Marc Hansen wrote:
Hi,
I need to limit the traffic based on the stream, the way I unterstood the
delaypools, that I'm only abel to limit per IP or Network.
Depends on your Squid version. That is true for Squid-2. But not for
Squid-3 which has additional username-based and external_acl_type tag
based pools.
Now in short two questions.
- Is it possible to limit based on the stream
- In my conifg, attached, I try to limit the host do 64000Byte. Is the Limit
"Per Host" based on a special net?
No. It's based on the IP which is contacting Squid. a 0.0.255.255 mask
is applied for per-host to convert the IP into a bucket ID.
The per-net basis is done likewise, with a 0.0.255.0 mask instead,
exactly which mask is depends and is documented for each particular
delay_class.
http://www.squid-cache.org/Doc/config/delay_class/
From your configuration below, I do not think you will encounter
clashes. But if you go over the 10.209.2.* into 10.210.2.* for example
you might encounter clashes then.
For that case you simply create a separate but identical delay pool for
the 10.210/16 subnet. An ACL to enforce the pool separation keeps it
nice and non-clashing.
Maybe the subnet from the proxy?
We use more than one subnet and I will not run in a Networkproblem.
Regards
Marc
------------------------------------------------------------------------
acl delay500kbit dst 192.168.0.0/255.255.0.0
acl delay500kbit1 dst 10.209.31.0/24
acl delay500kbit2 dst 10.209.2.0/24
http_access allow SSL_ports
http_access allow Safe_ports
http_access allow CONNECT
http_access allow all
#never_direct allow direct
always_direct allow SSL_ports
always_direct allow direct
never_direct allow all
# always_direct deny local-external
# always_direct allow local-intranet
# never_direct allow all
###################
#192.168.0.0/16
#10.209.31.0/24
#10.209.2.0/24
#acl only128kusers src 192.168.1.0/255.255.192.0
delay_pools 1
delay_class 1 2
delay_access 1 allow !delay500kbit !delay500kbit1 !delay500kbit2
delay_access 1 deny all
Hmm, I'd merge the delay500kbit* ACL all together into one ACL:
acl delay500kbit dst 192.168.0.0/16
acl delay500kbit dst 10.209.31.0/24
acl delay500kbit dst 10.209.2.0/24
delay_access 1 allow !delay500kbit
you only need different ACL for the different classifications.
delay_parameters 1 9600000/15000000 64000/15000000
That pool means:
each /16 network is capped at ~9.6MB/sec with an initial peak of up to
~15MB/sec.
each /32 host inside the network is capped at ~64KB/sec with an
initial download of up to 15MB/sec
By initial download, I mean the pool starts with that much available.
They can download files under that size at full speed. But once the
bucket is emptied they get capped at the restore rate.
To do a full data cap you set N/N to the same number. So they start with
up to their full N rate, and every second they get another capped N to use.
Amos
--
Please be using
Current Stable Squid 2.7.STABLE6 or 3.0.STABLE14
Current Beta Squid 3.1.0.7
