June 26, 2009

I recently went from having a Linux CentOS release 5.3 gateway firewall running Squid Cache: Version 2.6.STABLE21 to a Cisco 877 ADSL gateway.

Very quickly my users complained of r_e_a_l_l_y slow internet. With only the Cisco 877 in place every single request was passing over the paltry 512/512 ADSL link.

So I Googled for a solution. Enter the Web Cache Communication Protocol. (WCCP).

It took quite some time to get it working.

Output of Cisco show ip wccp

Global WCCP information:
    Router information:
        Router Identifier:         
        Protocol Version:                    2.0

    Service Identifier: web-cache
        Number of Service Group Clients:     1
        Number of Service Group Routers:     1
        Total Packets s/w Redirected:        513253
          Process:                           7412
          Fast:                              0
          CEF:                               505841
        Service mode:                        Open
        Service access-list:                 -none-
        Total Packets Dropped Closed:        0
        Redirect access-list:                -none-
        Total Packets Denied Redirect:       0
        Total Packets Unassigned:            760
        Group access-list:                   -none-
        Total Messages Denied to Group:      0
        Total Authentication failures:       0
        Total Bypassed Packets Received:     0

Cisco Configuration

ip wccp web-cache
! because "ip wccp version 2" is the default for my Cisco 877 
! all you need is the one global command to enable it.

interface BVI1
 description $FW_INSIDE$
 ip address
 ip wccp web-cache redirect in
 ip nat inside <== my router runs NAT
# bring up GRE tunnel for Cisco WCCP configuration

modprobe ip_gre
iptunnel add wccp0 mode gre remote local dev eth0
ifconfig wccp0 up

  1. Terence

    My challenge is on configuring the acls for wccp and nat on the same router. l would appreciate if you can email me the rest of the router configuration.


