Re: [squid-users] Detecting and blocking child proxy servers

From: Henrik Nordstrom <[email protected]>
Date: Tue, 31 Jul 2007 22:07:25 +0200

On tis, 2007-07-31 at 12:34 -0700, squid inbox wrote:

> One of the techniques that my ISP uses is that when a
> program is downloading with full throttle, and when i
> open a page, his server will not split the speed for
> the requests, instead it either ignores it or replies
> after a large amount of time.

More likely it's just a very large link transmit buffer at the ISP
causing latency to skyrocket.. seen on most DSL links. It's a common
technique used for maximising download speeds, but serverely hurts
interactivity while a download is in progress.

Easily overcome by shaping/restricting your incoming traffic to just
below the actual link speed, as if you had a slightly slower connection.
A difference of a few bps should be sufficient, i.e. limit your traffic
to 250 kbps if you have a 256 kbps link. The purpose of this is to make
TCP back off before the link buffers at the ISP fills up..

You can easily test if this is the case by trying to ping some host
while the download is running. If this is the case the you will see huge
ping times, as large as 10 seconds or more.. The latency for new HTTP
requests is at minimum twice the ping time..

Regards
Henrik

Received on Tue Jul 31 2007 - 14:07:41 MDT

This archive was generated by hypermail pre-2.1.9 : Wed Aug 01 2007 - 12:00:04 MDT