Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Proposed changes to squid package: Traffic Mgmt

    Cache/Proxy
    2
    3
    914
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • V
      Valeriy
      last edited by

      I had issues with default pfsense GUI settings not properly working for my proxy setup.
      Based on my findings I found out the following:

      Lets assume we would like to limit overall traffic to 1250 KBps and individual host traffic to 64 KBps
      The following changes were made under Traffic Mgmt tab:

      Overall Bandwidth Throttling: 1250
      and
      Per-Host Throttling: 64

      It resulted in the following config:

      delay_pools 1
      delay_class 1 2
      delay_parameters 1 1280000/1280000 65536/65536
      delay_initial_bucket_level 100
      delay_access 1 allow allsrc

      according to squid documentation:
      http://www.squid-cache.org/Doc/config/delay_class/

      class 2                 Everything is limited by a single aggregate
      bucket as well as an "individual" bucket chosen
      from bits 25 through 32 of the IPv4 address.

      class 3 Everything is limited by a single aggregate
      bucket as well as a "network" bucket chosen
      from bits 17 through 24 of the IP address and a
      "individual" bucket chosen from bits 17 through
      32 of the IPv4 address.

      So that means the above generated config is not suitable for your setup if your LAN address space has more than 1x24bit subnet (one 16bit subnet or few 8-16 subnets, for instance).

      Also, when both limits are set (overall and per-host) it makes more sense to set host delay_parameters for host to
      restore equals to host throttling
      maximumequals to overall limit
      (or make more editable fields in GUI so that could be manually adjusted)

      My suggestion is:

      1. When only Per-Host Throttling: is set in GUI, then create class 3 pool by default, with strict host limit:

      i.e. in my example:

      delay_pools 1
      delay_class 1 3
      delay_parameters 1 -1/-1 -1/-1 65535/65535

      1. When Per-Host Throttling: and Overall Bandwidth Throttling: is set,
        then create class 3 pool with:
        -  aggregate limit strictly equal to Overall Bandwidth Throttling: value
      • and host limit restore equal to Per-Host Throttling: and maximum equal to aggregate limit (Overall Bandwidth Throttling: ) values.

      i.e. in my example, part of squid.conf config will look like:

      delay_pools 1
      delay_class 1 3
      delay_parameters 1 1280000 /1280000 -1/-1 65535/1280000

      P.S.
      That has been tested in live environment and works pretty well.

      1 Reply Last reply Reply Quote 0
      • D
        doktornotor Banned
        last edited by

        Pull requests go to GitHub. https://github.com/pfsense/FreeBSD-ports/tree/devel/www/pfSense-pkg-squid

        1 Reply Last reply Reply Quote 0
        • V
          Valeriy
          last edited by

          Thanks, will do.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.