Squid Proxy Server: limit total bandwidth

We have a marvellous squid proxy with dansguardian for filetering and they both work just great. Is there any easy way to limit the total bandwidth usage? I'd like to set the max amount of squid users internet use to 1200 since our total band is 2000 and I need the rest to ensure other services such as voip to work without hiccups related to huge downloads on the "internet side" of our connection and similar issues. I mean a total squid bandwidth limitation and not a user-based.

Fair thanks to everybody.

Solution 1:

You could set up shaping with rules something like this:

tc qdisc del dev eth0 root

tc qdisc add dev eth0 root handle 1: htb default 1 r2q 160

tc class add dev eth0 parent 1: classid 1:1 htb rate 2000kbit burst 1k
tc class add dev eth0 parent 1:1 classid 1:2 htb rate 2000kbit ceil 2000kbit burst 1k
tc class add dev eth0 parent 1:1 classid 1:3 htb rate 1200kbit ceil 1200kbit burst 1k

tc qdisc add dev eth0 parent 1:2 handle 2: sfq perturb 10
tc qdisc add dev eth0 parent 1:3 handle 3: sfq perturb 10

Then you could use iptables to classify packets into these classes:

iptables -t mangle -A POSTROUTING -o eth0 --set-class 1:2
iptables -t mangle -A POSTROUTING -o eth0 -m tcp -p tcp --dport 80 -j CLASSIFY --set-class 1:3

Note that it's the last matching rule that sets the class, it doesn't short-circuit when one rule matches. It took me a while to grok that.

Solution 2:

Yes yoy can limit Squid's total bandwidth. For exapmle say, 512 Kbps?
Add following to /etc/squid3/squid.conf

delay_pools 1  
delay_class 1 1  
delay_access 1 allow all  
delay_parameters 1 64000/64000          # 512 kbits == 64 kbytes per second  

To change a running instance of squid run following after changing the config file
sudo squid3 -k reconfigure

Reference
DelayPools
Bandwidth-Limiting-HOWTO