Re: [squid-users] delay pools

From: Márcio Luciano Donada <mdonada_at_auroraalimentos.com.br>
Date: Sun, 27 Mar 2011 10:36:21 -0300

Em 25/3/2011 21:19, Amos Jeffries escreveu:
> On 26/03/11 10:39, Márcio Luciano Donada wrote:
>> I am using version: squid-2.7.9 FreeBSD. I am using Authentication with
>> delay pools, as follows:
>>
>> auth_param basic program /usr/local/libexec/squid/squid_ldap_auth -R -D
>> "cn=suporte,dc=xxx,dc=com,dc=br" -w "f34fadsfsdf" -b
>> "ou=Usuarios,dc=xxx,dc=com,dc=br" -f "uid=%s" -h 192.168.1.1 -d v3
>> auth_param basic children 5
>> auth_param basic realm Digite sua senha
>>
>> acl ldap-auth proxy_auth REQUIRED
>> http_access allow ldap-auth
>> http_access allow localhost
>> http_access deny all
>> acl 128kbps proxy_auth "/usr/local/etc/squid/user.txt"
>> acl 256kbps proxy_auth "/usr/local/etc/squid/profs.txt"
>> acl admin proxy_auth "/usr/local/etc/squid/admin.txt"
>>
>> delay_pools 3
>> delay_class 1 2
>> delay_access 1 allow 128kbps
>> delay_access 1 deny all
>> delay_class 2 2
>> delay_access 2 allow 256kbps
>> delay_access 2 deny all
>> delay_class 3 2
>> delay_access 3 allow admin
>> delay_access 3 deny all
>>
>> delay_parameters 1 128000/512000 128000/512000
>> delay_parameters 2 512000/1024000 512000/1024000
>> delay_parameters 3 -1/-1 -1/-1
>>
>>
>> But initially it works fine, after 5 min, no longer access anything else
>> is simply too slow and nothing works. I wanted to make a control of
>> 128kbps and 256kbps to stay slow and not having to close the browser and
>> restart the operation when
>
> Couple of problems there:
>
> Delay pools are measured in *Bytes*. Those numbers are 8x too big for
> Kbps. Did you mean KBps? (upper/lower case matters a *lot* in bps units).
>
> The first A/B parameter limits the entire network segment bandwidth.
> The second one limits the individual IP.
> Those limits above allow a single user to max out the connection and
> block all other users from getting a single byte through.
>
> Also, the pool #3 is doing relatively expensive traffic accounting in
> order to do nothing. You can remove it entirely.
>
>
> You want something like...
>
> # pool 1: no network-wide cap, individuals at 128KBps
> delay_parameters 1 -1/-1 131072/131072
>
> # pool 2: no network-wide cap, individuals at 256KBps
> delay_parameters 2 -1/-1 262144/262144
>
>
> or, if you did means Kbps instead of KBps ...
>
> # pool 1: no network-wide cap, individuals at 128Kbps
> delay_parameters 1 -1/-1 16384/16384
>
> # pool 2: no network-wide cap, individuals at 256Kbps
> delay_parameters 2 -1/-1 32768/32768
>
>
> Amos

Thanks, worked perfectly

-- 
Márcio Luciano Donada
Aurora Alimentos - T.I. Matriz
Coop. Central Oeste Catarinense
Received on Sun Mar 27 2011 - 13:36:41 MDT

This archive was generated by hypermail 2.2.0 : Mon Mar 28 2011 - 12:00:02 MDT