Greetings all,
 
I am seeing an tproxy error in my squid cache.log that I am wanting to gain more understanding of the implications of. TProxy is working, but I was curious if the error noted below is going to give me problems down the road, much less any information about the error. The error in the log seems to be cutoff, which doesn't make it any easier to isolate, and I don't know how to remedy that. After the error listing, I have provided the details of the setup. Any input would be helpful.
 
Thanks,
 
Nicholas
 
Error in squid cache.log:
 
2008/07/16 15:21:20| tproxy ip=10.48.1.3,0x301300a,port=0 ERROR ASSIGN
2008/07/16 15:21:24| tproxy ip=10.48.1.3,0x301300a,port=0 ERROR ASSIGN
2008/07/16 15:21:52| NETDB state saved; 0 entries, 0 msec
2008/07/16 15:23:35| tproxy ip=10.48.1.3,0x301300a,port=0 ERROR ASSIGN
2008/07/16 15:24:41| tproxy ip=10.48.1.3,0x301300a,port=0 ERROR ASSIGN
 
Details of setup:
 
software versions:
 
CentOS 5.2 x86_64 linux distributions
squid-2.6.STABLE21
cttproxy-2.6.18-2.0.6
vanilla 2.6.18 kernel, custom compiled (I did choose the NAT reservations support in addition the other TProxy options.)
iptables-1.3.5-4 source rpm, patched and built via rpmbuild with the cttproxy diff
 
squid build options:
CHOST="x86_64-pc-linux-gnu" \
CFLAGS="-DNUMTHREADS=60 \
-O3 \
-pipe \
-funroll-loops \
-ffast-math \
-fno-exceptions" \
./configure \
--prefix=/usr/local/squidapp \
--exec-prefix=/usr/local/squidapp \
--enable-async-io \
--enable-icmp \
--enable-snmp \
--enable-cache-digests \
--enable-useragent-log \
--enable-storeio="aufs" \
--enable-follow-x-forwarded-for \
--enable-removal-policies="heap,lru" \
--with-maxfd=16384 \
--enable-poll \
--disable-ident-lookups \
--enable-delay-pools \
--enable-linux-netfilter \
--enable-linux-tproxy
 
Other patches that came with the iptables rpm that were applied to the IPTables source:Patch2: iptables-1.2.8-nolibnsl.patch
Patch4: iptables-1.2.9-netlink.patch
Patch5: iptables-1.3.0-selinux.patch
Patch6: iptables-1.2.10-counters.patch
Patch8: iptables-1.3.0-cleanup.patch
Patch9: iptables-1.3.0-autoload.patch
Patch10: iptables-1.3.0-no_root.patch
Patch11: iptables-1.3.5-dscp_max.patch
Patch12: iptables-1.3.5-headers.patch
 
 
Squid deployment is using the setup as detailed onthe squid WiKi at: http://wiki.squid-cache.org/ConfigExamples/FullyTransparentWithTPROXY
 
This squid deployment using using WCCP v2 with a Cisco router, and two squid services as itemized in the WiKi article, where one wccp service is bound to the inbound traffic, and one to the outbound traffic like this:
 
wccp2_service dynamic 80
wccp2_service_info 80 protocol=tcp flags=src_ip_hash priority=240 ports=80
wccp2_service dynamic 90
wccp2_service_info 90 protocol=tcp flags=dst_ip_hash,ports_source priority=240 ports=80
 
 
Like I said, the whole setup is working nicely...but I have only tested it with serving less than 10 clients, and I want to make sure the error I am seing is not going to give me performance/stability problems down the road.
 
Once I resolve this issue, I will be posting to the Squid Wiki and to anyone who is interested a CentOS 5.2 HOWTO.