On Thu, May 26, 2005 at 07:56:09PM +0100, Andy Furniss wrote:
> Peter Kaagman wrote:
>
> >But there is of course a src of packages I do not catch this way... and
> >these are the squid cache hits. Because I filter on destination the cache
> >hits get treated the same as cache misses. But cache hits are in effect
> >local traffic... they do not originate from the Internet.
>
> If squid is running on the same machine as your htb rules then (I think)
> the only way you can shape incoming traffic from the internet properly
> is to use imq.
>
Not really sure what imq is, will have to look that up tomorrow.
> I have not used squid - so may be wrong, but the patches will let you
> classify hits so they can be let through at lan speed. But what about
> misses - I assume that squid will connect to the internet and fetch the
> data unlimited even if they then get served to the lan at restricted speed.
>
> Andy.
I think you have a point there... atm I am only shaping at eth1, which
is the LAN interface. I will still have to shape eth0, which is my
Internet interface. Not only for squid to behave, but also to give my
DMZ (and services on the LAN) a fighting change to connect when the
link is full. But after shaping eth1, with all those classes for all
the networks, shaping eth0 should be a piece of cake (I hope).
But what I saw with iptraf was that eth1 "maxed out" at 2mbit while
eth0 had a load of about 1.8mbit (in only maxed out on bursts). That
was exactly what made me wonder where that difference came from. My
best idea was that the difference was caused by the cache hits.
But I think the squid zhp patch at it-academy.bg will solve my miss/hit
problem. Taken from it's documentation it does exactly what I want.
Will try that tomorrow. Re-compiling squid is not really a problem...
build the (slackware) package myself anyway since it did not come with
the stock distro.
After that I will probably have to look in to prioritising things like
DNS, SMTP, IMAP and SSH. Although getting stuff out of our network is not
really a problem, only the download is congested.
Peter
PS
I found out that a couple of replies I made were actually private
messages... sorry about that. Most of what was said it them is repeated
in this message... except for the "Thanks for the quick reply"
--
Frisbeetarianism, n.:
The belief that when you die, your soul goes up on the roof and
gets stuck.
_______________________________________________
LARTC mailing list
[email protected]
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
