RE: [squid-users] Squid WCCP issue

Kevin,

I'm successfully running two WCCP caches on RedHat 9 with squid straight out
of the RedHat RPM (rpm -q ==> squid-2.5.STABLE1-2), via a 3640 router. I
recall seeing this problem early on in our squid deployment. I think it was
fixed with an updated IOS.

First, make sure your IOS is updated - some older IOS versions don't handle
WCCP properly. If in any doubt at all, log a request with Cisco support.

Activate WCCP on the outbound (post-routed) interface/s only, since WCCP v1
doesn't work on inbound (even though the documentation hints that it might).

Make sure you're only using the ip_wccp module, and not ip_gre as well. It
is okay for lsmod to show ip_wccp as (unused).

Reduce your MSS to your clients, otherwise they may generate packets that
get lost with GRE encapsulation. I do this in iptables, but I'm told there
are other ways to do it. In the 'filter' table, a line like the following
(needs to be on the one line) does the trick for me:
        -A OUTPUT -o eth0 -d 126.127.128.0/20 -p tcp --tcp-flags SYN,RST SYN -j
TCPMSS --set-mss 1400

To check on the WCCP chat between server and router, I use the following:
        # tcpdump -n -s0 -v -xX udp src port 2048 and udp dst port 2048

As long as the packets coming from the router have a line or two of 'ffff's,
WCCP is working properly, and port 80 requests will be directed to your
caches, regardless of any messages from the router.

Cheers,
Clive

-----Original Message-----
From: Kevin Morland [mailto:kmorland@mac.com]
Sent: Wednesday, 26 November 2003 9:19 AM
To: squid-users@squid-cache.org
Subject: [squid-users] Squid WCCP issue

Hello, I have searched the web and the squid site for day looking for
an answer to the problem.

I am trying to implement transparent cache server. I have a cisco 3640
and an redhat server. I have compiled the ip_wccp kernel module and
have it loaded. I have the default RPM from Red Hat for squid.

The problem is the router recognizes the cache-engine at the IP,
however it reports unusable. Here is the result of show ip wccp
web-cache detail:
WCCP Cache-Engine information:
         IP Address: 206.253.190.4
         Protocol Version: 0.4
         State: NOT Usable
         Initial Hash Info: 00000000000000000000000000000000
                                00000000000000000000000000000000
         Assigned Hash Info: 00000000000000000000000000000000
                                00000000000000000000000000000000
         Hash Allotment: 0 (0.00%)
         Packets Redirected: 0
         Connect Time: 00:00:15

I do not know where to look for the problem, I have searched and tried
everything I can think of. The only thing I noticed was that gre as no
packets running ifconfig -a. I have also redirect the traffic with
iptables.

Any help or suggestions would be most helpful.

Thanks,
Kevin Morland
Received on Tue Nov 25 2003 - 16:26:51 MST