mark@xxxxxxxxxxxxxxxxxx wrote:
Chris -
Thanks for the reply.
Just so I understand, then, even though my network has an 8-bit mask,
I can specify a 16-bit mask when defining an ACL?
Affirmative. Squid is completely unaware of your network layout.
So - on my 10.0.0.0/8 network, I could do something like:
src dept1 src 10.1.0.0/255.255.255.0
This is a 24 bit netmask. But that's just being picky. :o)
src dept2 src 10.2.0.0/255.255.255.0
src dept3 src 10.3.0.0/255.255.255.0
src dept4 src 10.4.0.0/255.255.255.0
delay_pools 4
delay_class 1 2
delay_class 2 2
delay_class 3 2
delay_class 4 2
delay_parameters 1 16348/2097152
For a class 2 pool you need to specify aggregate and individual pools.
If you don't want limits for the aggregate, use "-1/-1". Perhaps what
you meant here was...
delay_parameters 1 2097152/2097152 16348/16348
...which would give (for example) 10.1.0.143 around 128kbps* of
bandwidth (max, with no allowance for bursting), and all computers
10.1.0.1 through 10.1.0.255 a combined pool of in the neighborhood of
16mbps of bandwidth (roughly equivalent to 10 T1s).
delay_parameters 2 16348/2097152
delay_parameters 3 16348/2097152
delay_parameters 4 16348/2097152
delay_access 1 allow dept1
delay_access 2 allow dept2
delay_access 3 allow dept3
delay_access 4 allow dept4
???
.
Other than that one issue, it looks fine to me.
Chris
* Delay pool parameters are specified in bytes. Most networks are
provisioned in bits. If all four of the pools were maxing out their
aggregate download speeds, you'd be nearly maxing a 100 Base-T ethernet
connection. It would, however take almost 200 computers in each pool
all maxing out their individual pools to hit this figure.
