[squid-users] Help, wccp on ubuntu

From: ketua kampung <ketua_at_kampung.web.id>
Date: Mon, 08 Jun 2009 10:43:01 +0700

Hi,

I have problem to running up wccp on my squid.
I follow the guide from
http://wiki.squid-cache.org/SquidFaq/InterceptionProxy and
http://www.digitalnerds.net/linux/transparent-squid-with-wccp/

This is my system.

i use ubuntu 8.04 64bit.
squid 2.7stable6 (compile by myselft).

root_at_box:~# squid -v
Squid Cache: Version 2.7.STABLE6
configure options: '--sysconfdir=/etc/squid' '--prefix=/usr'
'--enable-async-io' '--enable-removal-policies=lru,heap'
'--disable-delay-pools' '--enable-kill-parent-hack' '--enable-snmp'
  '--enable-default-err-language=English'
'--enable-err-languages=English' '--enable-cache-digests'
  '--enable-linux-netfilter' '--enable-gnuregex' '--enable-wccp'
'--disable-auth'

in squid.conf, i configure http_port 3128 transparent and enable the wccp.

ifconfig wccp0
wccp0 Link encap:UNSPEC HWaddr
77-5C-40-03-00-00-F9-A1-00-00-00-00-00-00-00-00
           inet addr:1.2.3.4 P-t-P:1.2.3.4 Mask:255.255.255.255
           UP POINTOPOINT RUNNING NOARP MTU:1476 Metric:1
           RX packets:0 errors:0 dropped:0 overruns:0 frame:0
           TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
           collisions:0 txqueuelen:0
           RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)

root_at_box:~# iptunnel
gre0: gre/ip remote any local any ttl inherit nopmtudisc
wccp0: gre/ip remote 110.92.64.255 local 119.92.64.3 dev eth0 ttl
inherit

root_at_box:~# cat /proc/sys/net/ipv4/ip_forward
1

root_at_box:~# sysctl -a | grep rp_filter
error: permission denied on key 'net.ipv4.route.flush'
net.ipv4.conf.lo.rp_filter = 0
net.ipv4.conf.lo.arp_filter = 0
net.ipv4.conf.all.rp_filter = 0
net.ipv4.conf.all.arp_filter = 0
net.ipv4.conf.default.rp_filter = 0
net.ipv4.conf.default.arp_filter = 0
net.ipv4.conf.eth0.rp_filter = 0
net.ipv4.conf.eth0.arp_filter = 0
net.ipv4.conf.eth1.rp_filter = 0
net.ipv4.conf.eth1.arp_filter = 0
net.ipv4.conf.gre0.rp_filter = 0
net.ipv4.conf.gre0.arp_filter = 0
net.ipv4.conf.wccp0.rp_filter = 0
net.ipv4.conf.wccp0.arp_filter = 0
error: permission denied on key 'net.ipv6.route.flush'

 From my cisco, i can see my squid can comunicate wccp with cisco.
RTR-INT-2811#sh ip wccp
Global WCCP information:
     Router information:
         Router Identifier: 110.92.64.255
         Protocol Version: 1.0

     Service Identifier: web-cache
         Number of Service Group Clients: 1
         Number of Service Group Routers: 1
         Total Packets s/w Redirected: 89
           Process: 0
           Fast: 0
           CEF: 89
         Redirect access-list: -none-
         Total Packets Denied Redirect: 0
         Total Packets Unassigned: 0
         Group access-list: -none-
         Total Messages Denied to Group: 0
         Total Authentication failures: 0

terminal monitor
debug ip wccp even
*Jun 8 03:30:51.423: WCCP-PKT: Sending I_See_You packet to 110.92.64.3
w/ rcvd_id 00000296
*Jun 8 03:31:01.427: WCCP-EVNT: Built I_See_You msg body w/1 usable web
caches, change # 0000000B
*Jun 8 03:31:01.427: %WCCP-5-CACHEFOUND: Web Cache 110.92.64.3 acquired
*Jun 8 03:31:01.427: WCCP-PKT: Received valid Here_I_Am packet from
110.92.64.3 w/rcvd_id 00000296
*Jun 8 03:31:01.427: WCCP-PKT: Sending I_See_You packet to 110.92.64.3
w/ rcvd_id 00000297
*Jun 8 03:31:01.427: WCCP-EVNT: Built I_See_You msg body w/1 usable web
caches, change # 0000000C
*Jun 8 03:31:01.427: WCCP-PKT: Received valid Assign_Buckets packet
from 110.92.64.3 w/rcvd_id 00000297
*Jun 8 03:31:11.431: WCCP-PKT: Received valid Here_I_Am packet from
110.92.64.3 w/rcvd_id 00000297
*Jun 8 03:31:11.431: WCCP-PKT: Sending I_See_You packet to 110.92.64.3
w/ rcvd_id 00000298

When i tcpdump on interface wccp0, i can see the paket flow from cisco
to server.
root_at_box:~# tcpdump -i wccp0 -n
listening on wccp0, link-type LINUX_SLL (Linux cooked), capture size 96
bytes
10:34:42.461441 IP 110.92.65.5.41038 > 202.158.66.92.80: S
842039074:842039074(0) win 5840 <mss 1380,sackOK,timestamp 240146036
0,nop,wscale 7>
10:34:45.453372 IP 110.92.65.5.41038 > 202.158.66.92.80: S
842039074:842039074(0) win 5840 <mss 1380,sackOK,timestamp 240146336
0,nop,wscale 7>
10:34:51.453431 IP 110.92.65.5.41038 > 202.158.66.92.80: S
842039074:842039074(0) win 5840 <mss 1380,sackOK,timestamp 240146936
0,nop,wscale 7>
10:35:03.453562 IP 110.92.65.5.41038 > 202.158.66.92.80: S
842039074:842039074(0) win 5840 <mss 1380,sackOK,timestamp 240148136
0,nop,wscale 7>
10:35:27.453852 IP 110.92.65.5.41038 > 202.158.66.92.80: S
3717798278:3717798278(0) win 5840 <mss 1380,sackOK,timestamp 240150536
0,nop,wscale 7>

and i can see the counter incrase in iptables.
root_at_box:~# iptables -t nat -vnL
Chain PREROUTING (policy ACCEPT 34 packets, 2784 bytes)
  pkts bytes target prot opt in out source
destination
     5 300 REDIRECT tcp -- wccp0 * 0.0.0.0/0
0.0.0.0/0 tcp dpt:80 redir ports 3128

the problem is, the squid doesn't work.
looks like the paket from redirect is disapper and never touch the squid
port (3128)

please help, what i should do.

regards

ketua_at_kampung
Received on Mon Jun 08 2009 - 03:43:22 MDT

This archive was generated by hypermail 2.2.0 : Fri Jun 12 2009 - 12:00:03 MDT