Squid Web Cache wiki

Squid Web Cache documentation

🔗 Feature: Delay Pools

🔗 Delay Pools

by David Luyer.

To enable delay pools features in Squid configure with –enable-delay-pools before compilation.

🔗 Terminology for this FAQ entry:

Delay pools allows you to limit traffic for clients or client groups, with various features:

This allows options such as creating a number of class 1 delay pools and allowing a certain amount of bandwidth to given object types (by using URL regular expressions or similar), and many other uses I’m sure I haven’t even though of beyond the original fair balancing of a relatively small traffic allocation across a large number of users.

🔗 There are some limitations of delay pools:

🔗 How can I limit Squid’s total bandwidth to, say, 512 Kbps?

delay_pools 1
delay_class 1 1
delay_access 1 allow all
delay_parameters 1 64000/64000          # 512 kbits == 64 kbytes per second

The 1 second buffer (max = restore = 64kbytes/sec) is because a limit is requested, and no responsiveness to a burst is requested. If you want it to be able to respond to a burst, increase the aggregate_max to a larger value, and traffic bursts will be handled. It is recommended that the maximum is at least twice the restore value - if there is only a single object being downloaded, sometimes the download rate will fall below the requested throughput as the bucket is not empty when it comes to be replenished.

🔗 How to limit a single connection to 128 Kbps?

You can not limit a single HTTP request’s connection speed. You can limit individual hosts to some bandwidth rate. To limit a specific host, define an acl for that host and use the example above. To limit a group of hosts, then you must use a delay pool of class 2 or 3. For example:

acl only128kusers src 192.168.1.0/24
delay_pools 1
delay_class 1 3
delay_access 1 allow only128kusers
delay_access 1 deny all
delay_parameters 1 64000/64000 -1/-1 16000/64000

For an explanation of these tags please see the configuration file.

The above gives a solution where a cache is given a total of 512kbits to operate in, and each IP address gets only 128kbits out of that pool.

🔗 How do you personally use delay pools?

We have six local cache peers, all with the options ‘proxy-only no-delay’ since they are fast machines connected via a fast ethernet and microwave (ATM) network.

For our local access we use a dstdomain ACL, and for delay pool exceptions we use a dst ACL as well since the delay pool ACL processing is done using “fast lookups”, which means (among other things) it won’t wait for a DNS lookup if it would need one.

Our proxy has two virtual interfaces, one which requires student authentication to connect from machines where a department is not paying for traffic, and one which uses delay pools. Also, users of the main Unix system are allowed to choose slow or fast traffic, but must pay for any traffic they do using the fast cache. Ident lookups are disabled for accesses through the slow cache since they aren’t needed. Slow accesses are delayed using a class 3 delay pool to give fairness between departments as well as between users. We recognize users of Lynx on the main host are grouped together in one delay bucket but they are mostly viewing text pages anyway, so this isn’t considered a serious problem. If it was we could take those hosts into a class 1 delay pool and give it a larger allocation.

I prefer using a slow restore rate and a large maximum rate to give preference to people who are looking at web pages as their individual bucket fills while they are reading, and those downloading large objects are disadvantaged. This depends on which clients you believe are more important. Also, one individual 8 bit network (a residential college) have paid extra to get more bandwidth.

The relevant parts of my configuration file are (IP addresses, etc, all changed):

# ACL definitions
# Local network definitions, domains a.net, b.net
acl LOCAL-NET dstdomain a.net b.net
# Local network; nets 64 - 127.  Also nearby network class A, 10.
acl LOCAL-IP dst 192.168.64.0/18 10.0.0.0/8
# Virtual i/f used for slow access
acl virtual_slowcache myip 192.168.100.13
# All permitted slow access, nets 96 - 127
acl slownets src 192.168.96.0/19
# Special 'fast' slow access, net 123
acl fast_slow src 192.168.123.0/24
# User hosts
acl my_user_hosts src 192.168.100.2/31
# Don't need ident lookups for billing on (free) slow cache
ident_lookup_access allow my_user_hosts !virtual_slowcache
ident_lookup_access deny all
# Security access checks
http_access [...]
# These people get in for slow cache access
http_access allow virtual_slowcache slownets
http_access deny virtual_slowcache
# Access checks for main cache
http_access [...]
# Delay definitions (read config file for clarification)
delay_pools 2
delay_initial_bucket_level 50
delay_class 1 3
delay_access 1 allow virtual_slowcache !LOCAL-NET !LOCAL-IP !fast_slow
delay_access 1 deny all
delay_parameters 1 8192/131072 1024/65536 256/32768
delay_class 2 2
delay_access 2 allow virtual_slowcache !LOCAL-NET !LOCAL-IP fast_slow
delay_access 2 deny all
delay_parameters 2 2048/65536 512/32768

The same code is also used by a some of departments using class 2 delay pools to give them more flexibility in giving different performance to different labs or students.

🔗 Where else can I find out about delay pools?

This is also pretty well documented in the configuration file, with examples. Squid install with a squid.conf.documented or squid.conf.default file. If you no longer have a documented config file the latest version is provided on the squid-cache.org website.

Categories: Feature

Navigation: Site Search, Site Pages, Categories, đŸ”Œ go up