Squid2.6/WCCP2/GRE

Andrew Pantyukhin infofarmer at FreeBSD.org
Fri Oct 27 09:20:22 UTC 2006


On 10/27/06, Alan Garfield <alan at fromorbit.com> wrote:
> Hey guys,
>
> I'm hoping someone will have a configuration of the following they can
> share as I'm pulling my hair out here trying to get this to work.

Sure :-)

* squid runs at X.X.5.76
* wccp2 runs at C2800 with multiple addresses, X.X.5.66
  and X.X.78.241 among them
* X.X.5.66 is in the same subnet with squid, so we send
  wccp2 notifications from squid there
* X.X.78.241 gets chosen by IOS as Router Identifier, so
  we have to configure it as the gre tunnel remote endpoint
* 172.X.X.X are deliberately non-existent, they are just
  place holders
===========================
squid.conf:
wccp2_router X.X.5.66
wccp2_address X.X.5.76
===========================
rc.firewall:
ipfw add fwd 127.0.0.1,3128 tcp from any to not me dst-port \
80-82,8080-8083,3128,8007,8022 not uid squid
===========================
rc.conf:
ifconfig_eth0="inet X.X.5.76/27"
ifconfig_gre0="inet 172.10.20.30/32 172.10.20.31 link0 \
link2 tunnel X.X.5.76 X.X.78.241 up"
===========================
br2#sh run | incl wccp
ip wccp web-cache redirect-list guys_to_cache
  ip wccp web-cache redirect out
===========================
br2#sh ip wccp
Global WCCP information:
    Router information:
        Router Identifier:                   X.X.78.241
        Protocol Version:                    2.0
===========================
    Service Identifier: web-cache
        Number of Cache Engines:             1
        Number of routers:                   1
        Total Packets Redirected:            1208456314
        Process:                             559
        Fast:                                0
        CEF:                                 1208455755
        Redirect access-list:                guys_to_cache
        Total Packets Denied Redirect:       65691876
        Total Packets Unassigned:            816778
        Group access-list:                   -none-
        Total Messages Denied to Group:      0
        Total Authentication failures:       0
        Total Bypassed Packets Received:     0
===========================


More information about the freebsd-questions mailing list