[squid-users] squid 3.5.19, wccp2, pf and forwarding loop

Mark Davies mark at ecs.vuw.ac.nz
Mon May 23 04:41:13 UTC 2016


I know this comes up repeatedly but I'm now hitting this and can't see why.

I have a traditional squid setup that works fine for clients that 
explicitly point at it but I also want to allow transparent access for some 
destinations for only port 80.  So I have wccp2 set up between a cisco 
switch and the squid to direct the traffic to the box (and that seems to be 
happening fine).  I have the below pf.conf (This is on NetBSD using PF) on 
the box to direct the traffic to the intercept port:


ext_if="wm0"
int_if="bnx0"

set skip on lo0

rdr pass on $int_if inet proto tcp from 130.195.0.0/20 to any port 80 -> 
127.0.0.1 port 8081

pass out
pass in



relevant bits of the squid.conf are:

http_port www-cache2:8080
http_port 8081 intercept

wccp2_router 130.195.5.1
wccp2_forwarding_method l2
wccp2_return_method l2
wccp2_assignment_method mask
wccp2_service standard 0


If I try to access a site transparently I get the following in the 
access.log:

1463977560.985      3 130.195.5.88 TCP_MISS/403 3945 GET 
http://www.easychair.org/easychair.cgi - ORIGINAL_DST/127.0.0.1 text/html

and this in cache.log:

2016/05/23 16:26:00 kid1| WARNING: Forwarding loop detected for:
GET /easychair.cgi HTTP/1.1
Accept: */*
User-Agent: tnftp/20151004
Via: 1.1 www-cache2.ecs.vuw.ac.nz (squid/3.5.19)
X-Forwarded-For: 130.195.5.88
Cache-Control: max-age=259200
Connection: keep-alive
Host: www.easychair.org



so presumably squid is sending out the request in such a way that its 
getting fed back into itself (rather than going to www.easychair.org in 
this case) but I can't see why that is happening.  Any suggestions?

cheers
mark



More information about the squid-users mailing list