Re: [LARTC] Per user bandwidth limiting ..for small ISP.using Squid

[Peter Surda <surda@shurdix.com>]

Madhava Rayudu schrieb:

> Sir,

Hello,

>  I am a small ISP in rural India distributing 1 MB
> link to 200 people.

...

> Squid saves me around 35% of bandwidth and hence I can
> not afford not to use it.


I hope people won't mind if I mention my project again:
http://www.shurdix.org

For some time it was successfully used on a network with 8MBit link and 
1400 users (although the peak of simultaneously active users was "only" 
slightly above 700). So it should be able to work in your situation.

Your situation is however special because you have squid. Combining 
squid and tc is problematic. However, there were some kind guys who 
designed the "tproxy" iptables extension, which can help you. It isn't 
easy to setup and if you have NAT you need 2 separate machines (one 
doing the NAT and one running the squid), but is doable. This way tc 
will see squid's traffic with the IP of the real client. Squid including 
the tproxy patch can be found in the optional package for shurdix (I'll 
document it on the wiki page if you are interested).

My recommendation for your situation would be something like this:
- keep your router, let it do NAT and perhaps a minimal firewall
- get a second machine, put it between the router and the LAN, and 
install shurdix there
- configure it to use TC and Squid (and optionally IP accounting and/or 
firewall if you like). No delay pools necessary.

I would like to stress again however that combining tproxied squid and 
tc isn't easy and is poorly documented (but possible and it works). YMMV.

> Rayudu.

Yours sincerely,
Peter

-- 
http://www.shurdix.org - Linux distribution for routers and firewalls

_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc