[squid-users] Stuck - Tproxy+WCCPv2 Layer2

From: Errol Neal <eneal@dont-contact.us>
Date: Thu, 14 Sep 2006 14:29:07 -0400

I'm not sure what I'm missing. I have a system on the same subnet as a
6500 switch layer 3 (PFC2/MSFCII) running 12.2.18(SDX). I'm running
squid 2.6 STABLE3

Here is my squid.conf file..

acl QUERY urlpath_regex cgi-bin \?
                 no_cache deny QUERY
cache_mem 48 MB
cache_replacement_policy heap LFUDA
memory_replacement_policy heap LFUDA
maximum_object_size 150096 KB
minimum_object_size 0 KB
access_log /usr/local/squid-2.6/var/logs/access.log
cache_log none
cache_store_log none
half_closed_clients off
cache_swap_high 95
cache_swap_low 90
cache_dir aufs /var/squid/cache1 10000 25 256
cache_dir aufs /var/squid/cache2 10000 25 256
buffered_logs on
http_port 80 tproxy transparent
wccp2_router 172.16.103.1
wccp2_return_method 2
wccp_forwarding_method 2
wccp2_version 4
#wccp2_service standard 0
wccp2_service dynamic 80
wccp2_service_info 80 protocol=tcp flags=src_ip_hash priority=240
ports=80
wccp2_service dynamic 90
wccp2_service_info 90 protocol=tcp flags=dst_ip_hash,ports_source
priority=240 ports=80
acl localnet src 172.16.100.0/255.255.252.0
acl localhost src 127.0.0.1/255.255.255.255
acl CONNECT method CONNECT
acl all src 0.0.0.0/0.0.0.0
http_access allow localnet
http_access allow localhost
http_access deny all

Here is what's relevant for my router/switch.
at6506_13LR#sh run int vlan 1
Building configuration...

Current configuration : 175 bytes
!
interface Vlan1
 ip address 172.16.103.1 255.255.252.0
 ip nat inside
 ip wccp 80 redirect in
 ip wccp 90 redirect out
 ip route-cache same-interface
 priority-group 1
end

<snip>

ip wccp 80 redirect-list 1 group-list 90 accelerated
ip wccp 90 redirect-list 1 group-list 90 accelerated

<snip>

cat6506_13LR#sh access-list 90
Standard IP access list 90
    10 permit 172.16.101.160 (11 matches)
    20 deny any
cat6506_13LR#sh access-list 1
Standard IP access list 1
    10 permit 172.16.101.98 (354 matches)
    20 deny any (5 matches)

I start squid ./squid -d9 and here is the output:

2006/09/14 14:26:27| parseConfigFile: line 21 unrecognized:
'wccp2_version 4'
2006/09/14 14:26:27| parseConfigFile: line 21 unrecognized:
'wccp2_version 4'
2006/09/14 14:26:27| Starting Squid Cache version 2.6.STABLE3 for
i686-pc-linux-gnu...
2006/09/14 14:26:27| Process ID 29091
2006/09/14 14:26:27| With 1024 file descriptors available
2006/09/14 14:26:27| Using epoll for the IO loop
2006/09/14 14:26:27| Performing DNS Tests...
[root@pintlis-ap09 sbin]# 2006/09/14 14:26:27| Successful DNS name
lookup tests...
2006/09/14 14:26:27| DNS Socket created at 0.0.0.0, port 32768, FD 5
2006/09/14 14:26:27| Adding nameserver 172.16.101.105 from
/etc/resolv.conf
2006/09/14 14:26:27| Adding nameserver 172.16.101.139 from
/etc/resolv.conf
2006/09/14 14:26:27| Unlinkd pipe opened on FD 10
2006/09/14 14:26:27| Swap maxSize 20480000 KB, estimated 1575384 objects
2006/09/14 14:26:27| Target number of buckets: 78769
2006/09/14 14:26:27| Using 131072 Store buckets
2006/09/14 14:26:27| Max Mem size: 49152 KB
2006/09/14 14:26:27| Max Swap size: 20480000 KB
2006/09/14 14:26:27| Store logging disabled
2006/09/14 14:26:27| Rebuilding storage in /var/squid/cache1 (DIRTY)
2006/09/14 14:26:27| Rebuilding storage in /var/squid/cache2 (DIRTY)
2006/09/14 14:26:27| Using Least Load store dir selection
2006/09/14 14:26:27| Current Directory is /usr/local/squid-2.6/sbin
2006/09/14 14:26:27| Loaded Icons.
2006/09/14 14:26:27| ALERT: initgroups: unable to set groups for User
nobody and Group 992006/09/14 14:26:27| Accepting transparently proxied
HTTP connections at 0.0.0.0, port 80, FD 15.
2006/09/14 14:26:27| ALERT: initgroups: unable to set groups for User
nobody and Group 992006/09/14 14:26:27| Accepting ICP messages at
0.0.0.0, port 3130, FD 16.
2006/09/14 14:26:27| ALERT: initgroups: unable to set groups for User
nobody and Group 992006/09/14 14:26:27| Accepting SNMP messages on port
3401, FD 17.
2006/09/14 14:26:27| WCCP Disabled.
2006/09/14 14:26:27| Accepting WCCPv2 messages on port 2048, FD 18.
2006/09/14 14:26:27| Initialising all WCCPv2 lists
2006/09/14 14:26:27| ALERT: initgroups: unable to set groups for User
nobody and Group 992006/09/14 14:26:27| Ready to serve requests.
2006/09/14 14:26:27| Done reading /var/squid/cache1 swaplog (0 entries)
2006/09/14 14:26:27| Done reading /var/squid/cache2 swaplog (0 entries)
2006/09/14 14:26:27| Finished rebuilding storage from disk.
2006/09/14 14:26:27| 0 Entries scanned
2006/09/14 14:26:27| 0 Invalid entries.
2006/09/14 14:26:27| 0 With invalid flags.
2006/09/14 14:26:27| 0 Objects loaded.
2006/09/14 14:26:27| 0 Objects expired.
2006/09/14 14:26:27| 0 Objects cancelled.
2006/09/14 14:26:27| 0 Duplicate URLs purged.
2006/09/14 14:26:27| 0 Swapfile clashes avoided.
2006/09/14 14:26:27| Took 0.3 seconds ( 0.0 objects/sec).
2006/09/14 14:26:27| Beginning Validation Procedure
2006/09/14 14:26:27| Completed Validation Procedure
2006/09/14 14:26:27| Validated 0 Entries
2006/09/14 14:26:27| store_swap_size = 0k
2006/09/14 14:26:28| storeLateRelease: released 0 objects
2006/09/14 14:26:28| wccp2HandleUdp: fatal error - A WCCP router has
specified a different assignment method 2, expected 1
2006/09/14 14:26:28| FD 18 Closing WCCP socket

Not sure whats the deal here..
Any help is appreciated.
__________________________________________
Errol Uriel Neal Jr.
Sr. Network Administrator
DFI International, Inc.
1717 Pennsylvania Ave NW, Suite 1300
Washington, DC 20006
Tel (202)452-6955
Fax (202)452-6910
eneal@dfi-intl.com
www.dfi-intl.com
Received on Thu Sep 14 2006 - 12:29:19 MDT

This archive was generated by hypermail pre-2.1.9 : Sun Oct 01 2006 - 12:00:03 MDT