Re: [squid-users] Squid and congestion management

From: Dave Raven <dave@dont-contact.us>
Date: Thu, 6 Dec 2001 15:35:44 +0200

It depends what you want from the bandwidth shaper.
I would suspect you would want to have the BW Mgmt box in front of you squid box; regardless of squid's built
in traffic shaping. You dont only want to limit web; you more than likely want to prioritize it.
For example; If you have a lot of UDP traffic, and a lot of web; The UDP will kill your web connection; but if the mgmt box
is in front of you squid; everything will run as it should.

In essence your bw mgmt box should be either behind your router or your gateway(firewall etc);
All traffic should pass through it; ergo diagram b is better.

As for multi-thread programs; you bw mgmt box should be able to do reverse rules (aka sharing).
This will limit by IP and not session etc. When you share it; the user will get all the bandwidth untill someone else enters;
in which case the b/w is shared between the two IP's; not the number of sessions. This will require investigation on your part
into bandwidth shaping.

--Dave
OpteqSec.

  ----- Original Message -----
  From: Cagri Yucel
  To: squid-users@squid-cache.org
  Sent: Thursday, December 06, 2001 10:23 AM
  Subject: [squid-users] Squid and congestion management

  Dear Squid Admins,

   

  I have a question on how squid works, consider the following configuration:

   

  LAN-----------B/W Mgmt--------------Squid Box---------------Internet

   

  On the B/W Mgmt system, I intend to limit bandwidth for specific LAN subnets, no problem up to here.

  But what happens, a user from the limited LAN segment starts a long http download which proxied by the Squid ?

   

  Two options :

   

  B/W to the user limited, but squid downloads all the file as if there is no restriction, and delivery the user slowly ?

   

  Or

   

  As squid could not deliver to the user as fast as it downloads the file, it also delays the download (lowers the b/w consuption on Internet side) ?

   

  Which one is correct ?

   

  My current config is:

   

  LAN-----------Squid Box----------------B/W Mgmt-------------Internet

   

  Here I can not limit http traffic as it seems to be sourced from the same user (squid IP)

   

  Btw, is there any idea on how Squid could be used for traffic shaping ? I have found the acl options for max file size and max connections, are there any similar tools ? For examle limit for the connections form same source to same dest ???

   

  Beyond all this, could you give me an idea on how to limit the use of multi-threat download programs ?

   

  Thanks in advance for any ideas or advice.

   

  Cagri Yucel
Received on Thu Dec 06 2001 - 06:40:48 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:05:15 MST