I'm happy to provide whatever documentation I can, but I'd like to make
sure it's working first and this outstanding issue still has me stumped.
Here's a quick snip from the access log, going to a few sites. Notice
that all of them are misses. Google is going to 3 different servers, so
I could maybe see a miss the first time it visits each site, but these
are all misses every time. So, in the present setup, I cannot support an
offline_mode at all. Any ideas on this?
1159796708.843 555 127.0.0.1 TCP_MISS/200 31444 GET
http://www.microsoft.com - DIRECT/207.46.225.60 text/html
1159796710.853 129 127.0.0.1 TCP_MISS/200 31444 GET
http://www.microsoft.com - DIRECT/207.46.225.60 text/html
1159796712.730 84 127.0.0.1 TCP_MISS/200 31444 GET
http://www.microsoft.com - DIRECT/207.46.225.60 text/html
1159796718.040 175 127.0.0.1 TCP_MISS/200 3984 GET
http://www.google.com - DIRECT/66.102.7.104 text/html
1159796719.611 88 127.0.0.1 TCP_MISS/200 3984 GET
http://www.google.com - DIRECT/66.102.7.147 text/html
1159796720.844 91 127.0.0.1 TCP_MISS/200 3984 GET
http://www.google.com - DIRECT/66.102.7.99 text/html
1159796851.780 90 127.0.0.1 TCP_MISS/200 3984 GET
http://www.google.com - DIRECT/66.102.7.104 text/html
1159796853.392 84 127.0.0.1 TCP_MISS/200 3984 GET
http://www.google.com - DIRECT/66.102.7.147 text/html
1159796854.326 87 127.0.0.1 TCP_MISS/200 3984 GET
http://www.google.com - DIRECT/66.102.7.99 text/html
-----Original Message-----
From: Adrian Chadd [mailto:adrian@creative.net.au]
Sent: Monday, October 02, 2006 12:43 AM
To: Shaun Skillin (home)
Subject: Re: [squid-users] offline mode issue
Would you mind documenting your WCCPv2 setup in the Squid Wiki? It'd be
nice
to have an example of an L2 redirect setup.
I've been meaning to do it but I've not had enough time to setup my 3550
as a lab router..
Check out http://wiki.squid-cache.org/ConfigExamples/ to see what I'm on
about.
Thanks!
Adrian
On Sun, Oct 01, 2006, Shaun Skillin (home) wrote:
> Hi Mernoz,
> Yes, it is documented to use the same IP address for eth0 and wccp0,
which I thought was strange too, but apparently helps things.
> Router-ID will be the highest IP address on any interface. This is
the same behavior as OSPF, BGP, and other router-id's, but I don't see a
way to override this with wccp.
> Wccp2_router value must be an IP address as far as I know.
> The L2-forward/GRE-return is odd to me also, but apparently what the
switch wants to do, and cannot be changed. Another thing that is odd is
that the "redirection packets" counter does not increment on the switch.
Everything seems to work now, except for the offline_mode (my original
post). I'm still scratching my head about that one.
> Shaun
>
>
> -----Original Message-----
> From: Mernoz Rostangi [mailto:mi007@emilmoz.com]
> Sent: Sunday, October 01, 2006 2:32 PM
> To: Shaun Skillin (home)
> Subject: RE: [squid-users] offline mode issue
>
> Hi Shaun,
>
> tks for the info.I will test it on my box and see how it goes..
> I see that you use same IP for squid eth0 and wccp0 !
> Just one doubt: Under your switch, what IP does it use by default for
ID ?
> because on my router, if I have a loopback0 address, the router uses
that for Router Identifier !
>
> Under squid.conf, the router address is this router identifier, or it
is the physical address of the eth0 where the router is connected to the
squid box ?
>
> One doubt that came now, is why send use L2 and receive in GRE ? I
tought using a switch it would do L2 both ways !!very strange ...
>
> do you have msn ? mine is: h2s04_h20@hotmail.com
>
> :-)
> ./m
>
>
> ----- Original Message -----
> From: Shaun Skillin (home)
> [mailto:shaun@skillin.com]
> To: Mernoz Rostangi
> [mailto:mi007@emilmoz.com]
> Sent: Sun, 01 Oct 2006 20:41:10 +0200
> Subject:
> RE: [squid-users] offline mode issue
>
>
> > I tried to use a router but without too much success. Some sites
had
> > incorrect MTU size reported for some reason, so they were getting
dropped in
> > the GRE tunnel. I am now using a layer-3 switch instead of a router
for
> > WCCP, and it seems to work better. Configuration on the switch is
simple -
> > the only bad part is that it can't really be adjusted. I followed
Cisco's
> > notes about the switch, and made these configurations:
> >
> > !3550 Layer3 Switch:
> > !make separate VLANs (and interface VLANs) for firewall connection,
cache
> > !servers, and client LANs
> >
> > !in global config mode:
> > ip wccp web-cache
> > !
> > interface Vlan1
> > description client vlan
> > ip address 172.16.1.252 255.255.255.0
> > ip wccp web-cache redirect in
> > !
> > interface Vlan252
> > description Squid Server VLAN
> > ip address 172.16.252.254 255.255.255.0
> > !
> > interface Vlan253
> > description Firewall Connection
> > ip address 172.16.253.254 255.255.255.0
> > !
> >
> > Note: this switch is the default gateway for my clients
> >
> > Cisco switch expects L2 forwarding and GRE return (I don't know
why), so my
> > squid.conf has these things:
> >
> > http_port 3128 transparent
> > wccp2_router 172.16.252.254
> > wccp2_forwarding_method 2
> > wccp2_return_method 1
> > wccp2_service standard 0
> >
> > I am not sure now if I need the GRE tunnel, because I see no traffic
on it
> > when I look at a packet capture, but here is how I set up the tunnel
when I
> > was testing using a router:
> >
> > modprobe ip_gre
> > ip tunnel add wccp0 mode gre remote 172.16.252.254 local
172.16.252.1 dev
> > eth0 #172.16.252.1 is the squid server eth0 & wccp0 address
> > ip addr add 172.16.252.1/32 dev wccp0
> > ip link set wccp0 up
> > echo 0 >/proc/sys/net/ipv4/conf/wccp0/rp_filter
> >
> >
> > In any case, you should need to redirect port 80 traffic to port
3128, so it
> > will go to squid. If you use a router (GRE mode instead of L2
mode), it
> > should go to wccp0 instead of eth0:
> >
> > iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT
> > --to-port 3128
> >
> > I hope this helps, and saves much frustration for you!
> > Shaun
> >
> >
> >
> > -----Original Message-----
> > From: Mernoz Rostangi [mailto:mi007@emilmoz.com]
> > Sent: Sunday, October 01, 2006 12:07 PM
> > To: Shaun Skillin (home)
> > Subject: Re: [squid-users] offline mode issue
> >
> > Hi Shaun,
> >
> > I am trying to setup wccpv2 without luck !
> > What OS are you using ?
> >
> > Could you let me know how you setup it on your cisco and on your
squid ?
> > and what about on your OS ? I want to setup it with cisco router,
freebsd
> > 6.1 and squid 2.6stable4 !
> >
> > :-)
> > Mernoz
> >
> >
> > ----- Original Message -----
> > From: Shaun Skillin (home)
> > [mailto:shaun@skillin.com]
> > To: Squid Users
> > [mailto:squid-users@squid-cache.org]
> > Sent: Sun, 01 Oct 2006 19:25:33
> > +0200
> > Subject: [squid-users] offline mode issue
> >
> >
> > >
> > > Hello,
> > > I'm using 2.6STABLE3 with WCCPv2 via a Cisco 3550 switch. ?The
switch
> > uses
> > > L2 forward and GRE return, which is now working fine (thanks
Henrik!).
> > > I'm having trouble getting offline mode to work. ?In my test
setup, I'm
> > > toggling offline mode via cache manager, then shutting off the
outside
> > > Ethernet of my firewall to deny connection to the Internet.? What
I see
> > in
> > > a capture from the Squid server is that it will try to go to the
Internet
> > > even in offline mode. ?(I am going to a page that I just visited
before
> > > disconnecting, which shows up as cached in Cache Stats and
Contents).? Is
> > > there another setting that I'm simply missing?? Do I need to patch
Squid
> > > somehow?
> > >
> > > Thanks!
> > >
> > > Shaun
> > >
> > >
> >
Received on Mon Oct 02 2006 - 07:53:20 MDT
This archive was generated by hypermail pre-2.1.9 : Wed Nov 01 2006 - 12:00:04 MST