Advertisment

Bandwidth Management Using Squid

author-image
PANKAJ
New Update

Click here for an updated version of this article

Advertisment

Internet bandwidth management has become essential for every networked organization because it's a limited resource and, therefore, must be utilized efficiently. There are various ways you can do it, both through software and hardware. Both methods let you allocate specific bandwidth to Internet traffic that can be further classified into Web, mail, ftp, etc. This classification helps in prioritizing the traffic and, hence, makes sure that a rise in one type does not lead to a clogging of another, perhaps more critical, traffic. Using bandwidth management, the traffic of each service is at an assured level at all times and you can even change these assured levels at fixed time slots during the day. Commercial bandwidth-management software solutions have been around for sometime, but can be expensive to implement. 

With the 2.2 Kernel and the current 2.4 Kernel, Linux has all the components built in to build your own



bandwidth-management system. However, configuring the Linux box for bandwidth management remains the most difficult part. In this article, we elucidate on how to use the Squid proxy server for controlling your Internet bandwidth. 

Squid is a widely deployed, high-performance proxy caching server for Web clients that support http, ftp etc. It keeps Meta data, and especially hot objects, cached in the RAM, caches DNS lookups, supports non-blocking DNS lookups and implements negative caching of failed requests. Squid supports SSL, extensive access controls and full request logging. Squid can, in fact, be used for bandwidth control very easily using the Webmin configuration tool. In PCQ Linux 8, Squid and Webmin configuration tools are installed by default. 

Advertisment

The first step is to point your browser to http://:10000 to fire up the Web interface of the Webmin configuration tool. can be 127.0.0.1 if you are accessing the interface from the same machine. Go to the server tab and select the Squid configuration option. Bandwidth control in squid entails two steps. One is to create an ACL (Access Control List) and the other to create a delay pool.

Creating ACL



You can do bandwidth management based on specific client MAC addresses, IP addresses, and even for specific applications. It's best to use a mix of all three criteria. In the Squid configuration menu, go to the Access control option. Here you'll notice that some default ACLs are already made. Create an access control of your own. As you'll realize there's a plethora of options available. You can select any one, which suits your need. We selected the Client IP option. Other options include port numbers so that bandwidth can also be set for individual applications.

After that you get an interface for entering the ACL name, the IP range and the net mask. If you want to allocate bandwidth to a single IP, then you can give the same IP in the IP range options. You can similarly create ACLs for other IP ranges. If you leave the failure link as blank, then Squid will itself generate a default failure page. Once the ACLs have been created, you have to add the newly created ACL in proxy restrictions on the main ACL interface. The action to be set is Allow and the ACL needs to be selected from 'Match

ACL' category.

Advertisment

Creating Delay Pools 



Delay pools provide a means to restrict bandwidth usage of clients. With delay pools, clients can be restricted at the individual level, or in groups. ACLs are used to apply bandwidth limits to users. For creating Delay pools, go to the main Squid configuration interface and select the Delay pool option. The Delay pool number is automatically generated by webmin, and can be from the three classes. Select class 2 — 'Aggregate and Individual' and then specify the minimum and ceiling bandwidth that needs to be allocated for individual and the total bandwidth to all the users as governed by the ACL. Once the details have been entered, you need to attach the ACL that was created. After saving you can now start squid simply by clicking on the Start Squid link.

All clients now need to point their proxy settings to this computer at port no 3128, which is the default port no at which Squid functions.

Related Articles

Advertisment

Optimizing Bandwidth Usin Squid

A Proxy Server with Squid

A Transparent Proxy With Squid

Advertisment