[squid-users] odd wccp issue affecting only some web servers
Jason Haar
Jason_Haar at trimble.com
Thu Dec 4 17:58:28 UTC 2014
Hi there
We have CentOS-6 squid-3.1.10-29 servers that are configured for WCCP.
They are working - for some web sites. eg "www.slashdot.org" works
(216.34.181.48), but "slashdot.org" doesn't (216.34.181.45). Those are
both on the same Class-C subnet.
What I see is the SYN packet being forwarded for both from our Cisco kit
to the Linux "wccp0" interface, but only the "www.slashdot.org" one
leads to squid connecting to that website. The other just stops. I can't
tell if this is a fault in iptables forwarding one and not the other to
squid, or a problem with squid - but iptables has the easier job so it
shouldn't be in there. (obviously we don't do any kind of weird,
"partial" transparent proxy - the iptables rule is to pass all port 80
traffic to squid). Also both websites work fine through squid if you use
it as a normal proxy
Any ideas how to diagnose this, or is this a "that was fixed in a newer
version that your OS vendor doesn't support" kind of problem ;-)
--
Cheers
Jason Haar
Corporate Information Security Manager, Trimble Navigation Ltd.
Phone: +1 408 481 8171
PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1
More information about the squid-users
mailing list