Re: [squid-users] Regarding wccp

Michael Bowe wrote:
>> -----Original Message-----
>> From: Henrik Nordstrom [mailto:henrik_at_henriknordstrom.net]
>> Sent: Friday, 5 March 2010 7:08 AM
>> To: Michael Bowe
>> Cc: squid-users_at_squid-cache.org
>> Subject: RE: [squid-users] Regarding wccp
>>
>> tor 2010-03-04 klockan 12:25 +1100 skrev Michael Bowe:
>>
>>> I think you have the hash stuff wrong, isn't service 80 meant to be
>>> src_ip_hash and service 90 meant to be dst_ip_hash?
>> no, 80 is usually the normal www service interception, which is a
>> dst_ip_hash.
>>
>> but it doesn't matter very much as long as you have the combination of
>> both src_ip_hash and dst_ip_hash.
>
> As hinted at on the wiki, with TPROXY I reckon there is a gotcha you have to watch out for when you have more than one squid.
>
> 80 dst_ip_hash
> 90 src_ip_hash
> Ties a particular web server to a particular cache
>
> 80 src_ip_hash
> 90 dst_ip_hash
> Ties a particular client to a particular cache
>
> The problem with the 1st way is this :
>
> Say a client wants to access http://some-large-site, their PC resolves the address and gets x.x.x.1
>
> GET request goes off to the network, Cisco sees it and hashs the dst_ip.
>
> Hash for this IP points to cache-A
>
> Router sends the request to cache-A. This cache takes the GET and does another DNS lookup of that host. This time it resolves to x.x.x.2
>
> Cache sends request off to the internet
>
> Reply comes back from x.x.x.2, and arrives at the Cisco. Cisco does hash on src_ip and this happens to map to cache-B
>
> Reply arrives at cache-B and it doesn’t know anything about it. Trouble!
>
> If you only have 1 TPROXY cache, either way works OK. If you have more than one cache I reckon you need to use the 2nd way?
>
> Michael.
>

Wonderful. Thank you for this most excellent description too.
Updated the wiki.

Amos

-- 
Please be using
   Current Stable Squid 2.7.STABLE7 or 3.0.STABLE24
   Current Beta Squid 3.1.0.17