[squid-users] Squid doesn't work in WCCP, works fine as transparent from jburk on 2009-12-09 (squid-users)

From: jburk <john.burk_at_gmail.com>
Date: Wed, 9 Dec 2009 11:33:36 -0800 (PST)

I have a squid 2.7 box, configured as transparent with wccp2 router
configured. ACL's are wide open for the whole 10.0.0.0/8 network. My WCCP2
router is a Cisco 6509 with a Sup32 running IOS.

The squid works fine if I add it in the browser on port 3128, but if I take
it out, internet stops unless I remove the wccp from the interface on the
router.

IP of Squid - 10.38.1.99
IP of router - 10.38.1.6

###Squid Server Outputs
root_at_squid:~# iptables -t nat -nvL
Chain PREROUTING (policy ACCEPT 792 packets, 97920 bytes)
pkts bytes target prot opt in out source
destination
0 0 REDIRECT tcp -- eth0 * 0.0.0.0/0
0.0.0.0/0 tcp dpt:80 redir ports 3128

Chain POSTROUTING (policy ACCEPT 353 packets, 21269 bytes)
pkts bytes target prot opt in out source
destination

Chain OUTPUT (policy ACCEPT 353 packets, 21269 bytes)
pkts bytes target prot opt in out source
destination
*******************************************************************************

root_at_squid:~# iptunnel
gre0: gre/ip remote any local any ttl inherit nopmtudisc
gre1: gre/ip remote 10.38.1.6 local 10.38.1.99 dev eth0 ttl inherit

*******************************************************************************

root_at_squid:~# ifconfig
eth0 Link encap:Ethernet HWaddr 00:0d:56:6f:01:f9
          inet addr:10.38.1.99 Bcast:10.38.7.255 Mask:255.255.248.0
          inet6 addr: fe80::20d:56ff:fe6f:1f9/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
          RX packets:83007 errors:0 dropped:0 overruns:0 frame:0
          TX packets:34743 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:32312705 (32.3 MB) TX bytes:15436481 (15.4 MB)
          Interrupt:28

gre0 Link encap:UNSPEC HWaddr
00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
          inet addr:127.0.0.2 Mask:255.0.0.0
          UP RUNNING NOARP MTU:1476 Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)

gre1 Link encap:UNSPEC HWaddr
0A-26-01-63-00-00-00-00-00-00-00-00-00-00-00-00
          inet addr:10.38.1.99 P-t-P:10.38.1.99 Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MTU:1476 Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)

lo Link encap:Local Loopback
          inet addr:127.0.0.1 Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING MTU:16436 Metric:1
          RX packets:3398 errors:0 dropped:0 overruns:0 frame:0
          TX packets:3398 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:507915 (507.9 KB) TX bytes:507915 (507.9 KB)
*******************************************************************************

http_port 3128 transparent
wccp2_router 10.38.1.6

###Cisco Relevant Config/Output
ip wccp web-cache redirect-list 150
access-list 150 permit tcp host 10.38.2.101 any eq www
access-list 150 deny tcp any any eq www

interface Vlan101
ip address 10.38.1.6 255.255.248.0
ip helper-address 10.38.1.15
ip wccp web-cache redirect in

*******************************************************************************
CO_C6509E_1A.1#show ip wccp
Global WCCP information:
    Router information:
        Router Identifier: 192.168.10.1
        Protocol Version: 2.0

    Service Identifier: web-cache
        Number of Service Group Clients: 1
        Number of Service Group Routers: 1
        Total Packets s/w Redirected: 256
          Process: 0
          CEF: 256
        Redirect access-list: 150
        Total Packets Denied Redirect: 807
        Total Packets Unassigned: 14
        Group access-list: -none-
        Total Messages Denied to Group: 0
        Total Authentication failures: 0
        Total Bypassed Packets Received: 0
*******************************************************************************
CO_C6509E_1A.1#show ip wccp web-cache view
    WCCP Routers Informed of:
        192.168.10.1

WCCP Clients Visible:
10.38.1.99

WCCP Clients NOT Visible:
-none-

Please help - been working on this for days, have scoured the web to no
avail

-- 
View this message in context: http://old.nabble.com/Squid-doesn%27t-work-in-WCCP%2C-works-fine-as-transparent-tp26716254p26716254.html
Sent from the Squid - Users mailing list archive at Nabble.com.

Received on Wed Dec 09 2009 - 19:33:39 MST

This archive was generated by hypermail 2.2.0 : Thu Dec 10 2009 - 12:00:01 MST