Bandwidth Distribution in Squid 2.6 STABLE 4

Protecting your Linux box

Bandwidth Distribution in Squid 2.6 STABLE 4

Postby mudasir » Tue Oct 17, 2006 5:39 am

Hi,
I am a newbie in Linux. I have installed Linux RH4e and trying to run squid on it. Uptill now everything is going fine, now what i want to do is that to apply bandwidth restriction on per user base. I have about say 80 users on my network, now i want all of them to get no more than 8Kbps, and no ports should be blocked.

Like right now i have no security or anything like it. I am also looking forward to know how to bind IP and MAC Addresses, and to open all ports for all users but only to restrict the bandwidth of each user so that they can do what ever thay want in a given amount of bandwidth.

I hope you guyz understand what i am lookinf for here.
Looking forward for your replies.
Kind Regards
Mudasir Mirza (RHCE)
(+971)55-1045754
http://www.crystalnetworks.org
http://www.diglinux.com
mudasir
Captain
 
Posts: 565
Joined: Tue Oct 17, 2006 5:23 am
Website: http://www.crystalnetworks.org
Location: Dubai

Re:

Postby LinuxFreaK » Tue Oct 17, 2006 6:20 am

Dear mudasir,
Hello,

I believe you can use either Radius Authentication or use Delay Pools as well as few people use CBQ. Now choice is your's.

Best Regards.
Farrukh Ahmed
LinuxFreaK
Site Admin
 
Posts: 5132
Joined: Fri May 02, 2003 10:24 am
ICQ: 82075802
Website: http://www.linuxpakistan.net/wiki/index.php?pagename=LinuxFreak
WLM: f4fahmed@hotmail.com
Yahoo Messenger: f4fahmed@yahoo.com
AOL: linuxpakistan@aol.com
Location: Karachi

Postby waqaskhawaja » Tue Oct 17, 2006 4:44 pm

Download and watch this urdu cbt at http://www.wbitt.com/urducbts/squid8_delay_pools.avi. It contains an excellent explanation of controlling bandwidth using delay pools in squid.
waqaskhawaja
Lance Naik
 
Posts: 44
Joined: Thu Aug 31, 2006 8:52 pm
WLM: w_kh@hotmail.com
Yahoo Messenger: waqas.khawaja@yahoo.com
Location: Lahore Pakistan

Postby mudasir » Wed Oct 18, 2006 5:32 am

Hi,
I have found some stuff related to Delay Pools tag i want you guyz to look at it, and plz guide me.



#####DELAY POOLS
#This is the most important part for shaping incoming traffic with Squid

#We don't want to limit downloads on our local network.
acl magic_words1 url_regex -i 192.168

#We want to limit downloads of these type of files
#Put this all in one line
acl magic_words2 url_regex -i ftp .exe .mp3 .vqf .tar.gz .gz .rpm .zip .rar .avi .mpeg .mpe .mpg .qt
.ram .rm .iso .raw .wav .mov
#We don't block .html, .gif, .jpg and similar files, because they
#generally don't consume much bandwidth

#We want to limit bandwidth during the day, and allow
#full bandwidth during the night
#Caution! with the acl below your downloads are likely to break
#at 23:59. Read the FAQ in this bandwidth if you want to avoid it.
acl day time 09:00-23:59

#We have two different delay_pools
#View Squid documentation to get familiar
#with delay_pools and delay_class.
delay_pools 2

#First delay pool
#We don't want to delay our local traffic.
#There are three pool classes; here we will deal only with the second.
#First delay class (1) of second type (2).
delay_class 1 2

#-1/-1 mean that there are no limits.
delay_parameters 1 -1/-1 -1/-1

#magic_words1: 192.168 we have set before
delay_access 1 allow magic_words1


#Second delay pool.
#we want to delay downloading files mentioned in magic_words2.
#Second delay class (2) of second type (2).
delay_class 2 2

#The numbers here are values in bytes;
#we must remember that Squid doesn't consider start/stop bits
#5000/150000 are values for the whole network
#5000/120000 are values for the single IP
#after downloaded files exceed about 150000 bytes,
#(or even twice or three times as much)
#they will continue to download at about 5000 bytes/s

delay_parameters 2 5000/150000 5000/120000
#We have set day to 09:00-23:59 before.
delay_access 2 allow day
delay_access 2 deny !day
delay_access 2 allow magic_words2



now the problem is that i want to distribute bandwidth among my users not want to limit downloading speed.
I have three acl's names


acl clients-9 arp "/etc/mac-9.allow"
acl clients-14 arp "/etc/mac-14.allow"
acl clients-15 arp "/etc/mac-15.allow"


these lists contain users MAC addresses, now i want to distribute bandwidth between these users, each user should get 8Kbps.

and one more thing, most of my users are complaining that MSN and YAHOO are getting disconnected very frequently, and most of the chatting softwares like MIRC PALTALK EYEBALL, are not working.

can you tell me a way by which all traffic on all ports should be open for the above mentioned ACL's. Only bandwidth should be allocated so that my network wont get jammed.
Kind Regards
Mudasir Mirza (RHCE)
(+971)55-1045754
http://www.crystalnetworks.org
http://www.diglinux.com
mudasir
Captain
 
Posts: 565
Joined: Tue Oct 17, 2006 5:23 am
Website: http://www.crystalnetworks.org
Location: Dubai


Return to “%s” Security

Who is online

Users browsing this forum: No registered users and 2 guests

cron