Reining in Bandwidth With Squid Proxying Page 2

Individual Restrictions

Class 2 pools are perfect for limiting individual users on networks with fewer than 255 users. This creates a cap of 512 Kbit/s on the pool, and 128 Kbit/s on individual users, with a 2048 Kbit/s reserve:

########Delay Pools#########
delay_pools 1
delay_class 1 2
delay_parameters 1 64000/64000   16000/256000
acl All src 0/0
delay_access 1 allow All

You don’t have to use multiples of 8, you can use any numbers of bytes:

delay_parameters 1 5000/10000  5000/7500

delay_pools 2
#pool 2, don't restrict LAN traffic
delay_class 1 2
#no bandwidth restrictions
delay_parameters 1 -1/-1 -1/-1
acl localUsers url_regex -i 192.168
delay_access 1 allow localUsers

Creating a Privileged Class

Yes, you can play favorites and grant some users more bandwidth by selecting a specific range of IPs. You may use dotted quad, CIDR, or hostnames. You don’t have to specify a netmask, Squid will try to calculate it, but it’s a good idea to use one anyway:

########Delay Pools#########
delay_class 1 1
delay_class 2 1
delay_parameters 1 64000/128000
delay_parameters 2 2048/64000
acl myFriends src 192.168.8.25-192.168.8.35/32
acl All src 0/0
delay_access 1 allow myFriends
delay_access 2 allow All

And there you are, playing favorites to your heart’s content. Squid comes with a monitoring utility so you can see how things are working:

# squidclient mgr:delay | less

Bigger, Faster, Stronger

If your needs are more complex, you’re probably better off biting the bullet, and learning to implement tc or rshaper.

Resources

• Squid proxy-cache is chock-full of great documentation and resources.
• The Bandwidth Limiting HOWTO has some good pointers for refining your bandwidth management.
• If you want to rassle with iproute2, see the Linux Advanced Routing & Traffic Control HOWTO

This article was originally published ServerWatch on May 21, 2004. Prior to that it was published on Enterprise Networking Planet.