RE: [squid-users] problem with WCCP + SQUID + 6509

From: Damian-Grint Philip <pdamian-grint@dont-contact.us>
Date: Thu, 20 Jan 2005 15:03:51 -0000

Have you tried using a redirect-list to define traffic to be redirected?

Can you show some output from the following while pushing http traffic
across the router:

term mon
debug ip icmp
debug ip wccp packets

-----Original Message-----
From: Luu Trung Duong [mailto:luutd@ctu.edu.vn]
Sent: 20 January 2005 13:45
To: 'squid-users'
Subject: [squid-users] problem with WCCP + SQUID + 6509

Hi All,

I problem with WCCP + SQUID + 6509 as follow:

"The problem is my client can't detect the proxy (where i was setting
as transparent proxy) and he cannot browsing, but if the client using
manual proxy, it's ok...."

I use:
        Cisco 6509
        REDHAT 9.1, Kernel 2.4.20.8
        ip_wccp ver 1.7
        squid 2.5STABLE7

I had follow intruction for Henrik Nordstrom and another message in
list

-----------------
make mrproper
cp configs/config_matching_your_kernel_type .config
   make oldconfig / make xconfig / make menuconfig
   make dep
   make clean
   make bzImage
   make modules
   [take note of the GCC flags shown during "make modules"]

Install newly built kernel

   make modules_install
   make install

Boot into the new kernel to verify that it works

Change boot menu to default to the new kernel
   [default=0 in /etc/boot/grub/grub.conf]

Build & install ip_wccp module

   gcc [flags collected above] -o ip_wccp.o ip_wccp.c

mkdir /lib/modules/2.4.XX-yycustom/net
   cp ip_wccp.o /lib/modules/2.4.XX-yycustom/net/
   depmod -a
Load ip_wccp module and verify WCCP functionality
   modprobe ip_wccp
Set up the sytem to load ip_wccp automatically on system boot
   echo "modprobe ip_wccp" >>/etc/rc.d/rc.local
   [alternatively add the modprobe line to /etc/rc.d/init.d/squid]
-----------------
        

WCCP on 6509
---------------
ip wccp version 1
ip wccp web-cache
-----------------

WCCP on vlan Int
---------------
ip wccp web-cache redirect out
---------------
sh ip wccp web-cache
------------------------------------------------------------
Global WCCP information:
    Router information:
        Router Identifier: xxxx.xxxx.xxxx.xxx
        Protocol Version: 1.0

    Service Identifier: web-cache
        Number of Cache Engines: 1
        Number of routers: 1
        Total Packets Redirected: 10
        Redirect access-list: -none-
        Total Packets Denied Redirect: 0
        Total Packets Unassigned: 0
        Group access-list: -none-
        Total Messages Denied to Group: 0
        Total Authentication failures: 0
------------------------------------------------------------

sh ip wccp web-cache view
----------------------------------
    WCCP Routers Informed of:
        -none-

    WCCP Cache Engines Visible:
        203.162.202.133

    WCCP Cache Engines NOT Visible:
        -none-
------------------------------------

sh ip wccp web-cache detail
----------------------------------------------
WCCP Cache-Engine information:
        IP Address: 203.162.202.133
        Protocol Version: 0.4
        State: Usable
        Redirection: GRE
        Initial Hash Info: 00000000000000000000000000000000
                               00000000000000000000000000000000
        Assigned Hash Info: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
                               FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
        Hash Allotment: 256 (100.00%)
        Packets Redirected: 0
        Connect Time: 00:41:25
--------------------------------------------------

[squid@cache-2 sbin]$ lsmod
Module Size Used by Not tainted
ipt_REDIRECT 1272 2 (autoclean)
iptable_nat 19448 1 (autoclean) [ipt_REDIRECT]
ip_conntrack 24960 1 (autoclean) [ipt_REDIRECT iptable_nat]
ip_wccp 1832 0 (unused)
parport_pc 17028 1 (autoclean)
lp 8292 0 (autoclean)
parport 33120 1 (autoclean) [parport_pc lp]
autofs 11860 0 (autoclean) (unused)
e100 54148 1
ipt_REJECT 3512 6 (autoclean)
iptable_filter 2284 1 (autoclean)
ip_tables 13624 6 [ipt_REDIRECT iptable_nat ipt_REJECT
iptable_filter]
keybdev 2688 0 (unused)
mousedev 5044 1
hid 20100 0 (unused)
input 5472 0 [keybdev mousedev hid]
usb-uhci 23692 0 (unused)
ehci-hcd 17480 0 (unused)
usbcore 71136 1 [hid usb-uhci ehci-hcd]
ext3 61792 2
jbd 46612 2 [ext3]
------------------------------------------------------

[root@cache-2 sbin]# iptables -t nat -L
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
REDIRECT tcp -- anywhere anywhere tcp dpt:http
redir ports 3128

Chain POSTROUTING (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
[root@cache-2 sbin]#
--------------------------------------------------------

________________________________________________________________________
This e-mail has been scanned for all viruses by Star. The
service is powered by MessageLabs. For more information on a proactive
anti-virus service working around the clock, around the globe, visit:
http://www.star.net.uk
________________________________________________________________________

________________________________________________________________________
This e-mail has been scanned for all viruses by Star. The
service is powered by MessageLabs. For more information on a proactive
anti-virus service working around the clock, around the globe, visit:
http://www.star.net.uk
________________________________________________________________________
Received on Thu Jan 20 2005 - 08:04:16 MST

This archive was generated by hypermail pre-2.1.9 : Mon Mar 07 2005 - 12:59:35 MST