[squid-users] How to limit upload bandwidth in squid proxy?

[Amos Jeffries]

On 24/08/2015 1:03 p.m., Brandon Elliott wrote:
> Hi Nicolaas,
> 
> I read the article you pointed to, but it isn't applicable. I need to be
> able to limit upload bandwidth PER USER just like squid does for download
> bandwidth, per user.
> 
> QUOTE >> I don’t really know if squid supports this or not, but I can’t
> imagine why it would need to, with traffic control built into the linux
> kernel in a number of ways.
> 
> Somebody saw fit to put download bandwidth limiting into squid, so it makes
> sense to support upload bandwidth limiting as well.

Squid is *very* old software. Some of its features were literally part
of the founding days of the Internet.

Delay Pools is one that predates all modern QoS functionality. And is
quite limited in ways like the one you are hitting. If you can use the
system QoS do so, it is far more efficient.

> 
> I am already using ncsa_auth to manage squid users. I need a solution that
> doesn't involve using a second authentication just to limit upload
> bandwidth per user.
> 
> Any ideas?


client_delay_pools was added to meet this need. But be aware there is a
crash in there somewhere that has not been resolved.


Alternatively, Squid does have integration with the system QoS. The note
ACL type allows these to be set based on auth helper provided kv-pair
details; eg. user=Fred vs user=Bob.

You setup the system with all the QoS funtionality and Squid informs the
kernel what TOS/MASK classification to apply on the connection packets.
 <http://www.squid-cache.org/Doc/config/clientside_tos/>
 <http://www.squid-cache.org/Doc/config/clientside_mark/>

With client side there will always be inaccuracy on that auth based flow
control because the transaction is already underway by the time auth
gets invoked.

Amos