The features of wccp are not hidden to anyone, if you find out that wccp is suitable for your situation, and can help you during down time you must obey some steps to make it run.
Step1: Define which version of wccp has been supported by your squid cache and enable it.
#configure terminal
#ip wcc version 2|1
Step2: Enable wccp web caching service on your cisco router
#configure terminal
#ip wccp web-cache
Redirect list is good feature if you have different policy for different source ip address.You can use is in “ip wccp web-cache redirect-list #num” that number mentioned the identifier of access-list you must defined.
Step3: An easy approach for completing the Cisco configuration is to find out-put interface in your router, and apply a rule to forward the traffic going through it to your cache server.
#configure terminal
#interface Ethernet 0
#ip wccp web-cache redirect out
Step4: Configure and run squid cache , two important squid tag for correct wccp configuration is
Wccp2_router , and wccp2_address , let the other option be the default one , if your IOS version is greater than , 12.0 .
Step5: Create GRE tunnel from squid box to cisco router
#modprobe ip_gre
#ip tunnel add wccp0 mode gre remote router_ip_address local linux_box_address
# ifconfig wccp0 inet 10.10.10.10 netmask 255.255.255.255 up
#echo 1 > /proc/sys/net/ipv4/ip_forward
#echo 0 > /proc/sys/net/ipv4/conf/default/rp_filter
#echo 0 > /proc/sys/net/ipv4/conf/all/rp_filter
#echo 0 > /proc/sys/net/ipv4/conf/eth0/rp_filter
#echo 0 > /proc/sys/net/ipv4/conf/lo/rp_filter
#echo 0 > /proc/sys/net/ipv4/conf/wccp0/rp_filter
At the final you need to forward the traffic that transmit through the gre tunnel to squid .
#iptables -t nat -A PREROUTING -i wccp0 -p tcp -m tcp –dport 80 –j REDIRECT –to-port 3128
You can discover the correctness of the connection by issuing this command at the router
#sh ip wccp web-cache detail
If the hash indicator shows 100% the connection is ok.
Another thing that must be considered is the the ip address of router and squid in wccp session, most of the time, cisco use first ip address on the interface for wccp communication.
