Here's what I had to do to get ip_gre to work in kernel 2.4 (which, if I
recall correctly my experiments with ip_gre under 2.2, is a little
different and incompatible with that kernel).
Setup Squid's wccp_router to the router's primary IP (primary is
important, at least for some IOS versions--I don't know which ones).
Configure /no other/ Squid WCCP options.
Load the ip_gre module.
Leave the iptunnel settings for gre0 alone. Every change I made when
experimenting broke something so that it didn't work. This, I'm sure,
is a symptom of my misunderstanding how ip_gre is supposed to work.
Assign ip_gre an IP. The IP can be local (and non-routable) but it must
be reachable by the router. If you can't ping it from the router, then
something is probably broken.
Startup WCCP on the router as usual. Startup Squid.
That did it for me on several machines in a couple of different
environments (including a couple of large ISPs with quite complicated
network infrastructure).
Note that it assumes proper configuration of packet redirection from
gre0 to the Squid port, like so:
/sbin/iptables -t nat -A PREROUTING -d 0/0 -i gre0 -p tcp --dport 80 -j
REDIRECT --to-port 3128
This works without any hassle for me, everytime.
Juergen Hoffmann wrote:
> Hi all,
>
> I have read the FAQ on this and searched the archive on that topic. Found
> several things, tried them, but nothing really did the job.
--
Joe Cooper <joe@swelltech.com>
Affordable Web Caching Proxy Appliances
http://www.swelltech.com
Received on Mon Sep 24 2001 - 01:36:45 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:02:28 MST