On Mon, 25 Feb 2008, Adrian Chadd wrote:
> On Mon, Feb 25, 2008, Manoj_Rajkarnikar wrote:
>
>> I have much simpler setup working on CentOS x86_64 2.6.23 and cisco
>> 7204VXR IOS version 12.2(46a). squid version 2.6 STABLE17:
>
> Which IOS release specifically? Could you throw me a "show version" ?
Sure..
iris>sh ver
Cisco Internetwork Operating System Software
IOS (tm) 7200 Software (C7200-IK9O3S-M), Version 12.2(46a), RELEASE
SOFTWARE (fc1)
Copyright (c) 1986-2007 by cisco Systems, Inc.
Compiled Thu 12-Jul-07 00:39 by pwade
Image text-base: 0x60008940, data-base: 0x6148E9F0
ROM: System Bootstrap, Version 12.1(20000824:081033)
[dbeazley-cosmos_e_LATEST 101], DEVELOPMENT
SOFTWARE
BOOTLDR: 7200 Software (C7200-BOOT-M), Version 12.0(15)S, EARLY DEPLOYMENT
RELEASE SOFTWARE (fc1
)
iris uptime is 7 weeks, 1 day, 7 hours, 27 minutes
System returned to ROM by power-on
System restarted at 06:15:24 NP Mon Jan 7 2008
System image file is "slot0:c7200-ik9o3s-mz.122-46a.bin"
iris>sh ip wccp
Global WCCP information:
Router information:
Router Identifier: XXX.XXX.XXX.XXX
Protocol Version: 2.0
Service Identifier: web-cache
Number of Cache Engines: 1
Number of routers: 1
Total Packets Redirected: 2016105442
Redirect access-list: SQUID-BYPASS-NEW
Total Packets Denied Redirect: 471709239
Total Packets Unassigned: 79667
Group access-list: -none-
Total Messages Denied to Group: 0
Total Authentication failures: 0
> I'll start a wiki page with "known good" versions of IOS that work with
> Squid.
>
> (And those of you who are running Squid+WCCPv2, please fire off your
> "show version" and "show ip wccp" related outputs so I can update
> the list.)
>
> Thanks!
>
>
>
> Adrian
>
>
>>
>> * recompile kernel with CONFIG_NET_IPGRE=m
>> * compile squid with wccpv2 support
>> * setup gre0 interface with some unused private IP assigned to it
>> * intercept in iptables :-
>> iptables -t nat -A PREROUTING -i gre0 -p tcp -m tcp --dport 80 -j REDIRECT
>> --to-port 3128
>>
>> As Henrik suggested me during this setup, IPGRE module in kernel
>> automatically decapsulates the gre packets on the gre0 interface and it
>> has been doing it so far.
>>
>> gre0 Link encap:UNSPEC HWaddr
>> 00-00-00-00-FF-F8-00-00-00-00-00-00-00-00-00-00
>> inet addr:192.168.172.2 Mask:255.255.255.252
>> UP RUNNING NOARP MTU:1476 Metric:1
>> RX packets:1970129052 errors:0 dropped:0 overruns:0 frame:0
>> TX packets:0 errors:3666 dropped:0 overruns:0 carrier:0
>> collisions:3666 txqueuelen:0
>> RX bytes:305795313631 (284.7 GiB) TX bytes:0 (0.0 b)
>>
>> [root@dns2 ~]# cat /etc/sysconfig/network-scripts/ifcfg-gre0
>> DEVICE=gre0
>> BOOTPROTO=static
>> BROADCAST=192.168.172.3
>> IPADDR=192.168.172.2
>> NETMASK=255.255.255.252
>> NETWORK=192.168.172.0
>> ONBOOT=yes
>> TYPE=Ethernet
>>
>>
>> This setup has been working nicely for me.
>>
>>
>> Manoj
>>>
>>>
>>>
>>> Adrian
>>>
>>
>> --
>
>
--Received on Tue Feb 26 2008 - 01:01:23 MST
This archive was generated by hypermail pre-2.1.9 : Sat Mar 01 2008 - 12:00:05 MST