[squid-users] Service Lost issues using WCCP v2

From: Arnaud Loonstra <[email protected]>
Date: Tue, 17 Jul 2007 17:14:59 +0200

Hi,

I've recently started testing a setup using WCCP v2 on Cisco routers
with squid. It's working but not very reliable. I'm experiencing
constant repeating service lost issue's:

*Jul 17 14:18:49.926: %WCCP-1-SERVICELOST: Service web-cache lost on
WCCP client 10.1.250.10
*Jul 17 14:18:59.930: %WCCP-5-SERVICEFOUND: Service web-cache acquired
on WCCP client 10.1.250.10
*Jul 17 14:20:09.934: %WCCP-1-SERVICELOST: Service web-cache lost on
WCCP client 10.1.250.10
*Jul 17 14:20:19.938: %WCCP-5-SERVICEFOUND: Service web-cache acquired
on WCCP client 10.1.250.10
*Jul 17 14:21:19.938: %WCCP-1-SERVICELOST: Service web-cache lost on
WCCP client 10.1.250.10
*Jul 17 14:21:29.938: %WCCP-5-SERVICEFOUND: Service web-cache acquired
on WCCP client 10.1.250.10

Squid doesn't complain only the cisco does. The service is lost for 10
seconds and then continues. Am I missing something? Any guidance would
be appreciated.

Rg,

Arnaud Loonstra

--- The setup:

I'm running the Debian Etch supplied version of squid.

I've setup my network as follows:

auto eth0
iface eth0 inet static
        address 10.1.250.10
        netmask 255.255.254.0
        up ip route add 10.0.0.0/8 via 10.1.250.1
        up ip route add 192.168.0.0/16 via 10.1.250.1
        down ip route add 10.0.0.0/8 via 10.1.250.1
        up ip tunnel add wccp0 mode gre remote 192.168.0.6 local
10.1.250.10 dev eth0
        up ip addr add 10.1.250.10/32 dev wccp0
        up ip link set wccp0 up

I've configured squid using a sample config from:
http://wiki.squid-cache.org/ConfigExamples/NatAndWccp2

It comes down to this:
wccp2_service standard 0
wccp2_router 192.168.0.6

On the Cisco side I've configure the following:
Cisco IOS Software, 2800 Software (C2800NM-ADVSECURITYK9-M), Version
12.4(7a), RELEASE SOFTWARE (fc3)

ip wccp web-cache redirect-list 150

interface GigabitEthernet0/0.252
 encapsulation dot1Q 252
 ip address 10.6.252.1 255.255.254.0
 ip access-group 2252 in
 ip access-group 2253 out
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip wccp web-cache redirect in
 ip nat inside
 ip virtual-reassembly
 no snmp trap link-status
end

access-list 150 deny ip 10.0.252.0 0.255.1.255 10.0.0.0 0.255.255.255
access-list 150 deny ip 10.0.252.0 0.255.1.255 172.16.0.0 0.15.255.255
access-list 150 deny ip 10.0.252.0 0.255.1.255 192.168.0.0 0.0.255.255
access-list 150 permit ip 10.0.252.0 0.255.1.255 any

I've tried disabling ip cef and ip inspect but no difference.

Amarantis Onderwijsgroep is de concernorganisatie van ISA-scholen en ROC ASA
Received on Tue Jul 17 2007 - 09:15:18 MDT

This archive was generated by hypermail pre-2.1.9 : Wed Aug 01 2007 - 12:00:03 MDT