[squid-users] wccp2_service_info fails on more than one port number

Yuri Voinov yvoinov at gmail.com
Tue Mar 3 18:15:41 UTC 2015 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Don't think this is bug.

You got very custom configuration, which can not be common.

As I said, HTTP ports other than 80 is very rarely used in WAN's. And
be better to separate HTTPS port from HTTP.

Modern iOS can not accept your configuration. Beware.

03.03.15 23:57, Guy Helmer пишет:
> Thanks Yuri -- I have thoroughly read Cisco IOS configuration
> manuals pertaining to WCCP2. From what I have read, there is no
> strict requirement for separate configurations for standard
> web-cache port 80 and dynamic service for non-port 80 — wccp2
> dynamic services allow redirection of any ports (up to a total of
> 8), including port 80. As I’ve stated before, this was a working
> configuration in squid 3.3 at multiple sites. If there is a
> rationale for distinct wccp2 service configurations for port 80 vs
> other ports, I sure could use a reference that explains it.
> 
> As I’ve pointed out, there is a bug in Squid 3.4 that prevents
> specifying multiple TCP ports in the wccp2_service_info line. I’ve
> corrected that now in my sources. After fixing that bug, squid
> 3.4.12 is functioning with WCCP2 interception for port 80, 443, and
> others as it did in version 3.3.x.
> 
> Regards, Guy
> 
>> On Mar 3, 2015, at 11:29 AM, Yuri Voinov <yvoinov at gmail.com>
>> wrote:
>> 
> Please, read Cisco iOS WCCPv2 manual first.
> 
> This one:
> 
> http://www.cisco.com/c/en/us/td/docs/ios/12_2/configfun/configuration/guide/ffun_c/fcf018.html
> <http://www.cisco.com/c/en/us/td/docs/ios/12_2/configfun/configuration/guide/ffun_c/fcf018.html>
>
>  and this one:
> 
> http://www.cisco.com/c/en/us/td/docs/ios/12_2/configfun/configuration/guide/ffun_c/fcf018.html#wp1000955
> <http://www.cisco.com/c/en/us/td/docs/ios/12_2/configfun/configuration/guide/ffun_c/fcf018.html#wp1000955>
>
>  wccp web-cache uses port 80 by default. Other http ports is less
> than percentile on web-traffic.
> 
> https requires another dynamic wccp service.
> 
> Also, take a look on config example again.
> 
> This is working configuration.
> 
> 03.03.15 23:21, Guy Helmer пишет:
>>>> It has worked in the past with WCCP2 dynamic services at
>>>> multiple sites.
>>>> 
>>>> I’ve uncovered the wccp2_service_info ports parsing error:
>>>> 
>>>> --- src/wccp2.cc.ORIG	2015-03-03 11:08:18.000000000 -0600
>>>> +++ src/wccp2.cc	2015-03-03 11:10:37.000000000 -0600 @@
>>>> -2264,7 +2264,10 @@ if (i >= WCCP2_NUMPORTS) { 
>>>> fatalf("parse_wccp2_service_ports: too many ports (maximum:
>>>> 8) in list '%s'\n", options); } -        int p = xatoi(tmp);
>>>> + char copy[len + 1]; +        memcpy(copy, tmp, len); + 
>>>> copy[len] = '\0'; +        int p = xatoi(copy);
>>>> 
>>>> if (p < 1 || p > 65535) { fatalf("parse_wccp2_service_ports:
>>>> port value '%s' isn't valid (1..65535)\n", tmp);
>>>> 
>>>> 
>>>>> On Mar 3, 2015, at 11:06 AM, Yuri Voinov
>>>>> <yvoinov at gmail.com> wrote:
>>>>> 
>>>> You cannot combine HTTP and HTTPS in one WCCP service.
>>>> 
>>>> http://wiki.squid-cache.org/ConfigExamples/Intercept/CiscoIOSv15Wccp2
>>>> <http://wiki.squid-cache.org/ConfigExamples/Intercept/CiscoIOSv15Wccp2>
>>>>
>>>>
>>>>
>>>>
>>>> 
03.03.15 23:04, Guy Helmer пишет:
>>>>>>> This used to work in 3.3.x:
>>>>>>> 
>>>>>>> wccp2_service_info 94 protocol=tcp 
>>>>>>> flags=dst_ip_hash,ports_source priority=240 
>>>>>>> ports=80,81,83,591,8008,8080,443
>>>>>>> 
>>>>>>> squid 3.4.12 fails: 2015/03/03 11:02:33.109| 
>>>>>>> cache_cf.cc(556) parseOneConfigFile: Processing: 
>>>>>>> wccp2_service_info 94 protocol=tcp 
>>>>>>> flags=dst_ip_hash,ports_source priority=240 
>>>>>>> ports=80,81,83,591,8008,8080,443 2015/03/03
>>>>>>> 11:02:33.109| wccp2.cc <http://wccp2.cc/>(2298)
>>>>>>> parse_wccp2_service_info: parse_wccp2_service_info:
>>>>>>> called 2015/03/03 11:02:33.109| ERROR: Invalid value:
>>>>>>> '80,81,83,591,8008,8080,443' is supposed to be a
>>>>>>> number.
>>>>>>> 
>>>>>>> Any help?
>>>>>>> 
>>>>>>> Thanks, Guy
>>>>>>> _______________________________________________ 
>>>>>>> squid-users mailing list
>>>>>>> squid-users at lists.squid-cache.org
>>>>>>> <mailto:squid-users at lists.squid-cache.org> 
>>>>>>> http://lists.squid-cache.org/listinfo/squid-users
>>>>>>> <http://lists.squid-cache.org/listinfo/squid-users>
>>>>>>> 
>>>>> _______________________________________________
>>>>> squid-users mailing list squid-users at lists.squid-cache.org
>>>>> <mailto:squid-users at lists.squid-cache.org> 
>>>>> http://lists.squid-cache.org/listinfo/squid-users
>>>>> <http://lists.squid-cache.org/listinfo/squid-users>
>>>> 
> 
> 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQEcBAEBAgAGBQJU9fpNAAoJENNXIZxhPexG+hoH/33NudcBRvS5Z/D/8wCN8Hwq
4+efhgF3dCfimb2kQjQFq3JsK6JvPUJO7TJm2h8tzqlAMOnBUuoM/MHEg48skcL2
+udKwPUC/WO0GXVlNFdln3a4ozYotDmpwZIvwzBTPm5dpcwMi/bCX2oOyzq4y8yr
mHzYEYmaP1tKF4bzEqlRsOIkrKUFvTvw6HlMoZ1EDE3Qp6WlM6WWiaf8rOoMKVRn
dGBPvmvRo79OEMXkvc167BH2j8phOFs7XPUw9mWw7nY93jKEcBxxKl4PpwkK7km/
am7DeV7uLQtnA5nuPs4QC063YRBEAu/8mjONRq5ytJurP8nUUsV46+sdl0EMY44=
=S5O/
-----END PGP SIGNATURE-----

More information about the squid-users mailing list