Re: [squid-users] WCCP issue

From: Awie <[email protected]>
Date: Fri, 12 Sep 2003 20:56:23 +0800

The situation change so fast as I tried some possibilities. After I change
the WCCP version in the squid.conf to be 4. The router captured a correct
things as below:

dpr-gtw-01#sh ip w w d
WCCP Cache-Engine information:
        IP Address: my.squid.ip.addr
        Protocol Version: 0.4
        State: Usable
        Initial Hash Info: 00000000000000000000000000000000
                               00000000000000000000000000000000
        Assigned Hash Info: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
                               FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
        Hash Allotment: 256 (100.00%)
        Packets Redirected: 0
        Connect Time: 00:01:37

It seems becoming better than before (compare to my last email). I also
disabled the CEF at the interface that has ip wccp command.
However, the packet still was not redirected

Thx & Rgds,

Awie

----- Original Message -----
From: "Masood Ahmad Shah" <masood@ipsec.fibre.net.pk>
To: "Awie" <awie@eksadata.com>; "Squid-users" <squid-users@squid-cache.org>
Sent: Friday, September 12, 2003 5:26 PM
Subject: Re: [squid-users] WCCP issue

> Awie,
>
> Better to change IOS as you was running before. There must be something
> wrong with IOS or WCCP module. If wccp module is working f9 then better to
> change IOS.
>
> --
>
> Best Regs,
> Masood Ahmad Shah
> System Administrator
>
> ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^
> | * * * * * * * * * * * * * * * * * * * * * * * *
> | Fibre Net (Pvt) Ltd. Lahore, Pakistan
> | Tel: +92-42-6677024
> | Mobile: +92-300-4277367
> | http://www.fibre.net.pk
> | * * * * * * * * * * * * * * * * * * * * * * * *
> ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^
> Unix is very simple, but it takes a genius to understand the simplicity.
> (Dennis Ritchie)
>
> ----- Original Message -----
> From: "Awie" <awie@eksadata.com>
> To: "Masood Ahmad Shah" <masood@ipsec.fibre.net.pk>; "Squid-users"
> <squid-users@squid-cache.org>
> Sent: Friday, September 12, 2003 1:55 PM
> Subject: Re: [squid-users] WCCP issue
>
>
> | Masood,
> |
> | Seems the problem because of CEF issue. My router has IOS version
> 12.1.(3)T
> | that pretty old (as my friend at Cisco said), perhaps having problem
with
> IP
> | GRE as stated in the FAQ below:
> |
> | *******************************************
> |
> | IOS 12.x problems
> | Some people report problems with WCCP and IOS 12.x. They see truncated
or
> | fragmented GRE packets arriving at the cache. Apparently it works if you
> | disable Cisco Express Forwarding for the interface:
> |
> | conf t
> | ip cef # some systems may already have 'ip cef global'
> | int Ethernet 0/0 (or int FastEthernet 0/0 or other internal
> interface)
> | no ip route-cache cef
> | CTRL Z
> |
> | This may well be fixed in later releases of IOS.
> |
> | *******************************************
> |
> | Now, I use route map instead WCCP and run normally, but I still want to
> use
> | WCCP. As it is save and better than route map.
> |
> | Your advise please.
> |
> | Thx & Rgds,
> |
> | Awie
> |
> | ----- Original Message -----
> | From: "Masood Ahmad Shah" <masood@ipsec.fibre.net.pk>
> | To: "Awie" <awie@eksadata.com>; "Squid-users"
> <squid-users@squid-cache.org>
> | Sent: Friday, September 12, 2003 1:33 PM
> | Subject: Re: [squid-users] WCCP issue
> |
> |
> | > no by default squid enable wccp ... so no need to compile with wccp
> | support.
> | > if you want to disable wccp then you can put --disable-wccp.
> | > There is some buggy IOS in cisco they did not redirect traffic or did
> not
> | > allot hash code. so better to change your IOS on cisco router.
> | > if it does not solve porblem then better to check wccp module....
> | > lsmod | grep wccp
> | >
> | >
> | > onthing more make sure you have ip wccp redirect out on your router
> border
> | > interface
> | >
> | > --
> | >
> | > Best Regs,
> | > Masood Ahmad Shah
> | > System Administrator
> | >
> | > ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^
> | > | * * * * * * * * * * * * * * * * * * * * * * * *
> | > | Fibre Net (Pvt) Ltd. Lahore, Pakistan
> | > | Tel: +92-42-6677024
> | > | Mobile: +92-300-4277367
> | > | http://www.fibre.net.pk
> | > | * * * * * * * * * * * * * * * * * * * * * * * *
> | > ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^
> | > Unix is very simple, but it takes a genius to understand the
simplicity.
> | > (Dennis Ritchie)
> | >
> | > ----- Original Message -----
> | > From: "Awie" <awie@eksadata.com>
> | > To: "Masood Ahmad Shah" <masood@ipsec.fibre.net.pk>; "Squid-users"
> | > <squid-users@squid-cache.org>
> | > Sent: Friday, September 12, 2003 9:11 AM
> | > Subject: Re: [squid-users] WCCP issue
> | >
> | >
> | > | After I clear WCCP statistic, I found a strange condition as below:
> | > |
> | > | dpr-gtw-01#sh ip wccp
> | > | Global WCCP information:
> | > | Router information:
> | > | Router Identifier: my.router.ip.adrr
> | > | Protocol Version: 1.0
> | > |
> | > | Service Identifier: web-cache
> | > | Number of Cache Engines: 1
> | > | Number of routers: 1
> | > | Total Packets Redirected: 0
> | > | Redirect access-list: redirect-to-squid
> | > | Total Packets Denied Redirect: 0
> | > | Total Packets Unassigned: 4578
> | > | Group access-list: squid-cache
> | > | Total Messages Denied to Group: 0
> | > | Total Authentication failures: 0
> | > |
> | > | dpr-gtw-01#sh ip wccp web-cache detail
> | > | WCCP Cache-Engine information:
> | > | IP Address: aaa.aaa.aaa.aaa
> | > | Protocol Version: 0.3
> | > | State: Usable
> | > | Initial Hash Info: 00000000000000000000000000000000
> | > | 00000000000000000000000000000000
> | > | Assigned Hash Info: 00000000000000000000000000000000
> | > | 00000000000000000000000000000000
> | > | Hash Allotment: 0 (0.00%)
> | > | Packets Redirected: 0
> | > | Connect Time: 00:08:25
> | > |
> | > | dpr-gtw-01#sh ip wccp web-cache detail
> | > | WCCP Cache-Engine information:
> | > | IP Address: aaa.aaa.aaa.aaa
> | > | Protocol Version: 0.3
> | > | State: Usable
> | > | Initial Hash Info: 00000000000000000000000000000000
> | > | 00000000000000000000000000000000
> | > | Assigned Hash Info: 00000000000000000000000000000000
> | > | 00000000000000000000000000000000
> | > | Hash Allotment: 0 (0.00%)
> | > | Packets Redirected: 0
> | > | Connect Time: 00:08:30
> | > |
> | > | dpr-gtw-01#sh ip wccp web-cache detail
> | > | WCCP Cache-Engine information:
> | > | IP Address: aaa.aaa.aaa.aaa
> | > | Protocol Version: 0.3
> | > | State: Usable
> | > | Initial Hash Info: 00000000000000000000000000000000
> | > | 00000000000000000000000000000000
> | > | Assigned Hash Info: 00000000000000000000000000000000
> | > | 00000000000000000000000000000000
> | > | Hash Allotment: 0 (0.00%)
> | > | Packets Redirected: 0
> | > | Connect Time: 00:08:30
> | > |
> | > | There are only Unassigned Packets displayed and the HASH Allotment
is
> 0.
> | I
> | > | suspect it is because of Linux / Squid issue instead Cisco IOS.
> | > |
> | > | I configured the Squid without any parameter. Should I use
> | > the --enable-wccp
> | > | parameters?
> | > |
> | > | Thx & Rgds,
> | > |
> | > | Awie
> | > |
> | > | ----- Original Message -----
> | > | From: "Awie" <awie@eksadata.com>
> | > | To: "Masood Ahmad Shah" <masood@ipsec.fibre.net.pk>; "Squid-users"
> | > | <squid-users@squid-cache.org>
> | > | Sent: Thursday, September 11, 2003 11:24 PM
> | > | Subject: Re: [squid-users] WCCP issue
> | > |
> | > |
> | > | > Masood,
> | > | >
> | > | > Do you mean I can remove the both standard and extend access-list?
> | Would
> | > | you
> | > | > give me the IOS sample?
> | > | >
> | > | > I used the same IOS command as my last succesfull setting that
using
> | > both
> | > | > access-list.
> | > | >
> | > | > Thx & Rgds,
> | > | >
> | > | > Awie
> | > | >
> | > | > ----- Original Message -----
> | > | > From: "Masood Ahmad Shah" <masood@ipsec.fibre.net.pk>
> | > | > To: "Awie" <awie@eksadata.com>; "Squid-users"
> | > | <squid-users@squid-cache.org>
> | > | > Sent: Thursday, September 11, 2003 9:18 PM
> | > | > Subject: Re: [squid-users] WCCP issue
> | > | >
> | > | >
> | > | > > if you are using wccp then no need to deny Squid box ip in
> | > | > redirect-to-squid
> | > | > > access list. becoz cisco router does not route wccp cache to
> traffic
> | > to
> | > | > wccp
> | > | > > cache.
> | > | > >
> | > | > > --
> | > | > >
> | > | > > Best Regs,
> | > | > > Masood Ahmad Shah
> | > | > > System Administrator
> | > | > >
> | > | > > ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^
> | > | > > | * * * * * * * * * * * * * * * * * * * * * * * *
> | > | > > | Fibre Net (Pvt) Ltd. Lahore, Pakistan
> | > | > > | Tel: +92-42-6677024
> | > | > > | Mobile: +92-300-4277367
> | > | > > | http://www.fibre.net.pk
> | > | > > | * * * * * * * * * * * * * * * * * * * * * * * *
> | > | > > ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^
> | > | > > Unix is very simple, but it takes a genius to understand the
> | > simplicity.
> | > | > > (Dennis Ritchie)
> | > | > >
> | > | > > ----- Original Message -----
> | > | > > From: "Awie" <awie@eksadata.com>
> | > | > > To: "Squid-users" <squid-users@squid-cache.org>
> | > | > > Sent: Thursday, September 11, 2003 5:43 PM
> | > | > > Subject: [squid-users] WCCP issue
> | > | > >
> | > | > >
> | > | > > | All,
> | > | > > |
> | > | > > | I was succesfull to run WCCP with my old box (Linux 2.2.19 and
> | Squid
> | > | > > 2.3.S4)
> | > | > > | using WCCP patch of Joe Copper.
> | > | > > |
> | > | > > | Now, I use new version of Linux 2.4.21 and Squid 2.4S7 and
Cisco
> | > 3660
> | > | > with
> | > | > > | IOS 12.1. The router did not work well to redirect the
packets.
> | > Below
> | > | > the
> | > | > > | messages in Linux box and Cisco Router as well.
> | > | > > |
> | > | > > |
> | > | > > | # lsmod
> | > | > > |
> | > | > > | Module Size Used by Not Tainted
> | > | > > | ipt_REDIRECT 1408 1 (autoclean)
> | > | > > | ip_wccp 1456 0 (unused)
> | > | > > |
> | > | > > |
> | > | > > | dpr-gtw-01#sh ip wccp
> | > | > > | Global WCCP information:
> | > | > > | Router information:
> | > | > > | Router Identifier: aaa.aaa.aaa.aaa
> | > | > > | Protocol Version: 1.0
> | > | > > |
> | > | > > | Service Identifier: web-cache
> | > | > > | Number of Cache Engines: 1
> | > | > > | Number of routers: 1
> | > | > > | Total Packets Redirected: 14159
> | > | > > | Redirect access-list: redirect-to-squid
> | > | > > | Total Packets Denied Redirect: 17336
> | > | > > | Total Packets Unassigned: 222478
> | > | > > | Group access-list: squid-cache
> | > | > > | Total Messages Denied to Group: 0
> | > | > > | Total Authentication failures: 0
> | > | > > |
> | > | > > | Herewith IOS setting :
> | > | > > |
> | > | > > | !
> | > | > > | ip wccp version 1
> | > | > > | ip wccp web-cache redirect-list redirect-to-squid group-list
> | > | squid-cache
> | > | > > | !
> | > | > > | !
> | > | > > | interface Serial1/0
> | > | > > | Bla..bla...bla.....
> | > | > > | ip wccp web-cache redirect out
> | > | > > | !
> | > | > > | interface Serial1/1
> | > | > > | Bla..bla...bla.....
> | > | > > | ip wccp web-cache redirect out
> | > | > > | !
> | > | > > | !
> | > | > > | ip access-list standard squid-cache
> | > | > > | permit ip.of.my.Squid
> | > | > > | !
> | > | > > | ip access-list extended redirect-to-squid
> | > | > > | deny tcp host ip.of.my.squid any eq www
> | > | > > | permit ip my.subnet.block.list any
> | > | > > | deny tcp any any eq www
> | > | > > | !
> | > | > > | !
> | > | > > | !
> | > | > > |
> | > | > > | FYI, I have 2 Internet links that attached to both serial of
> | router.
> | > | > > |
> | > | > > | Why did the router display lines below?
> | > | > > | What does the packet unassigned mean? Is it any non-HTTP
packet?
> | > | > > |
> | > | > > | Total Packets Denied Redirect: 17336
> | > | > > | Total Packets Unassigned: 222478
> | > | > > |
> | > | > > | Your answer is very appreciated and waited for.
> | > | > > |
> | > | > > | Thx & Rgds,
> | > | > > |
> | > | > > | Awie
> | > | > > |
> | > | > > |
> | > | > > |
> | > | > > |
> | > | > >
> | > | >
> | > |
> | > |
> | > |
> | >
> |
> |
> |
> |
> |
>
Received on Fri Sep 12 2003 - 07:39:11 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:19:42 MST