mark@ehle.homelinux.org wrote:
> Folks -
>
> I work at a public library.
>
> I would like to implement squid delay pools to accomplish a little
> throttling of the kiddies who come in after school and completely
> clobber our bandwidth in the afternoon. I would like to kill the folks
> who came up with youtube and myspace!
>
> Anyway, we have 4 departments with public internet access computers.
> The public network is 10.0.0.0/8. I have made department one computers
> IP addresses 10.1.0.X, department 2 10.2.0.X, and so on. I did this
> only to make VNC easier for my boss and I.
>
> My question is: can delay pools work on a class A network like I have
> set up here, or do I need to redo my IP scheme first?
It depends on how you'd like to go about limiting the traffic. A class
1 delay pool will put all the hosts subject to the pool into a limited
pipe. You could cap the whole 10.0.0.0/8 network's HTTP usage to some
figure. Bandwidth hogs would slow down all other HTTP traffic, but SSH,
SMTP etc could be given some "dedicated" space.
Or you could create class 3 delay pools (up to four, one for each of
10.0.0.0/16 10.1.0.0/16 10.2.0.0/16 and 10.3.0.0/16) which would give a
overall limit (to each subnet), as well as give each computer in each of
those pools a limit.
Or you could do both. Have a class 1 delay pool that limits all HTTP
traffic, and separate class 3 pools to limit each /16 subnet.
Then if you want to get really fancy, you could set the delay pools up
with a time-based ACL, so throttling only happens when the "kiddies" are
likely to be around.
Hopefully that's more helpful than confusing...
>
> Thanks -
>
> Mark
Chris
Received on Fri Nov 02 2007 - 14:37:40 MDT
This archive was generated by hypermail pre-2.1.9 : Sat Dec 01 2007 - 12:00:01 MST