mikewest09 wrote:
> Hi all,
>
> I've installed Squid 3 on our server (connected to a 100 Mbps connection)
> which contains our website and Squid. Now what I hope to do in order to
> avoid having the bandwidth sucked by one user, is that limit the bandwidth
> usage under Squid so that at any given time a user can download/use a
> maximum of 15 MB with the speed 100 Mbps, after which the speed drop
> automatically for this specific user to 10 Mbps
>
> I've read that this can be done using delay pools, although after reading
> few articles I can't figure out till now which 'class' (i.e. 1 or 2 or 3) to
> apply for the delay pool I am going to setup and what will be the best way
> to write the delay pool rule in order to apply the above limitation
>
For limiting individuals, you will want a class 2, 3 or 4 pool*.
> So can someone here please help me and show me how I can write the delay
> pool(s) necessary to apply the limitations mentioned above?
>
Sure thing. I'm going to assume that you are not using authentication
and that your Squid server is not hidden behind NAT from those who are
going to use it (each user will hit Squid from a unique source IP).
# Define one delay pool
delay_pools 1
# Specify delay pool 1 is class 2
delay_class 1 2
# Give the aggregate no limit, individuals a 15MB bucket, and a refill
rate of 10Mbit/sec
delay_parameters 1 -1/-1 1310720/15728640**
> Another question, will the limitation I plan to do here using delay pools
> affect the normal bandwidth of our website?
>
It can, but doesn't have to. If your domain is example.com...
acl mydomain dstdomain .example.com
delay_access 1 deny mydomain
delay_access 1 allow all
...would prevent delay pools from affecting access to any site in the
example.com domain, where...
delay_access allow all
...would affect all requests made through your proxy.
> P.S. I am not experienced in networks
>
> Thanks in advance for your time
>
Chris
* Using authentication credentials (class 4) is easy if you are already
requesting authentication from your users. If you are not using
authentication, that just means we'll identify users by IP (class 2 or
3). You can also use an external_acl_type to set a tag and base your
delay on that (with a class 5 pool), but that's probably more complexity
than you are interested in.
** Depending on how the source defines bytes, this number might have to
be 15360000 (15 * 1024 * 1000) or even 15000000 (15 * 1000 * 1000) to be
exactly 15MB. The documentation is unclear on this point. The conf
file states that 8000 = 64kb, but the example in the wiki
(http://wiki.squid-cache.org/Features/DelayPools, under the heading "How
do you personally use delay pools?") uses 1024 bits/kbit.
Received on Thu Dec 03 2009 - 23:53:36 MST
This archive was generated by hypermail 2.2.0 : Fri Dec 04 2009 - 12:00:01 MST