Help with with delay pools

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Help with with delay pools

neok
Hello everyone, I don't know if anyone can help me with this configuration.

acl Domain_Users note group AQUAAAAAAAUVAAAA7TIfbORUj8PLQv4YAQIAAA==
delay_pools 1
delay_class 1 1
delay_parameters 1 2500000/2500000
delay_access 1 allow Domain_User

What I am looking for is to limit each individual user to 20 Mbit/s. But I don't know if I'm really limiting all users to 20 Mbit/s with this configuration.
Please, if someone with more experience could tell me if I am doing it right?
Thank you very much in advance.

PS.: I only have that doubt, the note acl is already matching transaction annotation of negotiate_kerberos_auth helper

squid -v
Squid Cache: Version 5.0.3
Service Name: squid

This binary uses OpenSSL 1.1.1d  10 Sep 2019. For legal restrictions on distribution see https://www.openssl.org/source/license.html

configure options:  '--prefix=/opt/squid-503' '--includedir=/include' '--mandir=/share/man' '--infodir=/share/info' '--localstatedir=/opt/squid-503/var' '--disable-maintainer-mode' '--disable-dependency-tracking' '--disable-silent-rules' '--enable-inline' '--enable-async-io' '--enable-storeio=ufs,aufs,diskd' '--enable-removal-policies=lru,heap' '--enable-delay-pools' '--enable-cache-digests' '--enable-underscores' '--enable-icap-client' '--enable-follow-x-forwarded-for' '--enable-auth-basic=fake,LDAP' '--enable-auth-digest=file,LDAP' '--enable-auth-negotiate=kerberos,wrapper' '--enable-external-acl-helpers=file_userip,kerberos_ldap_group,LDAP_group' '--enable-arp-acl' '--enable-esi--disable-translation' '--with-logdir=/var/log/squid-503' '--with-pidfile=/var/run/squid-503.pid' '--with-filedescriptors=65536' '--with-large-files' '--with-default-user=proxy' '--enable-linux-netfilter' '--enable-ltdl-convenience' '--with-openssl' '--enable-ssl' '--enable-ssl-crtd'


_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users
Reply | Threaded
Open this post in threaded view
|

Re: Help with with delay pools

Amos Jeffries
Administrator
On 15/10/20 7:52 am, Service MV wrote:

> Hello everyone, I don't know if anyone can help me with this configuration.
>
> acl Domain_Users note group AQUAAAAAAAUVAAAA7TIfbORUj8PLQv4YAQIAAA==
> delay_pools 1
> delay_class 1 1
> delay_parameters 1 2500000/2500000
> delay_access 1 allow Domain_User
>
> What I am looking for is to limit each individual user to 20 Mbit/s. But
> I don't know if I'm really limiting all users to 20 Mbit/s with this
> configuration.
> Please, if someone with more experience could tell me if I am doing it
> right?


You are not. The above limits all members of that group across the
entire network to share 19/Mbit/s.

To fix:

* for 20Mbit/s absolute speed set -1/2621440. That means maximum of
20Mbit (2621440) can be available for use, and fully refill the
available amount each second.

* for per-username limits set a class 4 pool with "none" (or older Squid
"-1/-1") for the limit parameters your policy does not care about.


So it should look like:

 delay_pools 1
 delay_class 1 4
 delay_parameters 1 none none none -1/2621440
 delay_access 1 allow Domain_User


HTH
Amos
_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users