[squid-users] WCCPV2 with fortigate ERROR: Ignoring WCCPv2 message: truncated record

David Touzeau david at articatech.com
Thu Jun 23 16:11:37 UTC 2022 

Hi Alex,

is the v5 commit 7a73a54 already included in the latest 5.5,5.6 versions?

This is very unfortunate because WCCP is used by default by Fortinet 
firewall devices. It should be very popular.
Indeed, Fortinet is flooding the market.
I can volunteer for the funding and the necessary testing to be done.

Le 23/06/2022 à 14:44, Alex Rousskov a écrit :
> On 6/21/22 07:43, David Touzeau wrote:
>
>> We trying to using WCCP with Fortigate without success Squid version  
>> 5.5 always claim "Ignoring WCCPv2 message: truncated record"
>>
>> What can be the cause ?
>
> The most likely cause are bugs in untested WCCP fixes (v5 commit 
> 7a73a54). Dormant draft PR 970 contains unfinished fixes for the 
> problems in that previous attempt:
> https://github.com/squid-cache/squid/pull/970
>
> IMHO, folks that need WCCP support should invest into that 
> semi-abandoned Squid feature or risk losing it. WCCP code needs 
> serious refactoring and proper testing. There are currently no Project 
> volunteers that have enough resources and capabilities to do either.
>
> https://wiki.squid-cache.org/SquidFaq/AboutSquid#How_to_add_a_new_Squid_feature.2C_enhance.2C_of_fix_something.3F 
>
>
>
> HTH,
>
> Alex.
>
>
>> We have added a service ID 80 on fortigate
>>
>> config system wccp
>>      edit "80"
>>          set router-id 10.10.50.1
>>          set group-address 0.0.0.0
>>          set server-list 10.10.50.2 255.255.255.255
>>          set server-type forward
>>          set authentication disable
>>          set forward-method GRE
>>          set return-method GRE
>>          set assignment-method HASH
>>      next
>> end
>>
>> Squid wccp configuration
>>
>> wccp2_router 10.10.50.1
>> wccp_version 3
>> # tested v4 do the same behavior
>> wccp2_rebuild_wait on
>> wccp2_forwarding_method gre
>> wccp2_return_method gre
>> wccp2_assignment_method hash
>> wccp2_service dynamic 80
>> wccp2_service_info 80 protocol=tcp protocol=tcp flags=src_ip_hash 
>> priority=240 ports=80,443
>> wccp2_address 0.0.0.0
>> wccp2_weight 10000
>>
>> Squid claim in debug log
>>
>> 022/06/21 13:15:38.780 kid4| 80,6| wccp2.cc(1206) wccp2HandleUdp: 
>> wccp2HandleUdp: Called.
>> 2022/06/21 13:15:38.781 kid4| 5,5| ModEpoll.cc(118) SetSelect: FD 38, 
>> type=1, handler=1, client_data=0, timeout=0
>> 2022/06/21 13:15:38.781 kid4| 80,3| wccp2.cc(1230) wccp2HandleUdp: 
>> Incoming WCCPv2 I_SEE_YOU length 112.
>> 2022/06/21 13:15:38.781 kid4| ERROR: Ignoring WCCPv2 message: 
>> truncated record
>>      exception location: wccp2.cc(1133) CheckSectionLength
>>
>>
>>
>> -- 
>>
>> _______________________________________________
>> squid-users mailing list
>> squid-users at lists.squid-cache.org
>> http://lists.squid-cache.org/listinfo/squid-users
>
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users
-- 
Technical Support
	
	
*David Touzeau*
Orgerus, Yvelines, France
*Artica Tech*

P: +33 6 58 44 69 46
www: wiki.articatech.com <https://wiki.articatech.com>
www: articatech.net <http://articatech.net>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20220623/d3f3be6e/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: adLFmtGuksAZror0.jpg
Type: image/jpeg
Size: 6266 bytes
Desc: not available
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20220623/d3f3be6e/attachment.jpg>

More information about the squid-users mailing list