Re: [squid-users] WCCP issue

From: Awie <[email protected]>
Date: Fri, 12 Sep 2003 16:55:48 +0800

Masood,

Seems the problem because of CEF issue. My router has IOS version 12.1.(3)T
that pretty old (as my friend at Cisco said), perhaps having problem with IP
GRE as stated in the FAQ below:

*******************************************

IOS 12.x problems
Some people report problems with WCCP and IOS 12.x. They see truncated or
fragmented GRE packets arriving at the cache. Apparently it works if you
disable Cisco Express Forwarding for the interface:

conf t
ip cef # some systems may already have 'ip cef global'
int Ethernet 0/0 (or int FastEthernet 0/0 or other internal interface)
no ip route-cache cef
CTRL Z

This may well be fixed in later releases of IOS.

*******************************************

Now, I use route map instead WCCP and run normally, but I still want to use
WCCP. As it is save and better than route map.

Your advise please.

Thx & Rgds,

Awie

----- Original Message -----
From: "Masood Ahmad Shah" <masood@ipsec.fibre.net.pk>
To: "Awie" <awie@eksadata.com>; "Squid-users" <squid-users@squid-cache.org>
Sent: Friday, September 12, 2003 1:33 PM
Subject: Re: [squid-users] WCCP issue

> no by default squid enable wccp ... so no need to compile with wccp
support.
> if you want to disable wccp then you can put --disable-wccp.
> There is some buggy IOS in cisco they did not redirect traffic or did not
> allot hash code. so better to change your IOS on cisco router.
> if it does not solve porblem then better to check wccp module....
> lsmod | grep wccp
>
>
> onthing more make sure you have ip wccp redirect out on your router border
> interface
>
> --
>
> Best Regs,
> Masood Ahmad Shah
> System Administrator
>
> ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^
> | * * * * * * * * * * * * * * * * * * * * * * * *
> | Fibre Net (Pvt) Ltd. Lahore, Pakistan
> | Tel: +92-42-6677024
> | Mobile: +92-300-4277367
> | http://www.fibre.net.pk
> | * * * * * * * * * * * * * * * * * * * * * * * *
> ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^
> Unix is very simple, but it takes a genius to understand the simplicity.
> (Dennis Ritchie)
>
> ----- Original Message -----
> From: "Awie" <awie@eksadata.com>
> To: "Masood Ahmad Shah" <masood@ipsec.fibre.net.pk>; "Squid-users"
> <squid-users@squid-cache.org>
> Sent: Friday, September 12, 2003 9:11 AM
> Subject: Re: [squid-users] WCCP issue
>
>
> | After I clear WCCP statistic, I found a strange condition as below:
> |
> | dpr-gtw-01#sh ip wccp
> | Global WCCP information:
> | Router information:
> | Router Identifier: my.router.ip.adrr
> | Protocol Version: 1.0
> |
> | Service Identifier: web-cache
> | Number of Cache Engines: 1
> | Number of routers: 1
> | Total Packets Redirected: 0
> | Redirect access-list: redirect-to-squid
> | Total Packets Denied Redirect: 0
> | Total Packets Unassigned: 4578
> | Group access-list: squid-cache
> | Total Messages Denied to Group: 0
> | Total Authentication failures: 0
> |
> | dpr-gtw-01#sh ip wccp web-cache detail
> | WCCP Cache-Engine information:
> | IP Address: aaa.aaa.aaa.aaa
> | Protocol Version: 0.3
> | State: Usable
> | Initial Hash Info: 00000000000000000000000000000000
> | 00000000000000000000000000000000
> | Assigned Hash Info: 00000000000000000000000000000000
> | 00000000000000000000000000000000
> | Hash Allotment: 0 (0.00%)
> | Packets Redirected: 0
> | Connect Time: 00:08:25
> |
> | dpr-gtw-01#sh ip wccp web-cache detail
> | WCCP Cache-Engine information:
> | IP Address: aaa.aaa.aaa.aaa
> | Protocol Version: 0.3
> | State: Usable
> | Initial Hash Info: 00000000000000000000000000000000
> | 00000000000000000000000000000000
> | Assigned Hash Info: 00000000000000000000000000000000
> | 00000000000000000000000000000000
> | Hash Allotment: 0 (0.00%)
> | Packets Redirected: 0
> | Connect Time: 00:08:30
> |
> | dpr-gtw-01#sh ip wccp web-cache detail
> | WCCP Cache-Engine information:
> | IP Address: aaa.aaa.aaa.aaa
> | Protocol Version: 0.3
> | State: Usable
> | Initial Hash Info: 00000000000000000000000000000000
> | 00000000000000000000000000000000
> | Assigned Hash Info: 00000000000000000000000000000000
> | 00000000000000000000000000000000
> | Hash Allotment: 0 (0.00%)
> | Packets Redirected: 0
> | Connect Time: 00:08:30
> |
> | There are only Unassigned Packets displayed and the HASH Allotment is 0.
I
> | suspect it is because of Linux / Squid issue instead Cisco IOS.
> |
> | I configured the Squid without any parameter. Should I use
> the --enable-wccp
> | parameters?
> |
> | Thx & Rgds,
> |
> | Awie
> |
> | ----- Original Message -----
> | From: "Awie" <awie@eksadata.com>
> | To: "Masood Ahmad Shah" <masood@ipsec.fibre.net.pk>; "Squid-users"
> | <squid-users@squid-cache.org>
> | Sent: Thursday, September 11, 2003 11:24 PM
> | Subject: Re: [squid-users] WCCP issue
> |
> |
> | > Masood,
> | >
> | > Do you mean I can remove the both standard and extend access-list?
Would
> | you
> | > give me the IOS sample?
> | >
> | > I used the same IOS command as my last succesfull setting that using
> both
> | > access-list.
> | >
> | > Thx & Rgds,
> | >
> | > Awie
> | >
> | > ----- Original Message -----
> | > From: "Masood Ahmad Shah" <masood@ipsec.fibre.net.pk>
> | > To: "Awie" <awie@eksadata.com>; "Squid-users"
> | <squid-users@squid-cache.org>
> | > Sent: Thursday, September 11, 2003 9:18 PM
> | > Subject: Re: [squid-users] WCCP issue
> | >
> | >
> | > > if you are using wccp then no need to deny Squid box ip in
> | > redirect-to-squid
> | > > access list. becoz cisco router does not route wccp cache to traffic
> to
> | > wccp
> | > > cache.
> | > >
> | > > --
> | > >
> | > > Best Regs,
> | > > Masood Ahmad Shah
> | > > System Administrator
> | > >
> | > > ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^
> | > > | * * * * * * * * * * * * * * * * * * * * * * * *
> | > > | Fibre Net (Pvt) Ltd. Lahore, Pakistan
> | > > | Tel: +92-42-6677024
> | > > | Mobile: +92-300-4277367
> | > > | http://www.fibre.net.pk
> | > > | * * * * * * * * * * * * * * * * * * * * * * * *
> | > > ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^
> | > > Unix is very simple, but it takes a genius to understand the
> simplicity.
> | > > (Dennis Ritchie)
> | > >
> | > > ----- Original Message -----
> | > > From: "Awie" <awie@eksadata.com>
> | > > To: "Squid-users" <squid-users@squid-cache.org>
> | > > Sent: Thursday, September 11, 2003 5:43 PM
> | > > Subject: [squid-users] WCCP issue
> | > >
> | > >
> | > > | All,
> | > > |
> | > > | I was succesfull to run WCCP with my old box (Linux 2.2.19 and
Squid
> | > > 2.3.S4)
> | > > | using WCCP patch of Joe Copper.
> | > > |
> | > > | Now, I use new version of Linux 2.4.21 and Squid 2.4S7 and Cisco
> 3660
> | > with
> | > > | IOS 12.1. The router did not work well to redirect the packets.
> Below
> | > the
> | > > | messages in Linux box and Cisco Router as well.
> | > > |
> | > > |
> | > > | # lsmod
> | > > |
> | > > | Module Size Used by Not Tainted
> | > > | ipt_REDIRECT 1408 1 (autoclean)
> | > > | ip_wccp 1456 0 (unused)
> | > > |
> | > > |
> | > > | dpr-gtw-01#sh ip wccp
> | > > | Global WCCP information:
> | > > | Router information:
> | > > | Router Identifier: aaa.aaa.aaa.aaa
> | > > | Protocol Version: 1.0
> | > > |
> | > > | Service Identifier: web-cache
> | > > | Number of Cache Engines: 1
> | > > | Number of routers: 1
> | > > | Total Packets Redirected: 14159
> | > > | Redirect access-list: redirect-to-squid
> | > > | Total Packets Denied Redirect: 17336
> | > > | Total Packets Unassigned: 222478
> | > > | Group access-list: squid-cache
> | > > | Total Messages Denied to Group: 0
> | > > | Total Authentication failures: 0
> | > > |
> | > > | Herewith IOS setting :
> | > > |
> | > > | !
> | > > | ip wccp version 1
> | > > | ip wccp web-cache redirect-list redirect-to-squid group-list
> | squid-cache
> | > > | !
> | > > | !
> | > > | interface Serial1/0
> | > > | Bla..bla...bla.....
> | > > | ip wccp web-cache redirect out
> | > > | !
> | > > | interface Serial1/1
> | > > | Bla..bla...bla.....
> | > > | ip wccp web-cache redirect out
> | > > | !
> | > > | !
> | > > | ip access-list standard squid-cache
> | > > | permit ip.of.my.Squid
> | > > | !
> | > > | ip access-list extended redirect-to-squid
> | > > | deny tcp host ip.of.my.squid any eq www
> | > > | permit ip my.subnet.block.list any
> | > > | deny tcp any any eq www
> | > > | !
> | > > | !
> | > > | !
> | > > |
> | > > | FYI, I have 2 Internet links that attached to both serial of
router.
> | > > |
> | > > | Why did the router display lines below?
> | > > | What does the packet unassigned mean? Is it any non-HTTP packet?
> | > > |
> | > > | Total Packets Denied Redirect: 17336
> | > > | Total Packets Unassigned: 222478
> | > > |
> | > > | Your answer is very appreciated and waited for.
> | > > |
> | > > | Thx & Rgds,
> | > > |
> | > > | Awie
> | > > |
> | > > |
> | > > |
> | > > |
> | > >
> | >
> |
> |
> |
>
Received on Fri Sep 12 2003 - 02:56:35 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:19:41 MST