Squid delay Pools – Per User IP Browser Window and Bandwidth Limit


How to configure squid delay Pools with Per User, Per IP, Browser, Window based Restriction, bandwidth Management, YouTube Streaming, Upload, Bucket

Squid delay pools Configuration Examples

User based bandwidth Restriction, browser window based limit Examples.

Delay pools are used for limiting the bandwidth of web traffic. We can restrict bandwidth based on source ip address, destination ip address, source domain, and destination domain.

1) URL, keyword based bandwidth restriction

This will limit the bandwidth for the following keywords video.domain.com mail cricket

acl group1 url_regex -i video.domain.com mail cricke
delay_pools 1
delay_class 1 1

# 256 Kbit/s fill rate, 1024 Kbit/s reserve
delay_parameters 1 32000/128000
delay_access 1 allow group1

2) IP Based Restriction

Below configuration will restrict bandwidth for the ip range 10.5.1.1-10.5.1.255 and allow full bandwidth for the rest of all

acl ipgroup src 10.5.1.1-10.5.1.255/32
delay_pools 1
delay_class 1 1

# 256 Kbit/s fill rate, 1024 Kbit/s reserve
delay_parameters 1 32000/128000
delay_access 1 allow ipgroup
delay_access 1 deny all

3) User group based restriction

Restrict bandwidth for user1,2,3

acl restuser proxy_auth user1 user2 user2
delay_pools 1
delay_class 1 1

# 256 Kbit/s fill rate, 1024 Kbit/s reserve
delay_parameters 1 32000/128000
delay_access 1 allow
restuser  
delay_access 1 deny all

4)time based bandwidth limit

For time based bandwidth limiting, use the below acl
acl Night_time time SMTWHFA 20:00-24:00
acl Morning_time time SMTWHFA 00:00-08:30

Delay Class

Class of the delay pool used is defined using this tag. There must be exactly one delay_class line for each delay pool. There are five categories of delay classes.

class 1     Everything is limited by a single aggregate bucket.
class 2     Everything is limited by a single aggregate bucket as well as an “individual” bucket chosen from bits 25 through 32 of the IP address.
class 3  Everything is limited by a single aggregate bucket as well as a “network” bucket chosen from bits 17 through 24 of the IP address and a “individual” bucket chosen from bits 17 through 32 of the IP address.
class 4  Everything in a class 3 delay pool, with an additional limit on a per user basis. This only takes effect if the username is established in advance – by forcing authentication in your http_access rules.
class 5  Requests are grouped according their tag

5) Limiting bandwidth usage both overall and per-user

acl all src all
delay_pool_count 1
delay_class 1 2 # delay class2

#overall speed(1MB=1000/8*1000=125000) and the per-IP speed(25k)
delay_parameters 1 125000/125000 25000/25000
delay_access 1 allow all