Wednesday, November 3, 2010

Squid Cache proxy with Cisco WCCP

WCCP is a nice protocol to use caching with Cisco, Main reason is you don't have to route traffic through the caching PC. You can keep the caching server as a PC running on the LAN. WCCP will find the caching server and route the web traffic through the caching server. Advantage is If your caching server is down still you will be able to access Internet.

As configuration wise you need to enables WCCP on cisco as following in global configuration mode.

ip wccp version 1
ip wccp web-cache


You need to enable cache redirect on the interface connect with the internet as follows.

ip wccp web-cache redirect out

If the caching server located in the same LAN, do following configuration on LAN interface.
ip route-cache same-interface


In your Squid cache proxy you need to enable wccp.
open /etc/squid/squid.conf file and uncomment wccp_router directive and wccp_version as follows.

wccp_router < IP of the wccp router >
wccp_version 4


Now the squid configuration is done. But If you monitor traffic comes to the squid you may realize its unable to cache the web traffic. This is because WCCP redirect web traffic by GRE encapsulated. There fore you need to enable gre interface just to decrypt and get the encapsulated data.

modprobe ip_gre
ifconfig gre0 up


And assign a IP just to up the interface.

ip addr add 172.16.99.1/30 dev gre0


Then enable IP forwarding and disable rp_filter
echo 1 > /proc/sys/net/ipv4/ip_forward
echo 0 > /proc/sys/net/ipv4/conf/all/rp_filter



Now you need to redirect traffic comes to port 80 into proxy service port.
iptables -t nat -A PREROUTING -i gre0 -p tcp --dport 80 -j REDIRECT --to-port 3128

Now you are Finished configuring wccp with squid box.

To trouble shoot you can use following commands on cisco.

#sh ip wccp

Global WCCP information:
Router information:
Router Identifier: 172.16.1.1
Protocol Version: 1.0

Service Identifier: web-cache
Number of Service Group Clients: 1
Number of Service Group Routers: 1
Total Packets s/w Redirected: 263
Process: 49
Fast: 0
CEF: 263

#sh ip wccp web-cache detail
WCCP Client information:
WCCP Client ID: 172.16.1.2
Protocol Version: 0.4



#sh ip wccp web-cache view

WCCP Clients Visible:
172.16.1.2

3 comments:

  1. http://www.mytricks.in/2011/08/redirect-http-traffic-from-cisco.html

    ReplyDelete
  2. This is really informative and simple...
    Thanks mate!!

    ReplyDelete
  3. At whatever point you write a URL, a few data including your ip address, program sort and so on will be sent to the server.proxy server mexico

    ReplyDelete