<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=us-ascii">
<META content="MSHTML 6.00.6000.16674" name=GENERATOR></HEAD>
<BODY>
<DIV><SPAN class=978325014-17072008><FONT face=Arial size=2>Greetings
all,</FONT></SPAN></DIV>
<DIV><SPAN class=978325014-17072008><FONT face=Arial
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=978325014-17072008><FONT face=Arial size=2>I am seeing an
tproxy error in my squid cache.log that I am wanting to gain more understanding
of the implications of. TProxy is working, but I was curious if the error noted
below is going to give me problems down the road, much less any information
about the error. The error in the log seems to be cutoff, which doesn't make it
any easier to isolate, and I don't know how to remedy that. After the error
listing, I have provided the details of the setup. Any input would be
helpful.</FONT></SPAN></DIV>
<DIV><SPAN class=978325014-17072008><FONT face=Arial
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=978325014-17072008><FONT face=Arial
size=2>Thanks,</FONT></SPAN></DIV>
<DIV><SPAN class=978325014-17072008><FONT face=Arial
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=978325014-17072008><FONT face=Arial
size=2>Nicholas</FONT></SPAN></DIV>
<DIV><SPAN class=978325014-17072008><FONT face=Arial
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=978325014-17072008><FONT face=Arial size=2>Error in squid
cache.log:</FONT></SPAN></DIV>
<DIV><SPAN class=978325014-17072008><FONT face=Arial
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=978325014-17072008><FONT face=Arial size=2>2008/07/16 15:21:20|
tproxy ip=10.48.1.3,0x301300a,port=0 ERROR ASSIGN<BR>2008/07/16 15:21:24| tproxy
ip=10.48.1.3,0x301300a,port=0 ERROR ASSIGN<BR>2008/07/16 15:21:52| NETDB state
saved; 0 entries, 0 msec<BR>2008/07/16 15:23:35| tproxy
ip=10.48.1.3,0x301300a,port=0 ERROR ASSIGN<BR>2008/07/16 15:24:41| tproxy
ip=10.48.1.3,0x301300a,port=0 ERROR ASSIGN</FONT></SPAN></DIV>
<DIV><SPAN class=978325014-17072008><FONT face=Arial
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=978325014-17072008><FONT face=Arial size=2>Details of
setup:</FONT></SPAN></DIV>
<DIV><SPAN class=978325014-17072008><FONT face=Arial
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=978325014-17072008><FONT face=Arial size=2>software
versions:</FONT></SPAN></DIV>
<DIV><SPAN class=978325014-17072008><FONT face=Arial
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=978325014-17072008><FONT face=Arial size=2>CentOS 5.2 x86_64
linux distributions</FONT></SPAN></DIV>
<DIV><SPAN class=978325014-17072008><FONT face=Arial
size=2>squid-2.6.STABLE21</FONT></SPAN></DIV>
<DIV><SPAN class=978325014-17072008><FONT face=Arial
size=2>cttproxy-2.6.18-2.0.6</FONT></SPAN></DIV>
<DIV><SPAN class=978325014-17072008><FONT face=Arial size=2>vanilla 2.6.18
kernel, custom compiled (I did choose the NAT reservations support in addition
the other TProxy options.)</FONT></SPAN></DIV>
<DIV><SPAN class=978325014-17072008><FONT face=Arial size=2>iptables-1.3.5-4
source rpm, patched and built via rpmbuild with the cttproxy
diff</FONT></SPAN></DIV>
<DIV><SPAN class=978325014-17072008><FONT face=Arial
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=978325014-17072008><FONT face=Arial size=2>squid build
options:</FONT></SPAN></DIV>
<DIV><SPAN class=978325014-17072008><FONT face=Arial
size=2>CHOST="x86_64-pc-linux-gnu" \<BR>CFLAGS="-DNUMTHREADS=60 \<BR>-O3
\<BR>-pipe \<BR>-funroll-loops \<BR>-ffast-math \<BR>-fno-exceptions"
\<BR>./configure \<BR>--prefix=/usr/local/squidapp
\<BR>--exec-prefix=/usr/local/squidapp \<BR>--enable-async-io \<BR>--enable-icmp
\<BR>--enable-snmp \<BR>--enable-cache-digests \<BR>--enable-useragent-log
\<BR>--enable-storeio="aufs" \<BR>--enable-follow-x-forwarded-for
\<BR>--enable-removal-policies="heap,lru" \<BR>--with-maxfd=16384
\<BR>--enable-poll \<BR>--disable-ident-lookups \<BR>--enable-delay-pools
\<BR>--enable-linux-netfilter \<BR>--enable-linux-tproxy </FONT></SPAN></DIV>
<DIV><SPAN class=978325014-17072008><FONT face=Arial
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=978325014-17072008><FONT face=Arial size=2>Other patches that
came with the iptables rpm that were applied to the IPTables source:Patch2:
iptables-1.2.8-nolibnsl.patch<BR>Patch4: iptables-1.2.9-netlink.patch<BR>Patch5:
iptables-1.3.0-selinux.patch<BR>Patch6:
iptables-1.2.10-counters.patch<BR>Patch8:
iptables-1.3.0-cleanup.patch<BR>Patch9:
iptables-1.3.0-autoload.patch<BR>Patch10:
iptables-1.3.0-no_root.patch<BR>Patch11:
iptables-1.3.5-dscp_max.patch<BR>Patch12:
iptables-1.3.5-headers.patch</FONT></SPAN></DIV>
<DIV><SPAN class=978325014-17072008><FONT face=Arial
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=978325014-17072008><FONT face=Arial
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=978325014-17072008><FONT face=Arial size=2>Squid deployment is
using the setup as detailed onthe squid WiKi at: <A
href="http://wiki.squid-cache.org/ConfigExamples/FullyTransparentWithTPROXY">http://wiki.squid-cache.org/ConfigExamples/FullyTransparentWithTPROXY</A></FONT></SPAN></DIV>
<DIV><SPAN class=978325014-17072008><FONT face=Arial
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=978325014-17072008><FONT face=Arial size=2>This squid
deployment using using WCCP v2 with a Cisco router, and two squid services as
itemized in the WiKi article, where one wccp service is bound to the inbound
traffic, and one to the outbound traffic like this:</FONT></SPAN></DIV>
<DIV><SPAN class=978325014-17072008><FONT face=Arial
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=978325014-17072008><FONT face=Arial size=2>wccp2_service
dynamic 80<BR>wccp2_service_info 80 protocol=tcp flags=src_ip_hash priority=240
ports=80<BR>wccp2_service dynamic 90<BR>wccp2_service_info 90 protocol=tcp
flags=dst_ip_hash,ports_source priority=240 ports=80</FONT></SPAN></DIV>
<DIV><SPAN class=978325014-17072008><FONT face=Arial
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=978325014-17072008><FONT face=Arial
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=978325014-17072008><FONT face=Arial size=2>Like I said, the
whole setup is working nicely...but I have only tested it with serving less than
10 clients, and I want to make sure the error I am seing is not going to give me
performance/stability problems down the road.</FONT></SPAN></DIV>
<DIV><SPAN class=978325014-17072008><FONT face=Arial
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=978325014-17072008><FONT face=Arial size=2>Once I resolve this
issue, I will be posting to the Squid Wiki and to anyone who is interested a
CentOS 5.2 HOWTO.</FONT></SPAN></DIV>
<DIV><SPAN class=978325014-17072008><FONT face=Arial
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=978325014-17072008><FONT face=Arial
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=978325014-17072008></SPAN> </DIV>
<DIV><SPAN class=978325014-17072008><FONT face=Arial
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=978325014-17072008><FONT face=Arial
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=978325014-17072008></SPAN> </DIV>
<DIV><SPAN class=978325014-17072008><FONT face=Arial
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=978325014-17072008><FONT face=Arial
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=978325014-17072008><FONT face=Arial
size=2></FONT></SPAN> </DIV></BODY></HTML>