said by maxtor:Yes, I could have gone via the squid way, but my users are too noob or non tech to add proxy to their browsers and again take it off when they go back home.
You missed an important part of Squiddy's solution. Instead of configuring each users browser he suggests to create a transparent proxy by intercepting the port 80 web traffic in the Linux firewall of the gateway server and redirecting it through squid.
His solution has a number of benefits for your situation:
- adding squid is reducing bandwidth usage by serving popular content from its cache instead of fetching it repeatedly from the Internet.
- no client (workstation) side configuration changes (that could be subverted by knowledgeable users).
- using application specific (http traffic) delay_pool in squid allows finer control over bandwidth usage then qos at the network transport layer (and it appeared as if you didn't want to use qos anyway).
- all needed software is included with most Linux distributions so there is no need to hunt for additional software.
Regarding squid delay pools:
HOWTO .
Regarding squid as transparent proxy:
HOWTO .
You can find many more examples if you google the subject.