Managing Internet Bandwidth: Experience in Faculty of Industrial Technology, Islamic University of Indonesia – Mukhammad Andri Setiawan
ISSN 1858-1633 2005 ICTS 39
used on the Web, and can provide bandwidth savings of up to 40 [1].
After the initial download of the resource the users do not have to compete for bandwidth on what is
likely to be a slow and congested external network path. Instead, users will get a copy of the resource
delivered rapidly to them from a local cache server over what will normally be a much faster and less
heavily loaded internal institutional network connection.
A hierarchy of caches may be used to increase the effective cache size and thus improve the hit rate.
Push caching attempts to place content in a cache before it is requested, either by looking at other
caches, or by predicting usage. Some of these techniques are discussed by Dias 1996 in his
research paper in title “A Smart Internet Caching System” as described in [1].
In Faculty of Industrial Technology, Islamic University of Indonesia, we do serve the Internet
access by using the Squid proxy server. Squid proxy server is used to cache web pages that have been
accessed recently. Squid is implemented as a transparent proxy at the central cache server,
therefore, users are automatically served by the proxy for all web access without any browser configuration.
4.2 Access List
Faculty of Industrial Technology is an academic institution. We realize that, most of Internet access
should be addressed into academic needs, and should not intended to fulfill needs on leisure such as
networking games, peer to peer program such as napster, e donkey, grokster, or bit torrent, and adults
sites, and ads. Here, we define access lists that will control user, which site they can visit and which one is
not.
We also combine access list and firewall in PC router to disable some common port that is used to run
some spyware program. Figure 2 show access list that is implemented in our server.
acl notsex url_regex -i etcsquidnotsex acl sex url_regex -i etcsquidsex
acl utara src 192.168.100.024 acl ftinetwork dst 202.150.76.20029
http_access always_direct allow ftinetwork
http_access allow notsex all http_access deny sex all
http_access allow utara
Figure 2. Access list configuration file
As a result, users who try to access site that is prohibited in our access list will get an error message.
4.3 Quality of Service QoS
To provide a good link connection, sometimes a network manager may wish to offer different levels of
service for different subsets of the traffic passing over the infrastructure. The QoS technologies allow the
manager to do this. The service levels that QoS deals with include
dedicated bandwidth, reduced packet loss, controllable amounts of jitter and latency and ensure that particular
traffic flows do not swamp the network and drown out other flows. These facilities can help ensure that
critical traffic is delivered more reliably [2]. The QoS systems operate only in real-time, in response to the
traffic. They do not generally attempt to manage traffic over a longer term. Also, QoS systems
normally operate in an environment where the total bandwidth requirement of high-priority traffic is less
than the available bandwidth. If high-priority traffic approaches or exceeds the available bandwidth,
performance degrades rapidly [1].
To make use of QoS, packets in flow need to be identified, classified and then marked. The
identification and classification of packets is performed as described above for traffic shaping,
either by source, destination and ports or by using application level probing into the packet contents [2].
In Faculty of Industrial Technology, we manage QoS especially at wireless networking. As we
provided free hotspot areas, we must provide a guarantee that the academic staffs still have a good
link quality even a numerous wireless user is connecting to our hotspot areas. We provide QoS well
so that our bandwidth doesn’t run out quickly because of the use of WiFi devices in our free hotspot areas.
The objective of much work on Quality of Service QoS is to provide desired levels of throughput,
delay, etc. in the face of unreliable networks and congestion. In wireless networking especially for the
free hotspot areas, we provide a low priority to all services, including HTTP, FTP, POP3, SMTP and a
few ports that commonly used in Internet. It means that all services will be treated as a lower level priority
if there are other activities that is using those services but not using the free hotspot connections. If the
priority is set to lower, a lower speed will impact; hence our bandwidth isn’t grabbed out by wireless
connections. The free hotspot areas will have its high priority back if the other connection is not using those
services.
4.4 Rate Limiting
It is very often that the amount of traffic wanting to use a network link of Internet far exceeds the
available capacity of the link. Rate limiting techniques are designed to force some request to reduce their
demands for bandwidth based on the protocol, network interface or user involved. Traffic shaping on
the other hand aims to spread out the demand for bandwidth and ensure that the most efficient use is
made of the available bandwidth. Both of these help to either reduce the required bandwidth to within the
Information and Communication Technology Seminar, Vol. 1 No. 1, August 2005
ISSN 1858-1633 2005 ICTS 40
available capacity or to give competing traffic a chance of using the link.
We implement this techniques using squid delay pool and reply_body_max_size configuration. Below
is our Delay pool configuration in Squid Configuration file which is located in
etcsquidsquid.conf
as shown in Figure 3.
reply_body_max_size 8000000 allow all acl magic_words1 url_regex -i 192.168.100
202.150.76 66.179.235 192.168.1 cisco .pdf netacad uii
acl magic_words2 url_regex -i ftp .mp3 .vqf .tar.gz .gz .rpm .exe .rar .avi .mpeg .mpe
.mpg .qt .ram .rm .iso .raw .wav .tar.bz2 .bz2
delay_pools 2 delay_class 1 2
delay_parameters 1 -1-1 -1-1 delay_access 1 allow magic_words1
delay_class 2 2 delay_parameters 2 50005000 5000120000
delay_access 2 allow magic_words2
Figure 3. Delay pool configuration File
The configuration above shows us, that a user can only download file not more than 8000000 bytes
approximately 7800 Kbytes. We prevent user to download a huge file, by doing this, it is expected that
bandwidth is not run out quickly.
We also create a rate limiting management by using delay pool. Conceptually, delay pools are
bandwidth limitations – “pools” of bandwidth that drain out as people browse the Web, and fill up at rate
we specify – this can be thought of as leaky bucket that is continually being filled. Delay behavior is
selected by ACLs low and high priority traffic, staff vs students or student vs authenticated student or so
on [4].
Above parameters create two delay pools. Each delay pool is class 2 which is suitable for aggregate
and individual access, so that we can control each client.
The first delay pool is initiated to provide a maximum capacity of Internet bandwidth to serve
client, it is useful when user try to connect to local area network begin with IP address 192.168.100,
connect to site that contain UII means every site that contain UII – Universitas Islam Indonesia – Islamic
University of Indonesia, then to download some PDF and DOC file, that usually is needed by academic
activities.
The second delay pool is initiated to limit the use of bandwidth capacity by limiting each user to
download at maximum rate 5000 bytes 40 kbps as an aggregate maximum download of each client, and
down the rate of download speed after opening some web pages if the total amount of download exceeds
120000 bytes.
5. RESULT