# How to limit client Internet access bandwidth?



## jamesgu_cn (Jul 31, 2013)

I setup set up the Internet proxy server Squid for 250 end-users / 100M shared Internet bandwidth, some of the users download video or huge files which affect normal users' bandwidth. 

How to limit end-user session to 100k only if he/she wants to access Internet? Shall I use ipfw or pf firewall? If yes, how to configure the firewall? Thanks!


----------



## adripillo (Jul 31, 2013)

jamesgu_cn said:
			
		

> I setup the Internet proxy server SQUID for 250 end-users / 100M shared Internet bandwidth, some of users download video or huge files which affect normal users' bandwidth.
> 
> How to limit end-user session to 100k only if he/she wants to access Internet? Shall I use ipfw or pf firewall? if yes, how to configure the firewall? thanks!



If I did not understand wrong what @SirDice told me, these things are most of the time limited using hardware devices, like specials routers or firewalls. Some of them come with pfSense that let you manage all the connections.

If you have one server or semi server with at least two network cards you can download pfSense and do it your self. Here is a nice guide if you wish to do it
http://tinyurl.com/op3xj2v


----------



## ondra_knezour (Jul 31, 2013)

See for example https://calomel.org/pf_hfsc.html

Queueing will give you much more than simple hard limiting each user to given speed, because most users simply don't use their lines all time at top speed and many non interactive, non audiovisual services don't need response times in miliseconds. By the trafic prioritization you can easily deliver high quality online video, gaming, VoIP and other services with high responsive demands and other ones with huge bandwith demands like FTP, emails with attachments etc., which can wait second here and there side by side.


----------



## adri (Aug 1, 2013)

Or use the delay_pools?


----------

