ok,
I finally found out, after running squid in gdb how to turn on the very
detailed debug output.....
So I can confirm, squid does receive all of the handshaking:
2007/02/08 15:19:45| wccp2HereIam: Called
2007/02/08 15:19:45| wccp2HereIam: sending to service id 97
2007/02/08 15:19:45| wccp2_update_md5_security: called
2007/02/08 15:19:45| eventAdd: Adding 'wccp2HereIam', in 10.000000 seconds
2007/02/08 15:19:45| wccp2HandleUdp: Called.
2007/02/08 15:19:45| Incoming WCCPv2 I_SEE_YOU length 148.
2007/02/08 15:19:45| Incoming WCCP2_I_SEE_YOU Received ID old=1016 new=1017.
Now I still have the problem, that I don't get any webtraffic redirected.
Is this message
1d03h: WCCP-EVNT:D97: Here_I_Am packet from 192.168.3.20 w/bad rcv_id 00000000
to blame?
Is it a bad version if IOS? Is anything else wrong?
Thank you!
Regards,
Martin
On Thursday 08 February 2007 14:29, Martin Kobele wrote:
> Hi,
>
> here is more output of the router confirming that the communication is kind
> of working:
>
> router1#debug ip wccp packets
> WCCP packet info debugging is on
> router1#
> 1d02h: WCCP-PKT:D97: Received valid Here_I_Am packet from 192.168.3.20
> w/rcv_id 000002F4 1d02h: WCCP-PKT:D97: Sending I_See_You packet to
> 192.168.3.20 w/ rcv_id 000002F5 1d02h: WCCP-EVNT:D97: Here_I_Am packet from
> 192.168.3.20 w/bad rcv_id 00000000 1d02h: WCCP-PKT:D97: Sending I_See_You
> packet to 192.168.3.20 w/ rcv_id 000002F6 1d02h: WCCP-PKT:D97: Received
> valid Here_I_Am packet from 192.168.3.20 w/rcv_id 000002F6 1d02h:
> WCCP-PKT:D97: Sending I_See_You packet to 192.168.3.20 w/ rcv_id 000002F7
> 1d02h: WCCP-EVNT:D97: Built new router view: 1 routers, 1 usable web
> caches, change # 0000000E 1d02h: WCCP-PKT:D97: Received valid
> Redirect_Assignment packet from 192.168.3.20 w/rcv_id 000002F7 1d02h:
> WCCP-PKT:D97: Received valid Here_I_Am packet from 192.168.3.20 w/rcv_id
> 000002F7 1d02h: WCCP-PKT:D97: Sending I_See_You packet to 192.168.3.20 w/
> rcv_id 000002F8 1d02h: WCCP-PKT:D97: Received valid Here_I_Am packet from
> 192.168.3.20 w/rcv_id 000002F8 ...
>
> however, no output on cache.log, running squid with parameters -NDX -d9
>
> Regards,
> Martin
>
> On Thursday 08 February 2007 11:56, Martin Kobele wrote:
> > Hi,
> >
> > I am experiencing
> > the following problem: Squid does not get any I_SEE_YOU messages and the
> > router prints out "Here_I_Am packet from 192.168.3.20 w/bad rcv_id
> > 0000000"
> >
> > Here is the setup and what is happening in more detail:
> >
> > SQUID BOX
> > ========
> > IP: 192.168.3.20
> >
> > Squid 2.6STABLE9, kernel 2.4.32 or 2.6.16, for now the kernel version
> > does not seem to matter.
> > For now I use one squid and one router. But once I get this to work, I
> > plan on using 2 routers and most likely a second squid. Thus the dynamic
> > configuration.
> >
> >
> > squid.conf wccp2 settings:
> >
> > wccp2_router 192.168.3.21
> > wccp2_forwarding_method 1
> > wccp2_return_method 1
> > wccp2_assignment_method 1
> > wccp2_service dynamic 97 password=exPAS12
> > wccp2_service_info 97 protocol=tcp flags=src_ip_hash,ports_source
> > priority=240 ports=80
> > wccp2_weight 10000
> >
> >
> >
> > CISCO 2621
> > ========
> > Cisco Internetwork Operating System Software
> > IOS (tm) C2600 Software (C2600-I-M), Version 12.0(3)T3, RELEASE SOFTWARE
> > (fc1)
> > Copyright (c) 1986-1999 by cisco Systems, Inc.
> > Compiled Thu 15-Apr-99 15:41 by kpma
> > Image text-base: 0x80008088, data-base: 0x80693A88
> >
> > ROM: System Bootstrap, Version 11.3(2)XA4, RELEASE SOFTWARE (fc1)
> >
> > part of 'show conf':
> >
> > ip wccp 97 password exPAS12
> > ip name-server 192.168.1.253
> > ip name-server 192.168.1.252
> > !
> > interface FastEthernet0/0
> > ip address 192.168.3.21 255.255.255.0
> > no ip directed-broadcast
> > ip wccp 97 redirect out
> > no ip mroute-cache
> >
> >
> > STARTING SQUID
> > ============
> > If I start squid I get the following output on the CISCO:
> > 23:30:08: WCCP-EVNT:D97: Web Cache 192.168.3.20 added
> > 23:30:18: WCCP-EVNT:D97: Built new router view: 1 routers, 1 usable web
> > caches, change # 00000030
> >
> > if I restart squid I get the following on CISCO:
> > 23:31:03: WCCP-EVNT:D97: Here_I_Am packet from 192.168.3.20 w/bad rcv_id
> > 0000000
> >
> > eventually, I get this:
> > 23:50:06: WCCP-EVNT:D97: Redirect_Assignment packet from 192.168.3.20
> > fails source check
> >
> >
> > I do not get any I_SEE_YOU messages in squid's cache.log
> >
> > The only wccp2 related messages are :
> > 2007/02/08 11:14:22| WCCP Disabled.
> > 2007/02/08 11:14:22| Accepting WCCPv2 messages on port 2048, FD 48.
> > 2007/02/08 11:14:22| Initialising all WCCPv2 lists
> >
> >
> > TCPDUMP
> > ======
> > in order to be sure that udp packets are coming through, I captured the
> > traffic while starting squid
> >
> > # tcpdump -X -s 1600 -n -i any -p port 2048 &
> > # squid
> >
> > 11:16:13.481972 IP 192.168.3.20.2048 > 192.168.3.21.2048: UDP, length 160
> > 0x0000: 4500 00bc f920 0000 4011 f996 c0a8 0314
> > E.......@....... 0x0010: c0a8 0315 0800 0800 00a8 ceb5 0000 000a
> > ................ 0x0020: 0200 0098 0000 0014 0000 0001 67ae 4954
> > ............g.IT 0x0030: 3716 c97d e9fa fcf5 973d c4e6 0001 0018
> > 7..}.....=...... 0x0040: 0161 f006 0000 0031 0050 0000 0000 0000
> > .a.....1.P...... 0x0050: 0000 0000 0000 0000 0003 002c c0a8 0314
> > ...........,.... 0x0060: 0000 0000 0000 0000 0000 0000 0000 0000
> > ................ 0x0070: 0000 0000 0000 0000 0000 0000 0000 0000
> > ................ 0x0080: 0000 0000 2710 0000 0005 0014 0000 0001
> > ....'........... 0x0090: 0000 0001 c0a8 0315 0000 0000 0000 0000
> > ................ 0x00a0: 0008 0018 0001 0004 0000 0001 0002 0004
> > ................ 0x00b0: 0000 0001 0003 0004 0000 0001
> > ............ 11:16:13.493933 IP 192.168.3.21.2048 > 192.168.3.20.2048:
> > UDP, length 156 0x0000: 4500 00b8 1cba 0000 ff11 1701 c0a8 0315
> > E............... 0x0010: c0a8 0314 0800 0800 00a4 7651 0000 000b
> > ..........vQ.... 0x0020: 0200 0094 0000 0014 0000 0001 8fb9 abcb
> > ................ 0x0030: fa5b 24d3 1dc9 57f3 a8b1 a8bb 0001 0018
> > .[$...W......... 0x0040: 0161 f006 0000 0031 0050 0000 0000 0000
> > .a.....1.P...... 0x0050: 0000 0000 0000 0000 0002 0014 c0a8 0315
> > ................ 0x0060: 0000 1c35 c0a8 0315 0000 0001 c0a8 0314
> > ...5............ 0x0070: 0004 0044 0000 0030 c0a8 0314 0000 0001
> > ...D...0........ 0x0080: 0000 0001 c0a8 0315 0000 0001 c0a8 0314
> > ................ 0x0090: 0000 0000 ffff ffff ffff ffff ffff ffff
> > ................ 0x00a0: ffff ffff ffff ffff ffff ffff ffff ffff
> > ................ 0x00b0: ffff ffff 2710 0000
> > ....'... 11:16:18.543117 IP 192.168.3.21.2048 > 192.168.3.20.2048: UDP,
> > length 80 0x0000: 4500 006c 1cbb 0000 ff11 174c c0a8 0315
> > E..l.......L.... 0x0010: c0a8 0314 0800 0800 0058 1e0a 0000 000d
> > .........X...... 0x0020: 0200 0048 0000 0014 0000 0001 f7b9 dfbe
> > ...H............ 0x0030: 51e7 c37e f30e bbb7 623e efe4 0001 0018
> > Q..~....b>...... 0x0040: 0161 f006 0000 0031 0050 0000 0000 0000
> > .a.....1.P...... 0x0050: 0000 0000 0000 0000 0007 0010 c0a8 0315
> > ................ 0x0060: 0000 1c36 c0a8 0315 c0a8 0314
> > ...6........ 11:16:23.485739 IP 192.168.3.20.2048 > 192.168.3.21.2048:
> > UDP, length 160 0x0000: 4500 00bc f921 0000 4011 f995 c0a8 0314
> > E....!..@....... 0x0010: c0a8 0315 0800 0800 00a8 6976 0000 000a
> > ..........iv.... 0x0020: 0200 0098 0000 0014 0000 0001 1c32 0c8e
> > .............2.. 0x0030: d72a 3ab8 5bc7 3976 3432 39a3 0001 0018
> > .*:.[.9v429..... 0x0040: 0161 f006 0000 0031 0050 0000 0000 0000
> > .a.....1.P...... 0x0050: 0000 0000 0000 0000 0003 002c c0a8 0314
> > ...........,.... 0x0060: 0000 0000 0000 0000 0000 0000 0000 0000
> > ................ 0x0070: 0000 0000 0000 0000 0000 0000 0000 0000
> > ................ 0x0080: 0000 0000 2710 0000 0005 0014 0000 0001
> > ....'........... 0x0090: 0000 0001 c0a8 0315 0000 1c35 0000 0000
> > ...........5.... 0x00a0: 0008 0018 0001 0004 0000 0001 0002 0004
> > ................ 0x00b0: 0000 0001 0003 0004 0000 0001
> >
> > if I view this (tcpdump -w dump -X -s 1600 -n -i any -p port 2048) in
> > ethereal, I can see that "Here I am" and "I see you" messages are sent
> > back and forth. I can email you the dump, the mailing list does not
> > permit attachments.
> >
> > What did I do wrong or miss?
> >
> > Any pointers are more than appreciated.
> >
> > Thank you!
> >
> > Regards,
> > Martin
-- Martin Kobele Software Developer t. 519-826-5222 ext #224 f. 519-826-5228 martin.kobele@netsweeper.com Netsweeper Corporate Head Office 104 Dawson Road Guelph, Ontario N1H 1A7Received on Thu Feb 08 2007 - 13:21:46 MST
This archive was generated by hypermail pre-2.1.9 : Thu Mar 01 2007 - 12:00:01 MST