I have looked through the faq, and poured through a large number of
the archived mailing lists posts relating to this. I can't seem to
get WCCPv1+ipchains to work. The cacher works properly when the
client is configured manually for proxy.
Cacher:
squid 2.3STABLE3 + hno20000522 patchs
Linux 2.2.16
Debian Potato
ip_gre.c patch from Jan Haluza.
Output from ipchains -L:
pticache-1:/var/log# ipchains -L
Chain input (policy ACCEPT):
target prot opt source destination
ports
REDIRECT tcp ----l- 172.17.29.12 anywhere any -> www => 3128
Chain forward (policy ACCEPT):
Chain output (policy ACCEPT):
Output from iptunnel show:
pticache-1:/var/log# iptunnel show
gre0: gre/ip remote any local any ttl inherit nopmtudisc
gre1: gre/ip remote 172.17.17.1 local 172.17.18.53 dev eth0 ttl inherit
Output from ifconfig:
pticache-1:/var/log# ifconfig
eth0 Link encap:Ethernet HWaddr 00:E0:18:A8:C9:8E
inet addr:172.17.18.53 Bcast:172.17.32.255
Mask:255.255.240.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:23751 errors:0 dropped:0 overruns:0 frame:1
TX packets:13154 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
Interrupt:10
gre1 Link encap:UNSPEC HWaddr
AC-11-12-35-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:127.0.0.2 P-t-P:127.0.0.2 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MTU:1476 Metric:1
RX packets:16 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:3924 Metric:1
RX packets:7562 errors:0 dropped:0 overruns:0 frame:0
TX packets:7562 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
Router:
Cisco 3640
IOS 12.0.7T
Output from show ip wccp:
pti3640-1#show ip wccp
Global WCCP information:
Router information:
Router Identifier: 172.18.0.13
Protocol Version: 1.0
Service Identifier: web-cache
Number of Cache Engines: 1
Number of routers: 1
Total Packets Redirected: 4
Redirect access-list: 11
Total Packets Denied Redirect: 733
Total Packets Unassigned: 0
Group access-list: 10
Total Messages Denied to Group: 0
Total Authentication failures: 0
Output from show ip access-lists:
pti3640-1#show ip access-lists
Standard IP access list 10
permit 172.17.18.53
Standard IP access list 11
permit 172.17.29.12
During testing I am only redirecting a single IP address to the
cacher, which is 172.17.29.12. The cacher's IP is 172.17.18.52. The
routers IP address is 172.17.17.1.
When from the redirected client I request a document from the web, the
ipchains logging I turned on show that it is getting to the caching
box. And I believe getting redirected.
Logging messages:
Jun 14 16:37:31 pticache-1 kernel: Packet log: input REDIRECT 3128
gre1 PROTO=6 172.17.29.12:1210 207.46.130.161:80 L=44 S=0x00 I=29155
F=0x4000 T=127 SYN (#1)
Jun 14 16:37:38 pticache-1 kernel: Packet log: input REDIRECT 3128
gre1 PROTO=6 172.17.29.12:1210 207.46.130.161:80 L=44 S=0x00 I=29411
F=0x4000 T=127 SYN (#1)
Jun 14 16:37:51 pticache-1 kernel: Packet log: input REDIRECT 3128
gre1 PROTO=6 172.17.29.12:1210 207.46.130.161:80 L=44 S=0x00 I=29667
F=0x4000 T=127 SYN (#1)
I have followed the instructions in the FAQ and turned on the
requisite httpd_accel_* commands.
With Linux Kernel 2.2.16 there is, I believe, no longer a
CONFIG_IP_ALWAYS_DEFRAG statement. But I believe this would hold me
up before any packets got redirected (as is shown in the log).
Can anyone point me in a new direction to get this working?
--
William R. Thomas
PowerUser Technologies Email: wthomas@poweruser.com
Phone: 847-215-3300 ext 1105 Fax: 847-215-3318
*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*
You cannot simultaneously prevent and prepare for war.
-Albert Einstein
Received on Wed Jun 14 2000 - 15:53:01 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:54:02 MST