On 21/03/2012 2:26 a.m., Brian Landy wrote:
Hi, I was hoping to use traffic shaping to reserve bandwidth for http streaming
video, and use squid to tag the video traffic separately from other content. I
am running OpenBSD 5.0 with squid 2.7, using squid as a transparent non-caching
proxy. I am attempting to get squid to set the TOS on the packets from server
to client so pf can assign them to an appropriate queue (outbound on the
internal interface).
So I tried something like this:
acl webvideo rep_mime_type -i ^video/MP2T$
acl webvideo rep_mime_type -i ^video/mp4$
tcp_outgoing_tos 0x15 webvideo
However, as best I can tell squid is not setting the tos on any of these
packets. Have I overlooked something? (the 0x15 was picked at random) I
verified I have the rep_mime_types defined properly by setting
“http_reply_access deny webvideo” and the content was blocked.
You overlooked that outgoing TOS is on the request from Squid to the
server. Squid does not have any reply yet.
You need to find some request-based way to predict what type of reply
will come back. I would think a few false positives would be fine so you
can probably base it on the domain name or a URL file-extension pattern.
Squid ACLs have full access to any header content though, there may be
something better buried in there.
Also, to validate that squid was able to set TOS at all, I tried this:
acl all src all
tcp_outgoing_tos 0x15 all
In this case I see the tos set on the packets to the server, but not set on the
packets back to the client (which I believe I need set in order to assign the
streaming content to the appropriate queue on the inside interface).
There is a clientside_tos in Squid-3 series for the packets going from
Squid to client.
Any advice on what I am doing wrong, or whether squid is even the correct
approach for this, is greatly appreciated. Thanks!
You need to upgrade to squid-3. Preferrably the current supported
release (3.1.19 as of this writing).
Amos
