Dear Dev Team,
I have problem in configuring the WCCP v1 + Squid 2.5S9 + kernel 2.6.5. The following is our configurations and settings. The Squid
machine and the router are comminocating with the WCCP packets as i get the UDP 2048 packets to and fro between the router and the
squid. Please let me know if we missed out anything.
--------------
203.157.193.81 -- Router with wccp v1 IOS 12.2
--------------
|
|
|
|
-------------------------------------------
| | |
| | |
| | |
203.157.193.82 203.157.193.89 203.157.193.85
(squid) (client) (My system)
Router ip: 203.157.193.81
cache system: 203.157.193.82
Squid version: 2.5stable9
Linux Kernel Version 2.6.5
First used the kernel with ip_gre enabled and compiled
Second time used the ip_wccp patch from squid-cache.org site.
and compiled the kernel with ip_gre and ip_wccp enabled
used
modprobe ip_gre
modprobe ip_wccp
/etc/sysctl.conf
net.ipv4.ip_forward = 1
net.ipv4.conf.default.rp_filter = 0
kernel.sysrq = 0
Executed "sysctl -p"
My system for ssh login: 203.157.193.85
Squid.conf
---------
wccp_version 4
wccp_router 203.157.193.81
http_port 3128
-------------------
In squid machine (203.157.193.82)
iptunnel add gre1 mode gre remote 203.157.193.81 local 203.157.193.82 dev eth0
ifconfig gre1 127.0.0.2 up
iptables -t nat -A PREROUTING -d ! 203.157.193.82 -i gre1 -p tcp --dport 80 -j DNAT --to 203.157.193.82:3128
when i telnet visolve.com from the client system : 203.157.193.86 i get the following output in the tcpdump. but no entries in the
access.log
I have aslo tried REDIRECT instead of DNAT failed.
[root@system root]# tcpdump -i any 'not ( host 203.157.193.82 and port 22 ) and not host 203.193.157.82 and not port syslog and not
port domain and not snmp and not port 3632 and not icmp and not host 204.152.189.116'
tcpdump: WARNING: Promiscuous mode not supported on the "any" device
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on any, link-type LINUX_SLL (Linux cooked), capture size 96 bytes
17:58:03.734727 IP 203.157.193.82.2048 > 203.157.193.81.2048: UDP, length 52
17:58:03.736439 IP 203.157.193.81.2048 > 203.157.193.82.2048: UDP, length 64
17:58:11.026858 IP 203.157.193.81 > 203.157.193.82: gre-proto-0x883e
17:58:11.026858 < 883e 64:
0x0000: 4500 0030 f8e8 4000 7e06 8091 404a b1fe E..0..@.~...@J..
0x0010: 3fc2 5143 0493 0050 56b2 10f8 0000 0000 ?.QC...PV.......
0x0020: 7002 4000 5344 0000 0204 05b4 0101 0402 p.@.SD..........
17:58:14.035493 IP 203.157.193.81 > 203.157.193.82: gre-proto-0x883e
17:58:14.035493 < 883e 64:
0x0000: 4500 0030 f8f5 4000 7e06 8084 404a b1fe E..0..@.~...@J..
0x0010: 3fc2 5143 0493 0050 56b2 10f8 0000 0000 ?.QC...PV.......
0x0020: 7002 4000 5344 0000 0204 05b4 0101 0402 p.@.SD..........
17:58:14.283166 IP 203.157.193.82.2048 > 203.157.193.81.2048: UDP, length 52
17:58:14.285777 IP 203.157.193.81.2048 > 203.157.193.82.2048: UDP, length 64
17:58:20.045910 IP 203.157.193.81 > 203.157.193.82: gre-proto-0x883e
17:58:20.045910 < 883e 64:
0x0000: 4500 0030 f906 4000 7e06 8073 404a b1fe E..0..@.~..s@J..
0x0010: 3fc2 5143 0493 0050 56b2 10f8 0000 0000 ?.QC...PV.......
0x0020: 7002 4000 5344 0000 0204 05b4 0101 0402 p.@.SD..........
17:58:24.747629 IP 203.157.193.82.2048 > 203.157.193.81.2048: UDP, length 52
17:58:24.750637 IP 203.157.193.81.2048 > 203.157.193.82.2048: UDP, length 64
17:58:34.981967 IP 203.157.193.82.2048 > 203.157.193.81.2048: UDP, length 52
17:58:34.985319 IP 203.157.193.81.2048 > 203.157.193.82.2048: UDP, length 64
Let me know if you need more inputs.
Thank You.
Received on Wed Mar 23 2005 - 21:18:59 MST
This archive was generated by hypermail pre-2.1.9 : Fri Apr 01 2005 - 12:00:04 MST