Pessoal estou com problemas com um IP FIXO BRT. Contratei um serviço de IP FIXO da BRT de 1 Mb down e 512 Up, PPPoA, instalaram aki um modem Alcatel Speed touch pro, até ai tudo bem... Naveguei um dia inteiro nesse link pelo meu Notebook Via cabo de rede e medindo sempre a velocidade, sempre bateu o banda contratada, intão era a hora de colocar esse link num servidor FreeBSD 5.4 que tem uma média de 35 clientes no total... Ai começaram meus problemas... A velocidade dos clientes caiu consideravelmete, as veses fica pior que discada e alguns clientes nao consegue abrir paginas, e quando eu tiro desse IP FIXO e coloco no link dedicado de 2 Mb tudo funciona perfeitamente, so que ai pesa demais a rede. Já conferir dezenas de coisas por aki e aparentemente esta tudo normal, vou postar aki meu rc.conf, meu ipfw e meu squid.conf para ser avaliados pelos senhores e qualquer opinião, ou ajuda vai ser de grande valia. Desde ja agradeço a todos.
hostname="Servidor2.serv.com.br"
keymap="br275.cp850"
#linux_enable="YES"
#usbd_enable="YES"
gateway_enable="YES"
squid_enable="YES"
sshd_enable="YES"
ifconfig_sis0="inet 10.0.0.2 netmask 255.0.0.0"
defaultrouter=10.0.0.100
ifconfig_xl0="inet 172.16.0.1 netmask 255.255.255.0"
firewall_enable="YES"
firewall_script="/etc/ipfw.banda"
firewall_type="OPEN"
natd_enable="YES"
natd_interface="sis0"
natd_flags="-s -f /etc/natd.conf"
=================IPFW======================
natd -s -p 8668 -n sis0
ipfw add 9 allow tcp from me to any
ipfw add 10 fwd 127.0.0.1,3128 tcp from any to any 80
ipfw add 11 allow ip from any to any via lo0
ipfw add 12 deny ip from any to 127.0.0.0/8
ipfw add 13 divert 8668 all from any to any via sis0
ipfw add 14 deny udp from any to any 137
ipfw add 15 deny udp from any to any 138
ipfw add 16 deny udp from any to any 139
==================Squid.conf===================
##
## Configuracoes de rede
##
############################################
http_port 172.16.0.1:3128
http_port 127.0.0.1:3128
##
## Configuracoes de memoria e cache
##
############################################
cache_mem 128 MB
cache_swap_low 90
cache_swap_high 95
maximum_object_size 4096 KB
minimum_object_size 0 KB
maximum_object_size_in_memory 32 KB
ipcache_size 1024
ipcache_low 90
ipcache_high 95
fqdncache_size 512
cache_replacement_policy lru
##
## Definicao dos arquivos e log
##
############################################
cache_dir ufs /usr/squid/cache 150000 16 256
cache_access_log /usr/squid/log/access.log
cache_log /usr/squid/log/cache.log
cache_store_log /usr/squid/log/store.log
cache_store_log none
emulate_httpd_log off
log_ip_on_direct on
mime_table /usr/local/etc/squid/mime.conf
log_mime_hdrs off
pid_filename /usr/squid/run/squid.pid
debug_options ALL,1
log_fqdn off
client_netmask 255.255.255.255
ftp_user [email protected]
ftp_list_width 32
ftp_passive on
ftp_sanitycheck on
ftp_telnet_protocol on
# diskd_program /usr/lib/squid/diskd
# unlinkd_program /usr/lib/squid/unlinkd
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
request_header_max_size 10 KB
request_body_max_size 0 KB
##
## Padrao de atualizacao do cache.
##
#########################################################################
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
##
## Listas de controle de acesso - ACLs
##
############################################
acl QUERY urlpath_regex cgi-bin \?
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl conecta src 172.16.0.0/255.255.0.0
acl GOVERNO dstdomain .gov.br
acl ALL src 0.0.0.0/0.0.0.0
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
no_cache deny QUERY
http_access allow meuprovedor
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access deny to_localhost
http_access allow ALL
http_access deny ALL
http_reply_access allow all
icp_access deny all
reply_body_max_size 0 allow all
cache_mgr admincache
visible_hostname meudominio.serv.com.br
cache_effective_user squid
cache_effective_group squid
logfile_rotate 0
tcp_recv_bufsize 0 bytes
httpd_accel_port 80
httpd_accel_host virtual
httpd_accel_uses_host_header on
httpd_accel_with_proxy on