[c-nsp] WCCP and gre's

Adrian Chadd adrian at creative.net.au
Sun Feb 10 19:14:06 EST 2008 

http://wiki.squid-cache.org/ConfigExamples/

My Hint: use a loopback address on the router, that seems to nail the GRE
endpoint to a fixed iP address rather than having it float depending on your
interface IPs.

(I keep meaning to fix the Squid WCCPv2 implementation to have "hooks"
to tear up/down the GRE based on the routers' negotiated routerid; but I
never quite get the time..)





Adrian

On Sun, Feb 10, 2008, Tuc at T-B-O-H.NET wrote:
> Hi,
> 
> 	Is anyone running WCCP to a Linux Squid?
> 
> 	I've got a 2851 running :
> 
> Cisco IOS Software, 2800 Software (C2800NM-ADVENTERPRISEK9-M), Version 12.4(12), RELEASE SOFTWARE (fc1)
> 
> 	Linux running:
> 
> Linux ports.example.com 2.6.9-42.0.10.EL #1 Tue Feb 27 09:24:42 EST 2007 i686 i686 i386 GNU/Linux
> 
> 	And the latest 2.X squid.
> 
> 	The doco TELLS me to do something like :
> 
> ip tunnel add wccp0 mode gre remote <ROUTER_HIGHEST_IP> local <LOCAL_MACHINE_IP> dev eth0
> ip addr add <LOCAL_MACHINE_IP>/32 dev wccp0
> ip link set wccp0 up
> 
> 	The problem is once I enable "ip wccp web" on the 2851,
> all the GRE packets come over the "eth0" interface, NOT "wccp0".
> 
> 	Truthfully, I don't know how they are in the first place, can I just claim there
> is a gre tunnel to a router and not have to declare it on the router itself? Does WCCP
> just "make" an invisible tunnel?  
> 
> 	In the squid debugging section they do say :
> 
> Run the most recent General Deployment (GD) release of the software train you have on your router or switch. Broken IOS's can also result in broken redirection. A known good version of IOS for routers with no apparent WCCP breakage is 12.3(7)T12. There was extensive damage to WCCP in 12.3(8)T up to and including early 12.4(x) releases. 12.4(8) is known to work fine as long as you are not doing ip firewall inspection on the interface where your cache is located.
> 
> 	Could my 12.4(12) be "broken"?
> 
> 		Thanks, Tuc
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/

-- 
- Xenion - http://www.xenion.com.au/ - VPS Hosting - Commercial Squid Support -
- $25/pm entry-level VPSes w/ capped bandwidth charges available in WA -

More information about the cisco-nsp mailing list