Hey,
I use redirect as opposed to dnat:
/sbin/iptables -t nat -A PREROUTING -i gre0 -p tcp -m tcp --dport 80 -j
REDIRECT --to-ports 3128
Thanks,
Bryan
-----Original Message-----
From: arabinda [mailto:arabinda@pbn.net.np]
Sent: March 15, 2006 6:12 AM
To: 'Daniel EPEE LEA'; squid-users@squid-cache.org
Subject: RE: [squid-users] Transparent caching problem
Hello Daniel Epee Lea,
Regarding:
2- for ip tables -A PREROUTING -s My_Network/20 -d !
My_Network/20
- i gre0 -p tcp -m tcp --dport 80 -j DNAT --to-destination
my_cache_server_IP:3128
If the http traffic is very high, is it possible that DNAT can be a
bottle
neck? Coz I have tried something like this and I could not find any
performance improvement by using proxy. Rather the performance degraded.
May
be something in squid configuration is wrong.
Please suggest. Thanks.
Regards
Devel.
-----Original Message-----
From: Daniel EPEE LEA [mailto:epeelea@gmail.com]
Sent: Wednesday, March 15, 2006 1:11 PM
To: Ryan Sumida
Cc: Kamel A. Baba; squid-users@squid-cache.org
Subject: Re: [squid-users] Transparent caching problem
Kamel,
I used
1- For gre tunned, after loading ip_gre module at startup, I have
this gre interface.
You can copie it exactly the IP address in there doesn't matter.
[root@cachedla network-scripts]# cat ifcfg-gre0
DEVICE=gre0
BOOTPROTO=static
IPADDR=172.16.1.6
NETMASK=255.255.255.252
ONBOOT=yes
IPV6INIT=no
and
2- for ip tables
-A PREROUTING -s My_Network/20 -d ! My_Network/20 -i gre0 -p tcp -m
tcp --dport 80 -j DNAT --to-destination my_cache_server_IP:3128
This is where I was mistaken, after doing this it worked!!
3- Make sure your /etc/sysctl.conf is allright too
# Controls IP packet forwarding
net.ipv4.ip_forward = 1
# Controls source route verification
net.ipv4.conf.default.rp_filter = 0
For more details on IP tables and GRE, please check these links ;)
http://www.reub.net/node/3
http://www.squid-cache.org/mail-archive/squid-users/200510/0027.html
Hope this helps,
-- -------------------------- Daniel Epee Lea -- No virus found in this incoming message. Checked by AVG Free Edition. Version: 7.1.385 / Virus Database: 268.2.3/281 - Release Date: 3/14/2006 -- No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.1.385 / Virus Database: 268.2.3/281 - Release Date: 3/14/2006Received on Wed Mar 15 2006 - 06:12:48 MST
This archive was generated by hypermail pre-2.1.9 : Sat Apr 01 2006 - 12:00:04 MST