RE: [squid-users] offline mode issue

Hi Mernoz,
Yes, it is documented to use the same IP address for eth0 and wccp0, which I thought was strange too, but apparently helps things.
Router-ID will be the highest IP address on any interface. This is the same behavior as OSPF, BGP, and other router-id's, but I don't see a way to override this with wccp.
Wccp2_router value must be an IP address as far as I know.
The L2-forward/GRE-return is odd to me also, but apparently what the switch wants to do, and cannot be changed. Another thing that is odd is that the "redirection packets" counter does not increment on the switch. Everything seems to work now, except for the offline_mode (my original post). I'm still scratching my head about that one.
Shaun

-----Original Message-----
From: Mernoz Rostangi [mailto:mi007@emilmoz.com]
Sent: Sunday, October 01, 2006 2:32 PM
To: Shaun Skillin (home)
Subject: RE: [squid-users] offline mode issue

Hi Shaun,

tks for the info.I will test it on my box and see how it goes..
I see that you use same IP for squid eth0 and wccp0 !
Just one doubt: Under your switch, what IP does it use by default for ID ?
because on my router, if I have a loopback0 address, the router uses that for Router Identifier !

Under squid.conf, the router address is this router identifier, or it is the physical address of the eth0 where the router is connected to the squid box ?

One doubt that came now, is why send use L2 and receive in GRE ? I tought using a switch it would do L2 both ways !!very strange ...

do you have msn ? mine is: h2s04_h20@hotmail.com

:-)
./m

----- Original Message -----
From: Shaun Skillin (home)
[mailto:shaun@skillin.com]
To: Mernoz Rostangi
[mailto:mi007@emilmoz.com]
Sent: Sun, 01 Oct 2006 20:41:10 +0200
Subject:
RE: [squid-users] offline mode issue

> I tried to use a router but without too much success. Some sites had
> incorrect MTU size reported for some reason, so they were getting dropped in
> the GRE tunnel. I am now using a layer-3 switch instead of a router for
> WCCP, and it seems to work better. Configuration on the switch is simple -
> the only bad part is that it can't really be adjusted. I followed Cisco's
> notes about the switch, and made these configurations:
>
> !3550 Layer3 Switch:
> !make separate VLANs (and interface VLANs) for firewall connection, cache
> !servers, and client LANs
>
> !in global config mode:
> ip wccp web-cache
> !
> interface Vlan1
> description client vlan
> ip address 172.16.1.252 255.255.255.0
> ip wccp web-cache redirect in
> !
> interface Vlan252
> description Squid Server VLAN
> ip address 172.16.252.254 255.255.255.0
> !
> interface Vlan253
> description Firewall Connection
> ip address 172.16.253.254 255.255.255.0
> !
>
> Note: this switch is the default gateway for my clients
>
> Cisco switch expects L2 forwarding and GRE return (I don't know why), so my
> squid.conf has these things:
>
> http_port 3128 transparent
> wccp2_router 172.16.252.254
> wccp2_forwarding_method 2
> wccp2_return_method 1
> wccp2_service standard 0
>
> I am not sure now if I need the GRE tunnel, because I see no traffic on it
> when I look at a packet capture, but here is how I set up the tunnel when I
> was testing using a router:
>
> modprobe ip_gre
> ip tunnel add wccp0 mode gre remote 172.16.252.254 local 172.16.252.1 dev
> eth0 #172.16.252.1 is the squid server eth0 & wccp0 address
> ip addr add 172.16.252.1/32 dev wccp0
> ip link set wccp0 up
> echo 0 >/proc/sys/net/ipv4/conf/wccp0/rp_filter
>
>
> In any case, you should need to redirect port 80 traffic to port 3128, so it
> will go to squid. If you use a router (GRE mode instead of L2 mode), it
> should go to wccp0 instead of eth0:
>
> iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT
> --to-port 3128
>
> I hope this helps, and saves much frustration for you!
> Shaun
>
>
>
> -----Original Message-----
> From: Mernoz Rostangi [mailto:mi007@emilmoz.com]
> Sent: Sunday, October 01, 2006 12:07 PM
> To: Shaun Skillin (home)
> Subject: Re: [squid-users] offline mode issue
>
> Hi Shaun,
>
> I am trying to setup wccpv2 without luck !
> What OS are you using ?
>
> Could you let me know how you setup it on your cisco and on your squid ?
> and what about on your OS ? I want to setup it with cisco router, freebsd
> 6.1 and squid 2.6stable4 !
>
> :-)
> Mernoz
>
>
> ----- Original Message -----
> From: Shaun Skillin (home)
> [mailto:shaun@skillin.com]
> To: Squid Users
> [mailto:squid-users@squid-cache.org]
> Sent: Sun, 01 Oct 2006 19:25:33
> +0200
> Subject: [squid-users] offline mode issue
>
>
> >
> > Hello,
> > I'm using 2.6STABLE3 with WCCPv2 via a Cisco 3550 switch.  The switch
> uses
> > L2 forward and GRE return, which is now working fine (thanks Henrik!).
> > I'm having trouble getting offline mode to work.  In my test setup, I'm
> > toggling offline mode via cache manager, then shutting off the outside
> > Ethernet of my firewall to deny connection to the Internet.  What I see
> in
> > a capture from the Squid server is that it will try to go to the Internet
> > even in offline mode.  (I am going to a page that I just visited before
> > disconnecting, which shows up as cached in Cache Stats and Contents).  Is
> > there another setting that I'm simply missing?  Do I need to patch Squid
> > somehow?
> >
> > Thanks!
> >
> > Shaun
> >
> >
>
Received on Sun Oct 01 2006 - 16:14:56 MDT