External web proxy setting?

I am trying to use an absolete rb1000 box with a 40Mb memory card in its slot.

I have followed the several step to initiate the disk and force the port 80 traffic towards port 8080 etc.

I have the box with two ports connected to a router 1100AH that serves as traffic collector for 80% of my network traffic before its send over a backhaul link to a fibre connection (=internet)

rb1100AH ether 10 has ip 10.30.30.2/30 and connects to rb1000 ether 3 with IP 10.30.30.1/30.
rb1100AH ether 11 has ip 10.50.50.1/30 and connects to rb1000 ether 4 with IP 10.50.50.2/30

In rb1100AH I have dst-nat rule:

/ip firewall nat
add action=dst-nat chain=dstnat dst-port=80 in-interface=vlan20_AP-B protocol=tcp src-address=172.25.55.0/25 to-addresses=10.30.30.1

(I use vlan20_AP-B in this instance only for testing. All traffic from AP-B comes into router 1100AH on this vlan interface.)
This rule should make sure all port 80 traffic gets redirected to ehter3 of the rb1000 (=web proxy box)

In rb1000 I have redirect rule:

/ip firewall nat
add action=redirect chain=dstnat dst-port=80 protocol=tcp to-ports=8080

and setup of web proxy;

[adminrudy@Web Proxy Server] /ip proxy> pr
                 enabled: yes
             src-address: ::
                    port: 8080
            parent-proxy: ::
       parent-proxy-port: 0
     cache-administrator: webmaster
          max-cache-size: unlimited
   max-cache-object-size: 2048KiB
           cache-on-disk: yes
  max-client-connections: 600
  max-server-connections: 600
          max-fresh-time: 3d
   serialize-connections: no
       always-from-cache: no
          cache-hit-dscp: 4
             cache-drive: CF1

this rb1000 proxy server has also default route:

/ip route
add distance=1 gateway=10.50.50.1
/ip route rule
add dst-address=0.0.0.0/0 src-address=0.0.0.0/0 table=main

and routes table:

 #      DST-ADDRESS        PREF-SRC        GATEWAY            DISTANCE
 0 A S  0.0.0.0/0                          10.50.50.1                1
 1 ADC  10.30.30.0/30      10.30.30.1      ether3-IN                 0
 2 ADC  10.50.50.0/30      10.50.50.2      ether4-OUT                0

Now, I am testing the setup:

1. I see some little traffic movement on the dst-nat rule in the rb1100AH.
2. I see only incoming traffic on the ether3 interface of the rb1000
3. I see much more traffic going in, and going out of ether 4 interface of the rb1000 (???)
4. In “Web Proxy Connections” I see lots of connections beeing build
5. In web proxy status I see requests, but not a single hit;

[adminrudy@Web Proxy Server] /ip proxy> monitor
                 status: running
                 uptime: 38m33s
               requests: 1704
                   hits: 0
             cache-used: 0KiB
         total-ram-used: 1867KiB
  received-from-servers: 10423KiB
        sent-to-clients: 10403KiB
   hits-sent-to-clients: 0KiB

6. Browsing on connected laptop does work. And when I hit a webpage I see the produced traffic like just explained.
   
   
   But something is not right:

7. Why don’t I see the proxy cache beeing build up?

8. Why don’t I see any ‘hits’?

9. Why do I only see incoming traffic on ether3 but see high traffic load in and out going on ether4?

Any advices?

To help return tcp traffic resolved, passed or cached to leave rb1000 from ether3 (the incoming port, so outgoing for return=internet traffic) I setup a route:

/ip route
add distance=1 gateway=10.50.50.1
add distance=1 dst-address=172.25.55.0/25 gateway=10.30.30.1

but the route becomes invalid…

So I checked the ether3 interface status, and its connected counterpart on the rb1100AH (ehter10) and they all show fine and are connected with autonegotiation on and running in 100Mb modus.
And althoug I can ping the IP of the connected port, the route stays invalid?
I also do see only traffic from rb1100AH/ether10 towards rb1000/ether3. Counters for traffic in the other direction stay at zero?

Now this is weird imho. Because there is always some traffic in both directions, even on virtually ‘dead’ connections. It looks traffic can only flow in one direction… except icpm. I tried to use port 1 and 2 on the rb1000 and also used other ports on the rb1100AH but to no avail. I even used another box but the same happens. And if I setup any other sort of routing over these ports they work fine…
Both the arp table and the neigbour show the opposite ports in both routers with mac and IP address and from both routers I can ping the connected interfaces.

So, why is my proxy cache notworking? Even though I have 50+ clients coming in over the mentioned vlan, there is little traffic and the cache is not beeing build.
How do I now actually know the CF card is really working?
It shows as beeing activated. It is recognized by the router.

And why is the used RAM in web proxy server section counting up while used cahce stays at ‘0’?


The whole idea is that by using an no more needed rb1000 as transparant web proxy I would reduce a bit traffic on my at times getting saturated 100mb backhaul link. But so far its only giving me headaches…
After some days, reading many posts and examples and several attempts I am on the point of just forgetting about web proxy at all…

Who can help me out?