Background: I attend a small private school with a medium size network (~250 machines). Our net admin has asked me for help. He's not the best net admin in the world, but he gets it done (sort of).
Problem: We are required to use a filtering proxy server by the college. In our case, we use optenet We are having problems with bandwidth management. We put in a computer running ntop at my recommendation to see what's going on, and we have a problem with p2p software.
Opetnet, however, is perhaps the worst filtering suite I've ever seen. It has almost zero configuration options other than categories. For instance, if check p2p, it just says (kazaa, emule, bittorrent, etc.) and doesn't list them all. Checking this option blocks many other legitimate programs, such as iTunes.
Our network is more or less configured this way: 2 business class DSL connections (8/1 and 4/4) -> Zywall 35 load balancer -> optenet proxy and gateway -> main switch out to residence hall.
I'd like to implement some sort of traffic shaper or QoS, but we are not able to remove optenet from the network and replace it with a Linux machine running squid, iptables, etc. This would be the ideal situation.
What is the best way to implement such a service? Is it possible to run a network with two proxy servers inline? I'm not a genius when it comes to networking, as I only know the things I've picked up here and there.
What can we do?
Problem: We are required to use a filtering proxy server by the college. In our case, we use optenet We are having problems with bandwidth management. We put in a computer running ntop at my recommendation to see what's going on, and we have a problem with p2p software.
Opetnet, however, is perhaps the worst filtering suite I've ever seen. It has almost zero configuration options other than categories. For instance, if check p2p, it just says (kazaa, emule, bittorrent, etc.) and doesn't list them all. Checking this option blocks many other legitimate programs, such as iTunes.
Our network is more or less configured this way: 2 business class DSL connections (8/1 and 4/4) -> Zywall 35 load balancer -> optenet proxy and gateway -> main switch out to residence hall.
I'd like to implement some sort of traffic shaper or QoS, but we are not able to remove optenet from the network and replace it with a Linux machine running squid, iptables, etc. This would be the ideal situation.
What is the best way to implement such a service? Is it possible to run a network with two proxy servers inline? I'm not a genius when it comes to networking, as I only know the things I've picked up here and there.
What can we do?
