Wednesday, November 3, 2010

Squid Cache proxy with Cisco WCCP

WCCP is a nice protocol to use caching with Cisco, Main reason is you don't have to route traffic through the caching PC. You can keep the caching server as a PC running on the LAN. WCCP will find the caching server and route the web traffic through the caching server. Advantage is If your caching server is down still you will be able to access Internet.

As configuration wise you need to enables WCCP on cisco as following in global configuration mode.

ip wccp version 1
ip wccp web-cache

You need to enable cache redirect on the interface connect with the internet as follows.

ip wccp web-cache redirect out

If the caching server located in the same LAN, do following configuration on LAN interface.
ip route-cache same-interface

In your Squid cache proxy you need to enable wccp.
open /etc/squid/squid.conf file and uncomment wccp_router directive and wccp_version as follows.

wccp_router < IP of the wccp router >
wccp_version 4

Now the squid configuration is done. But If you monitor traffic comes to the squid you may realize its unable to cache the web traffic. This is because WCCP redirect web traffic by GRE encapsulated. There fore you need to enable gre interface just to decrypt and get the encapsulated data.

modprobe ip_gre
ifconfig gre0 up

And assign a IP just to up the interface.

ip addr add dev gre0

Then enable IP forwarding and disable rp_filter
echo 1 > /proc/sys/net/ipv4/ip_forward
echo 0 > /proc/sys/net/ipv4/conf/all/rp_filter

Now you need to redirect traffic comes to port 80 into proxy service port.
iptables -t nat -A PREROUTING -i gre0 -p tcp --dport 80 -j REDIRECT --to-port 3128

Now you are Finished configuring wccp with squid box.

To trouble shoot you can use following commands on cisco.

#sh ip wccp

Global WCCP information:
Router information:
Router Identifier:
Protocol Version: 1.0

Service Identifier: web-cache
Number of Service Group Clients: 1
Number of Service Group Routers: 1
Total Packets s/w Redirected: 263
Process: 49
Fast: 0
CEF: 263

#sh ip wccp web-cache detail
WCCP Client information:
WCCP Client ID:
Protocol Version: 0.4

#sh ip wccp web-cache view

WCCP Clients Visible:



  2. This is really informative and simple...
    Thanks mate!!

  3. At whatever point you write a URL, a few data including your ip address, program sort and so on will be sent to the server.proxy server mexico

  4. This comment has been removed by the author.

  5. In a Windows working framework,In a Windows working framework, tap on hurried to go to the DOS charge box and sort the word ping took after by your VPN's IP address and hit the enter catch. tap on hurried to go to the DOS charge box and sort the word ping took after by your VPN's IP address and hit the enter catch.

  6. HI there
    nice article

  7. Experiencing difficulty interfacing with the Internet at home attempt these means previously calling for help.
    avast vpn logging

  8. he has long years of working experiences in IT. For complete article please visit the best wireless router IP

  9. Aside from this you likewise have the choice of introducing custom firewalls for higher wellbeing. You can design principles to channel the approaching traffic to avoid any assault on your virtual server. instant