Re: [squid-users] delay pools from Amos Jeffries on 2011-03-25 (squid-users)

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Sat, 26 Mar 2011 13:19:25 +1300

On 26/03/11 10:39, Márcio Luciano Donada wrote:
> I am using version: squid-2.7.9 FreeBSD. I am using Authentication with
> delay pools, as follows:
>
> auth_param basic program /usr/local/libexec/squid/squid_ldap_auth -R -D
> "cn=suporte,dc=xxx,dc=com,dc=br" -w "f34fadsfsdf" -b
> "ou=Usuarios,dc=xxx,dc=com,dc=br" -f "uid=%s" -h 192.168.1.1 -d v3
> auth_param basic children 5
> auth_param basic realm Digite sua senha
>
> acl ldap-auth proxy_auth REQUIRED
> http_access allow ldap-auth
> http_access allow localhost
> http_access deny all
> acl 128kbps proxy_auth "/usr/local/etc/squid/user.txt"
> acl 256kbps proxy_auth "/usr/local/etc/squid/profs.txt"
> acl admin proxy_auth "/usr/local/etc/squid/admin.txt"
>
> delay_pools 3
> delay_class 1 2
> delay_access 1 allow 128kbps
> delay_access 1 deny all
> delay_class 2 2
> delay_access 2 allow 256kbps
> delay_access 2 deny all
> delay_class 3 2
> delay_access 3 allow admin
> delay_access 3 deny all
>
> delay_parameters 1 128000/512000 128000/512000
> delay_parameters 2 512000/1024000 512000/1024000
> delay_parameters 3 -1/-1 -1/-1
>
>
> But initially it works fine, after 5 min, no longer access anything else
> is simply too slow and nothing works. I wanted to make a control of
> 128kbps and 256kbps to stay slow and not having to close the browser and
> restart the operation when

Couple of problems there:

Delay pools are measured in *Bytes*. Those numbers are 8x too big for
Kbps. Did you mean KBps? (upper/lower case matters a *lot* in bps units).

The first A/B parameter limits the entire network segment bandwidth. The
second one limits the individual IP.
Those limits above allow a single user to max out the connection and
block all other users from getting a single byte through.

Also, the pool #3 is doing relatively expensive traffic accounting in
order to do nothing. You can remove it entirely.

You want something like...

# pool 1: no network-wide cap, individuals at 128KBps
delay_parameters 1 -1/-1 131072/131072

# pool 2: no network-wide cap, individuals at 256KBps
delay_parameters 2 -1/-1 262144/262144

or, if you did means Kbps instead of KBps ...

# pool 1: no network-wide cap, individuals at 128Kbps
delay_parameters 1 -1/-1 16384/16384

# pool 2: no network-wide cap, individuals at 256Kbps
delay_parameters 2 -1/-1 32768/32768

Amos

-- 
Please be using
   Current Stable Squid 2.7.STABLE9 or 3.1.11
   Beta testers wanted for 3.2.0.5

Received on Sat Mar 26 2011 - 00:19:30 MDT

This archive was generated by hypermail 2.2.0 : Sun Mar 27 2011 - 12:00:03 MDT