Re: [squid-users] WCCPv2 - only one service group redirecting

From: paulvay <paulvay_at_gmail.com>
Date: Thu, 12 Nov 2009 08:37:56 -0800 (PST)

It looks like a problem with the config on the cisco side. you do not need a
reditrect in statment on the interface that is facing the Internet; the
responses are going to go to the Proxy as this is where they were sourced.
In other words you only need to intecept the traffic once the response will
go to the proxy on it's own.

Stufish wrote:
>
> Hi,
>
> I have the following simple network set up on the bench:
>
>
> Squid box
> x.x.11.90/30
> |
> |
> 7206
> Internet x.x.61.62/30 ----------- Router ------------ Client PC
> x.x.11.94/30
>
>
> In the router wccp service group 99 redirects HTTP requests to squid and
> service group 96 redirects the HTTP replies from the internet to squid.
>
> I have the service groups set up in squid and the router verifies this by
> displaying a service group client for both 96 and 99.
>
> My problem is that only service group 96 (replies from the internet) is
> performing any redirection. I think the gre tunnel is correctly set up as
> when I perform a TCP dump at the squid box, I can see the HTTP replys from
> the internet being passed to the squid box in a gre tunnel.
>
> Below is the WCCP stats from the router:
>
> show ip wccp
> Global WCCP information:
> Router information:
> Router Identifier: x.x.61.93
> Protocol Version: 2.0
>
> Service Identifier: 96
> Number of Service Group Clients: 1
> Number of Service Group Routers: 1
> Total Packets s/w Redirected: 326
> Process: 0
> Fast: 0
> CEF: 326
> Redirect access-list: -none-
> Total Packets Denied Redirect: 0
> Total Packets Unassigned: 0
> Group access-list: -none-
> Total Messages Denied to Group: 0
> Total Authentication failures: 0
> Total Bypassed Packets Received: 0
>
> Service Identifier: 99
> Number of Service Group Clients: 1
> Number of Service Group Routers: 1
> Total Packets s/w Redirected: 0
> Process: 0
> Fast: 0
> CEF: 0
> Redirect access-list: -none-
> Total Packets Denied Redirect: 0
> Total Packets Unassigned: 0
> Group access-list: -none-
> Total Messages Denied to Group: 0
> Total Authentication failures: 0
> Total Bypassed Packets Received: 0
>
>
> Also below is the router config:
>
> Building configuration...
>
> Current configuration : 1200 bytes
> !
> version 12.4
> service timestamps debug datetime msec
> service timestamps log datetime msec
> no service password-encryption
> !
> hostname Router
> !
> boot-start-marker
> boot-end-marker
> !
> !
> no aaa new-model
> !
> resource policy
> !
> ip wccp check services all
> ip wccp 96
> ip wccp 99
> !
> !
> ip cef
> !
> !
> !
> !
> !
> !
> !
> !
> !
> !
> !
> !
> !
> !
> !
> !
> !
> !
> !
> !
> !
> !
> interface GigabitEthernet0/1
> description traffic from user network to internet
> ip address x.x.61.93 255.255.255.252
> ip wccp 99 redirect in
> load-interval 30
> duplex full
> speed 100
> media-type rj45
> no negotiation auto
> !
> interface GigabitEthernet0/2
> description Squid
> ip address x.x.61.89 255.255.255.252
> load-interval 30
> duplex full
> speed 100
> media-type rj45
> no negotiation auto
> !
> interface GigabitEthernet0/3
> description traffic from internet to user network
> ip address x.x.61.61 255.255.255.252
> ip wccp 96 redirect in
> duplex full
> speed 100
> media-type rj45
> no negotiation auto
> !
> interface ATM1/0
> no ip address
> shutdown
> no atm ilmi-keepalive
> !
> ip route 0.0.0.0 0.0.0.0 x.x.60.1
> !
> no ip http server
> no ip http secure-server
> !
> !
> !
> !
> !
> !
> control-plane
> !
> !
> !
> !
> !
> !
> gatekeeper
> shutdown
> !
> !
> line con 0
> stopbits 1
> line aux 0
> line vty 0 4
> !
> !
> end
>
> Could anyone suggest some reasons why only the the HTTP reply traffic from
> the internet (service group 96) is being redirected?
>
> Regards,
>
> Stuart
>

-- 
View this message in context: http://old.nabble.com/WCCPv2---only-one-service-group-redirecting-tp26299313p26321938.html
Sent from the Squid - Users mailing list archive at Nabble.com.
Received on Thu Nov 12 2009 - 16:38:01 MST

This archive was generated by hypermail 2.2.0 : Fri Nov 13 2009 - 12:00:04 MST