Bandwidth Limiting (Part 1)
Introduction
The purpose of this guide is to provide an easy solution for limiting incoming traffic, thus preventing our LAN users from consuming all the bandwidth of our internet link. This is useful when our internet link is slow or our LAN users download tons of mp3s and the newest Linux distro’s *.iso files.
Before We Start
Let’s imagine the following situation:
We have 115,2 kbits/s ppp (modem) internet link (115,2/10 = 11,5 Kbytes/s). Note: with eth connections (network card) we would divide 115,2 by 8; with ppp we divide by 10, because of start/stop bits (8 + 1 + 1 = 10).
· We have some LAN stations and their users are doing bulk downloads all the time.
· We want web pages to open fast, no matter how many downloads are happening.
· Our internet interface is ppp0.
· Our LAN interface is eth0.
· Our network is 192.168.1.0/24
Believe it or not, shaping the incoming traffic is an easy task and you don’t have to read tons of books about routing or queuing algorithms. To make it work, we need at least Squid proxy; if we want to fine tune it, we will have to get familiar with ipchains or iptables and CBQ. To test our efforts, we can install IPTraf.
Squid is probably the most advanced HTTP proxy server available for Linux. It can help us save bandwidth in two ways:
The first is a main characteristic of proxy servers −− they keep downloaded web pages, pictures, and other objects in memory or on a disk. So, if two people are requesting the same web page, it isn’t downloaded from the internet, but from the local proxy.
The second apart from normal caching, Squid has a special feature called delay pools. It is possible to limit internet traffic in a reasonable way, depending on so-called ‘magic words’, existing in any given URL. For example, a magic word could be *.mp3, *.exe or *.avi*, etc. Any distinct part of a URL (such as *.avi) can be defined as a magic word.
We can tell the Squid to download these kinds of files at a specified speed (in our example, it will be about 5 Kbytes/s). If our LAN users download files at the same time, they will be downloaded at about 5 Kbytes/s altogether, leaving remaining bandwidth for web pages, email, news, IRC, etc. Of course, the Internet is not only used for downloading files via web pages (http or ftp). Later on, we will deal with limiting bandwidth for Napster, RealAudio, and other possibilities.
Here, I will explain how to install the necessary software so that we can limit and test the bandwidth usage.
Installing Squid with the delay pools feature
Squid has a feature called delay pools, which allows us to control download bandwidth. Unfortunately, in most distributions, Squid is shipped without that feature.
So if you have Squid already installed, I must disappoint you −− you need to uninstall it and do it once again with delay pools enabled in the way I explain below.
· To get maximum performance from our Squid proxy, it’s best to create a separate partition for its cache, called /cache/. Its size should be about 300 megabytes, depending on our needs.
If you don’t know how to make a separate partition, you can create the /cache/ directory on a main partition, but Squid performance can suffer a bit.
· We add a safe ’squid’ user:
# useradd −d /cache/ −r −s /dev/null squid >/dev/null 2>&1
No one can log in as squid, including root.
· We download Squid sources from http://www.squid−cache.org.
· We unpack everything to /var/tmp
# tar xzpf squid−2.4.STABLE1−src.tar.gz
· We compile and install Squid (everthing is in one line):
# ./configure −−prefix=/opt/squid −−exec−prefix=/opt/squid −−enable−delay−pools −−enable−cache−digests −−enable−poll
−−disable−ident−lookups −−enable−truncate −−enable−removal−policies
# make all
# make install
Tags: bandwidth, bandwidth limiting, ipchains, iptables, limiting bandwidth, limiting proxy, proxy limiting, proxy server, squid, squid pool, squid proxy
