Linux Securirty Notes 14: Squid notes 7: Bandwidth Management using Delay Pools

Squid - Delay Pools Bandwidth Management
    This feature is used to restrict the bandwidth usage for the user community. It  has been introduced in ver 2.x

Implementing bandwidth management using delay pool

Delay Pools have 3 different class for restriction

1. class 1 pool allows to restrict the rate of bandwidth for large downloads.
    This makes the restriction of rate of download of a large file.
Implementing Class1 delay pool
Steps:

1.  Define the ACL for the delay pool
2.  Defines the number of delay pools (delay_pools 1)
3.  Define the class of delay pool    (delay_calss 1 1)
4.  Set the parameters for the pool number (delay_parameres 1 restore_rate/max_size). Once the request exceds the max_size then the squid will make the bandwidth to the given restore_rate for a user/source(The mesurement is taken in "bytes")  eg:- delay_parameters 1 20000/15000
5.  Enable the delay_access to include the feature (delay_access)

Configure the class 1 delay pool
# vim squid.conf
--------
acl    bw_users    src    192.168.1.0/24      # The acl defined for the Network    
delay_pools    1                                         # This will tell the delay pool number
delay_calss    1 1                                       # This defines the delay pool number 1 is a class1 type delay pool
delay_parameters    1    20000/15000        #This is delay parameter for pool number 1 which has the restore rate of 20000 when the usage hits 15000 bytes
delay_access    1    allow    bw_users      # This is the access tag which tie to the acl bw_users
--------
# relaod the squid
    This will make the bandwidth usage for any one of the src when execeds the download limit of 15K, restores the rate of download to 20K/s.
Test the configuration by downloading files using wget
Limitations of class pool1:
    If we have a bandwidth of 1500000 Bytes and if we configure a rate of 20000 bytes per sec then the max simultaneous connections will be 1500000/20000 = 75. This will max out the connection if we have a large number of connections from the src
 
2. Class 2 pool allows to set the bandwidth usage to a sustained rate
    Using the class 2 pool we can overcome the Limitation of max out in class1. So here we can implement the Bandwidth in aggregate rate.


Configure the class 2 pool

If we have a Link with bandwidth of -(1.5Mb/s) 1544000 bytes/s of bandwidth
If we need to limit or set ceiling of 62500 bytes/s (500k/s) as bandwidth for the netusage
and 10% of the ceiling for each users

# vim squid.conf
----------
acl    bw_users    src    192.168.1.0/24 # The acl defined for the Network
delay_pools    1                                    # Number of Pool
delay_class    1 2                                  # Defines the class of pool for the Pool Number 1
delay_parametes    1 62500/62500 6250/6250 # This tells to create a cieling of 500K (62500) for our bandwidth having (1.5M) with a indivigual cieling of  #10% of the cieling (Any given time the users will be restricted to the 10% of the cieling bandwidth 500k)
delay_access  1  allow  bw_users        # This is the access tag which tie to the acl bw_users
----------
# reload squid
    Test the rate of bandwidth using wget. Here we can see that all the rate will be restricted to 10% of the cieling from the begning for all the src. This makes the rest of the bandwidth free for usage of other purpose i.e, Out of 1.5M we have taken a cieling of .5M for internel network and  we have told to squid that each request from src should get a 10% of .5M of bandwidth.
Note:-
 In the class1 pool the restriction of the bandwidth was started only after meeting the max size of download. But in class 2 instead of the max download size here we defined a ceiling and user is restricted to it from the beginning.
   
3. Class3 pool allows to restrict the bandwidth usage for subnets
    This will implement the bandwidth management with aggregate rate per subnets. i.e, the class2 pool with subnet-based ceiling

Configuring the class 3 pool
# vim squid.conf
----------
acl    bw_users    src    192.168.1.0/24 # The acl defined for the Network
delay_pools    1                                    # Number of Pool
delay_class    1 3                                 # Defines the class of pool for the Pool Number 1
delay_parametes    1 62500/62500 31250/31250 6250/6250 # This tells to create a cieling of 500K (62500) for our bandwidth having (1.5M) with a subnets cieling of 50% of the cieling (Any given time the request from the each subnets will be restricted to the 50% of the cieling bandwidth 500k and each users in subnet will have 20% of the bandwidth rate of subnet cieling)
delay_access  1  allow  bw_users       # This is the access tag which tie to the acl bw_users
----------
# reload squid
    This makes the squid to make the bandwidth usage 50% per subnet(Incase if we have 2 subnets in our network) and each user will get 20% of the subnet cieling. (i.e, out of 1.5M we have taken a cieling of .5M. the subnet cieling will share 50% of this .5M clieing(.25M). In each subnet the users will get 20%(.05M) of bandwidth of the subnet cieling (.25M)).
 
Delay Pool class2 with Time based ACL:
    This will implement the bandwidth management only during the business hours.

Configure the Class2 pool with time restriction
# vim squid.conf
----------
acl    bw_users src 192.168.1.0/24         # The acl defined for the Network
acl work_time time MTWHF 09:00-18:00
delay_pools    1                                      # Number of Pool
delay_class    1 2                                    # Defines the class of pool for the Pool Number 1
delay_parametes    1 62500/62500 25000/25000 # each user has given an average of 25000 bytes of bandwidth
delay_access  1  allow work_time         # This is the access tag which tie to the acl all and work_time.
----------
# reload squid
    This will make the class 2 pool to be activated only while the office hours. Test by changing the time in the squid servers after configuring the class 2 pool with time period.