ---
> Workaround: Disable
> cef with the global command 'no ip cef') and
> CSCdz36099 (Symptoms:
> Web sites that require authentication become
> unreachable ---
> Workaround: Ensure that CEF switching is enabled on
> the router). Cute, eh?
>
> Supposedly CSCsb89463 is fixed in 12.4(5) - but it
> seems pretty
> non-fixed to me. It seems the only way to get WCCP
> to work, and not
> fail on authenticating websites, is to force WCCP
> through a process
> switching path. I am doing this by adding a log
> statement to all of
> my redirect-list permit statements. This is
> obviously an undesireable
> solution for CPU reasons, and it has meant I have
> had to stop logging
> to a remote host.
>
> I am wondering if anyone has been through this with
> similar versions
> of IOS, and has either a) found a better workaround
> or b) found a
> happy working good version of 12.4 IOS.
> Cheers,
> Graham
>
>
-----------------------------------------------------------------------------
T O G O D B E T H E G L O R Y :)
------------------------------------------------------------------------------
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
Received on Sat Jan 28 2006 - 03:06:18 MST
This archive was generated by hypermail pre-2.1.9 : Wed Feb 01 2006 - 12:00:02 MST