Written by James McDonald

June 26, 2009

I recently went from having a Linux CentOS release 5.3 gateway firewall running Squid Cache: Version 2.6.STABLE21 to a Cisco 877 ADSL gateway.

Very quickly my users complained of r_e_a_l_l_y slow internet. With only the Cisco 877 in place every single request was passing over the paltry 512/512 ADSL link.

So I Googled for a solution. Enter the Web Cache Communication Protocol. (WCCP).

It took quite some time to get it working.

Email me if you want to know more…

Output of Cisco show ip wccp

Global WCCP information:
    Router information:
        Router Identifier:                   220.233.0.87
        Protocol Version:                    2.0

    Service Identifier: web-cache
        Number of Service Group Clients:     1
        Number of Service Group Routers:     1
        Total Packets s/w Redirected:        513253
          Process:                           7412
          Fast:                              0
          CEF:                               505841
        Service mode:                        Open
        Service access-list:                 -none-
        Total Packets Dropped Closed:        0
        Redirect access-list:                -none-
        Total Packets Denied Redirect:       0
        Total Packets Unassigned:            760
        Group access-list:                   -none-
        Total Messages Denied to Group:      0
        Total Authentication failures:       0
        Total Bypassed Packets Received:     0

Cisco Configuration

ip wccp web-cache
! because "ip wccp version 2" is the default for my Cisco 877 
! all you need is the one global command to enable it.

interface BVI1
 description $FW_INSIDE$
 ip address 10.20.30.254 255.255.255.0
 ip wccp web-cache redirect in
 ip nat inside <== my router runs NAT
#!/bin/sh
# bring up GRE tunnel for Cisco WCCP configuration

modprobe ip_gre
iptunnel add wccp0 mode gre remote 220.233.0.87 local 192.168.0.252 dev eth0
ifconfig wccp0 127.0.0.2 up

1 Comment

  1. Terence

    My challenge is on configuring the acls for wccp and nat on the same router. l would appreciate if you can email me the rest of the router configuration.

    Reply

Submit a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

The reCAPTCHA verification period has expired. Please reload the page.

You May Also Like…

Squarespace Image Export

To gain continued access to your Squarespace website images after cancelling your subscription you have several...

MySQL 8.x GRANT ALL STATEMENT

-- CREATE CREATE USER 'tgnrestoreuser'@'localhost' IDENTIFIED BY 'AppleSauceLoveBird2024'; GRANT ALL PRIVILEGES ON...

Exetel Opt-Out of CGNAT

If your port forwards and inbound and/or outbound site-to-site VPN's have failed when switching to Exetel due to their...