Re: [squid-users] Squid 2.5 and FreeBSD with Interception Caching

From: lakmal silva <ruwan_lakmal@dont-contact.us>
Date: Mon, 7 Mar 2005 11:04:50 +0100 (CET)

Hi Henrik,

Thanks a lot for the detailed trouble shooting guide.

For me parts 0,1 are working fine.

From router which is running WCCP, I get this. I think
the communication between router and squid is ok.

        IP Address: freebsd.squid.ip
        Protocol Version: 0.4
        State: Usable
        Initial Hash Info:
00000000000000000000000000000000
                              
00000000000000000000000000000000
        Assigned Hash Info:
FFFFFFFFFFFFFFFF0000000000000000
                              
00000000000000000000000000000000
        Hash Allotment: 64 (25.00%)
        Packets Redirected: 4014
        Connect Time: 00:01:20

However when i do a tcpdump I get these:

15:29:21.711454 IP xxx.xxx.xx.xxx > squid.host.name:
gre-proto-0x883e
15:29:21.776422 IP xxx.xxx.xx.xxx > squid.host.name:
gre-proto-0x883e
15:29:21.798789 IP xxx.xxx.xx.xxx > squid.host.name:
gre-proto-0x883e
15:29:21.832701 IP xxx.xxx.xx.xxx > squid.host.name:
gre-proto-0x883e

Can this be the problem? Is this due to OS not being
supported WCCP/GRE decapsulation? I compiled the
kernel as well, with following options.

options IPFIREWALL
options IPFIREWALL_FORWARD
options IPFIREWALL_DEFAULT_TO_ACCEPT
device gre

My firewall rules shows the following:

00100 116 7263 fwd 127.0.0.1,3128 tcp from any to
any dst-port 80 in
00200 67 43720 allow tcp from any 80 to
203.143.10.131 in
00300 5 360 allow gre from router.ip to
squid.server.ip
65535 40340 4059099 allow ip from any to any

I don't see much packets on the counter for rule
00100. How can I overcome this?

Regards,

Lakmal

--- Henrik Nordstrom <hno@squid-cache.org> wrote:
> On Tue, 1 Mar 2005, lakmal silva wrote:
>
> > FreeBSD 4.8 and WCCP as described in "Squid, the
> > definitive guide" by Duane Wessels. I followed
> exactly
> > the procedure given in the book but no luck so
> far.
> > The problem is, WCCP detects the squid server and
> > redirects packets to squid. But I don't see any
> logs
> > in the access log file. If I specifically point
> the
> > browsers to cache servers I get the entries in the
> > access logs. I also searched a lot on this in net
> and
> > tried many options, but ended up with the same
> result.
> > Interception is working fine for me in Redhat
> linux
> > 9.0.
>
> To help you diagnose where the problem may be the
> following components
> must all be working for WCCP interception to work
>
> 0. Squid needs to work proper when the browser is
> configured to use the
> proxy.
>
> 1. Squid and the router needs to be configured
> properly for WCCP. You can
> verify this in the router by verifying that the WCCP
> cache server is seen
> by the router and has assigned hash info.
>
> 2. The cache server OS needs to have support for
> WCCP/GRE decapsulation
> configured. You can verify this with tcpdump. When
> properly set tcpdump
> should see both WCCP/GRE packets arriving at the
> network interface and
> TCP/IP packets for port 80 on the corresponding GRE
> interface (or network
> interface if GRE is transparent with no virtual
> interface of it's own). If
> you see only WCCP/GRE packets then the WCCP/GRE
> decapsulation is most
> likely not working properl.
>
> 3. Once the decapsulation is working your OS-level
> firewall needs to have
> proper rules for redirecting the port-80 traffic to
> Squid. When all of
> 1,2, and 3 is working all traffic will be delivered
> to Squid and you
> should see either the requested site or an error
> message from Squid.
>
> 4. Squid needs to be properly configured for
> interception proxying. See
> FAQ. You can verify this by first verifying that the
> URLs logged in
> access.log is exacly what you requested including
> host name even when the
> browser both when the browser is configured to use
> the proxy and when it
> is not configured to use the proxy, second by using
> telnet (or a dumb
> HTTP/1.0 client) sending a request without a Host
> header
>
> telnet www.squid-cache.org
> GET / HTTP/1.0
> [blank line]
>
> Should give you www.squid-cache.org index page, and
> http://206.168.0.9/
> logged in Squid access.log.
>
> Regards
> Henrik
>

        
                
__________________________________
Celebrate Yahoo!'s 10th Birthday!
Yahoo! Netrospective: 100 Moments of the Web
http://birthday.yahoo.com/netrospective/
Received on Mon Mar 07 2005 - 03:04:54 MST

This archive was generated by hypermail pre-2.1.9 : Fri Apr 01 2005 - 12:00:01 MST