On Fri, 23 Sep 2011 16:49:24 +0530, benjamin fernandis wrote:
> Hi All,
>
> I am trying to deploy squid with existing network for cache gain and
> tproxy feature.I configured squid properly there is no error.I can
> see
> traffic in access.log and iptables tproxy rule but at end users end
> they are getting squid error page with request time out.
>
> What could be the mistake behind this problem.?
>
> Is there anything remaining in squid?
It has recently been brought to my attentino that the rp_filter system
underwent a re-designe in kernel 2.6.32 and what we had in the wiki is
doing the opposite (strict blocking) of what we wanted (loose checks
default, none on the interface). Check your rp_filter values they should
be "2" now where previously we were advising "1", and "0" on the
interface where TPROXY is happening.
>
> reference : http://wiki.squid-cache.org/Features/Tproxy4
>
>
> squid version: 3.1.15
> os : fedora 15
>
>
> Squid in network:
>
> ROUTER ------------> PBR CONFIGURATION ( FOR port 80 traffic
> pass to squid from bandwith shapper , for port 80 traffic pass
> internet to squid)
> |
> |
> SWITCH
> | |
> | | -----SQUID BOX
> |
> BANDWITH
> SHAPPER
> |
> |
> END USERS
>
>
>
> Kindly guide me to solve this abnormal problem.
>
>
> Thanks,
> Benjamin
Received on Sat Sep 24 2011 - 05:33:19 MDT
This archive was generated by hypermail 2.2.0 : Sun Sep 25 2011 - 12:00:02 MDT