[squid-users] WCCP issues with Centos 6.3 and Cisco 2901

From: Jordan Dalley <jdalley_at_tsv.catholic.edu.au>
Date: Mon, 23 Sep 2013 10:16:31 +0000

Hi Squid community,

I have an issue whereby I am just struggling to find out why it wont work.

I have trawled through multiple forums, howto's, faq's etc but no matter what I do, I cannot get it to work properly.

Here is what I have done so far:

Router IP: 10.114.3.34
Squid IP: 10.112.4.4
WAN Subnet: 10.112.0.0 / 255.252.0.0

Squid Config:

http_port 3127 intercept
wccp2_router 10.114.3.34
wccp2_forwarding_method gre
wccp2_return_method gre
wccp2_service standard 0

Confirm I can access and use port 3127 directly without issue from any location in the WAN.

Router Config:

ip wccp web-cache
interface G0/1
!Inside interface
ip wccp web-cache redirect in

Added to sysctl.conf:

# Controls IP packet forwarding
net.ipv4.ip_forward = 1

# Controls source route verification
net.ipv4.conf.default.rp_filter = 0
net.ipv4.conf.eth0.rp_filter = 0
net.ipv4.conf.eth0.ip_filter = 0
net.ipv4.conf.gre0.rp_filter = 0
net.ipv4.conf.gre0.ip_filter = 0

Added to /etc/sysconfig/network-scripts/ifcfg-gre0

DEVICE=gre0
BOOTPROTO=static
IPADDR=127.0.0.2
NETMASK=255.255.255.0
ONBOOT=YES
IPV6INIT=NO

Linux Configuration:

modprobe ip_gre
ifup gre0
iptables -t nat -F
iptables -t nat -A PREROUTING -i gre0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 10.112.4.4:3127

If, I then do a tcpdump -i gre0 I can see packets flowing through this interface with destination port 80. Unfortunately it seems as if they are somehow not being natted to the squid server.

I've tried different varying methods of doing this, but none of them seem to work.

Does anyone have any ideas?

Regards,
Jordan.
Received on Mon Sep 23 2013 - 10:18:17 MDT

This archive was generated by hypermail 2.2.0 : Mon Sep 23 2013 - 12:00:05 MDT