All,
In the run-up to the first big England game in that "World Cup" thing,
I've been asked to limit bandwidth related to streaming video. As
background, all connections on port 80/443 are forced through the proxy,
and I am aware there is nothing we can do with SSL sites other than
blocking by domain/url/url regex etc. For non-SSL sites I noticed that
all the big ones use CDNs like akamai so such matches are not always
useful.
I found this post on Nabble which leads me to believe that at some point
there was a commit enabling delay_access to work with acls based on
rep_mime_type:
http://squid-web-proxy-cache.1019090.n4.nabble.com/delay-access-and-rep-mime-type-td1044894.html
However having tested with 3.0.STABLE-19-1 on Ubuntu 10.4 server, I find
the rules do not seem to work, at least with a reply mime type of
application/x-fcs. I found (using tcpdump) at least for the BBC news and
IPlayer that a POST with the same mime type is involved, and the
following acls and rules are OK:
acl streaming_media rep_mime_type ^application/vnd.ms.wms-hdr.asfv1
acl streaming_media rep_mime_type ^application/x-fcs
acl streaming_media rep_mime_type ^application/x-mms-framed
acl streaming_media rep_mime_type ^video/x-ms-asf
acl streaming_media rep_mime_type ^audio/mpeg
acl streaming_media rep_mime_type ^audio/x-scpls
acl streaming_media rep_mime_type ^video/x-flv
acl streaming_media rep_mime_type ^video/mpeg4
#See continuation of email below!
acl streaming_media2 req_mime_type ^application/x-fcs
delay_access 2 allow streaming_media
delay_access 2 allow streaming_media2
delay_access 2 deny all
delay_parameters 2 24000/24000 24000/24000 3360/6400
However before I added the last acl in the list no traffic was sent to
pool 2. I am obviously concerned that I may not be able to restrict
video from sites that don't use such a POST method and just pull the
flash stream directly. Then there's HTML5 video to worry about, which is
a whole new kettle of fish.
I see this post from 2003:
http://www.squid-cache.org/mail-archive/squid-users/200310/0905.html
which says that it will not be processed in the delay_access matching.
What is the situation? Is such matching available in any Squid release
or did it never make it into trunk? Is there a patch available or is it
a no-no performance-wise? I'm not particularly concerned about delays in
loading content, more about bandwidth utilisation.
Many thanks
Alex
Received on Mon Jun 21 2010 - 17:29:34 MDT
This archive was generated by hypermail 2.2.0 : Mon Jun 21 2010 - 12:00:03 MDT