Re: [squid-users] wccp working config example

Nuno Silva wrote:
> Hi there Dan.
>
>
>
> I'm having the same problem, i have read many diferent 'recipes' to put
> wcccpv2 working on squid, but nothing yet.
>
> In all posts I read, i done everything, ipforward set to 1, gre tunnel,
> iptables, and the only thing I can see is the browser message saying
> that the server is taking too long to respond
>
>
>
> router#*sh ip wccp*
>
> Global WCCP information:
>
> Router information:
>
> Router Identifier: 194.xxx.xxx.xxx
>
> Protocol Version: 2.0
>
>
>
> Service Identifier: web-cache
>
> Number of Cache Engines: 1
>
> Number of routers: 1
>
> *_Total Packets Redirected: 1168_*
>
> Redirect access-list: wccp-redirect
>
> Total Packets Denied Redirect: 51649
>
> Total Packets Unassigned: 11
>
> Group access-list: -none-
>
> Total Messages Denied to Group: 0
>
> Total Authentication failures: 0
>
> Total Bypassed Packets Received: 0
>
>
>
> When the packets start to be redirect to the squid, I start getting
> delays…the the failing message L
>
>
>
> On the Squid side, monitoring the gre1 tunnel, I can see incoming traffic:
>
>
>
> gre1 Link encap:UNSPEC HWaddr
> C2-41-97-F9-00-00-00-00-00-00-00-00-00-00-00-00
>
> inet addr:127.0.0.2 P-t-P:127.0.0.2 Mask:255.255.255.255
>
> UP POINTOPOINT RUNNING NOARP MTU:1476 Metric:1
>
> *RX packets:38903* errors:0 dropped:0 overruns:0 frame:0
>
> TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
>
> collisions:0 txqueuelen:0
>
> *RX bytes:5151686* (4.9 MiB) TX bytes:0 (0.0 b)
>
>
>
>
>
> *squid:/home/pp# iptables -t nat -L*
>
> Chain PREROUTING (policy ACCEPT)
>
> target prot opt source destination
>
> REDIRECT tcp -- anywhere anywhere tcp dpt:www
> redir ports 3128
>
> REDIRECT tcp -- anywhere anywhere tcp
> dpt:webcache redir ports 3128
>
> REDIRECT tcp -- anywhere anywhere tcp
> dpt:8000 redir ports 3128
>
>
>
> Chain POSTROUTING (policy ACCEPT)
>
> target prot opt source destination
>
>
>
> Chain OUTPUT (policy ACCEPT)
>
> target prot opt source destination
>
>
>

Try adding this to iptables:

iptables -t nat -A POSTROUTING -j MASQUERADE

also what is the status of these as relating to web traffic to/from squid:
  iptables -t filter -L *

Thing to look out for in Nuno's problem is traffic from the squid box
being redirected back at itself anywhere down the chain. In squid box
iptables and also the cisco box.

Amos

>
>
>
> I need held to find out what’s wrong!
>
> Router info:
>
> IOS Software, 7200 Software (C7200-P-M), Version 12.2(25)S5, RELEASE
> SOFTWARE (fc1)
>
>
>
>
>
>
>
>
>
>
>
>
>
> -----Mensagem original-----
> De: Amos Jeffries [mailto:squid3_at_treenet.co.nz]
> Enviada: quarta-feira, 10 de Setembro de 2008 3:48
> Para: Dan Letkeman
> Cc: squid-users
> Assunto: Re: [squid-users] wccp working config example
>
>
>
> > Hello,
>
> >
>
> > I have spent all day working on trying to get a working wccp config
>
> > with squid and a 2811 router running (C2800NM-ADVENTERPRISEK9-M),
>
> > Version 12.4(21)
>
> >
>
> > I have had it working before with a 2621 router running a 12.3 ios.
>
> >
>
> > I have read about 20 different posts/blogs with various different
>
> > instructions. If anyone has any configuration example or instruction
>
> > list that is complete for a certain version of squid/linux/ios I would
>
> > like to give it a try.
>
>
>
> WCCP is a little tricky as there are three parts to the config and all
>
> three are completely interchangeable depending on the hardware and squid
>
> release involved.
>
>
>
> We are building a section in the config examples wiki pages to help
>
> though. http://wiki.squid-cache.org/ConfigExamples/Intercept
>
> The two pieces currently there already for WCCPv2 combine to a working
>
> config Cisco->FreeBSD for reference. Some older examples not yet checked
>
> and cleaned up are in http://wiki.squid-cache.org/ConfigExamples with Wccp
>
> in their names.
>
>
>
> If you get the config for your router going I'd be interested in adding
>
> the bits for future reference.
>
>
>
> Amos
>
>
>
>
>
>
>
>
>
> No virus found in this incoming message.
>
> Checked by AVG - http://www.avg.com
>
> Version: 8.0.169 / Virus Database: 270.6.19/1663 - Release Date:
> 09-09-2008 19:04
>

-- 
Please use Squid 2.7.STABLE4 or 3.0.STABLE8