Feature: WCCP version 1 router interception for Squid

  • Goal: Making Squid communicate with Cisco devices and accept WCCP intercepted HTTP traffic from them.

  • Status: Completed.

  • Version: 2.6 and later

  • Developer: AdrianChadd

Overview Details

Cisco routers and switches provide a traffic interception method called WCCP which captures HTTP traffic and can redirect it through a properly configured Proxy box.

WCCP implementations by Cisco vary between releases and whether a router or switch is used.

Also WCCP is merely a way of getting packets to a proxy box, receiving the packets into the proxy requires separate configuration which is dependent on the operating system and proxy receiving it.

This means no one config tutorial can be used for a generic config. Instead we are forced to provide snippets of config and stitch them together as appropriate for every network combination.

Here is a diagram. These snippets implement the red communication channel: wccp_proxy_flows.png

  • Image copyright Cisco.

Cisco box WCCP version 1 configuration for ...

Cisco IOS 11.x router

For very old versions of IOS you will need this config:

conf t
wccp enable
!
interface [Interface carrying Outgoing Traffic]x/x
!
ip wccp web-cache redirect
!
CTRL Z
copy running-config startup-config

Cisco IOS 12.x router

  • /!\ Some of the early versions of 12.x do not have the 'ip wccp version' command. You will need to upgrade your IOS version to use V1.0.

conf t
ip wccp version 1
ip wccp web-cache redirect-list 150
!
interface [Interface carrying Outgoing/Incoming Traffic]x/x
ip wccp web-cache redirect out|in
!
CTRL Z
copy running-config startup-config
  • {X} IOS defaults to using WCCP version 2 if you do not explicitly specify a version.

Replace 150 with an access list number (either standard or extended) which lists IP addresses which you do not wish to be transparently redirected to your cache.

If you wish to redirect all client traffic then remove the:

ip wccp web-cache redirect-list
  • (!) WCCP is smart enough that it will automatically bypass your cache from the redirection process, ensuring that your cache does not become redirected back to itself.

Squid configuration for WCCP version 1

All the squid.conf options beginning with wccp_* apply to WCCPv1 only

TroubleShooting WCCPv1


CategoryFeature

Features/Wccp (last edited 2011-05-23 12:58:05 by AmosJeffries)