Search squid archive

Re: Having trouble figuring out delay pools

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Jeff Gregor wrote:
I have a site that connects to the internet via satellite. Squid 3.0 sits on the firewall as a transparent proxy to reduce the amount of data downloaded (we have a daily threshold) and to speed up access (since satellite latency sucks). The satellite serves two groups of users, each on their own subnet. There's public access on 192.168.20.0/24, and office access on 192.168.10.0/24. Usable bandwidth is about 1 Mbps. Right now it seems like one or two users (generally on the public subnet) suck up all the bandwidth and the rest of the network slows to a crawl. I'd like to accomplish the following:
   *   Split usable bandwidth in half, 512 kbps for each subnet

This you can do.

   *   Idle bandwidth should be available for the office subnet
(ie, if no one is using public access, full bandwidth should be available for office use )

Delay pools do not allow for this.

* Establish per-user (by IP) limits on each net so that one user can't suck up all available bandwidth from their subnet

This you can do.

      (and again, if network is idle users should get more bandwidth.)

Again, delay pools do not really allow for this. You'd have to look into a fair queuing algorithm for your firewall to do this properly.

Generally there is a max of about 10 users on each subnet at a time, and usually far fewer.

I already have existing acls for the two subnets:
   acl publicusers src 192.168.20.0/24
   acl officeusers src 192.168.10.0/24

I'm really struggling with what combination of delay pool types and bandwidth settings would accomplish this - figuring out what per-user settings should be really has me stumped. Math is not among my strengths. :-) I've read the documentation in the conf file and googled extensively, but I just can't seem to wrap my brain around this.

Any help would be greatly appreciated!

Something like...

# Declare two pools
delay_pools 2
# Define the first pool type
delay_class 1 2
# Define the second pool type
delay_class 2 2
# Define the limits of the first pool (512kbit.sec aggregate, 128kbit/sec individual)
delay_parameters 1 64000/64000 16000/16000
# Same thing for the second pool
delay_parameters 2 64000/64000 16000/16000
# Shove the public users in pool 1...
delay_access 1 allow publicusers
# ...and the office workers into pool 2
delay_access 2 allow officeusers

...would (as the commenting suggests) create two equal pools of 512kbit.sec max, and give each IP in the subnet a max of 128kbit.sec (one quarter of the aggregate). Alternatively, you could choose to define only one pool and only apply it to the public access. This would keep the public access from taking more than their "fair share" but would allow the office workers free reign. Additionally, you might make a time-based ACL such that the public access delay pool only applies during "office hours". Just be aware that delay pools are only assigned at the initiation of a request.

Chris


[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux