From owner-freebsd-xen@FreeBSD.ORG Thu May 12 15:19:28 2011 Return-Path: Delivered-To: freebsd-xen@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 770AD106566C for ; Thu, 12 May 2011 15:19:28 +0000 (UTC) (envelope-from gs@omegacube.fr) Received: from slow3-v.mail.gandi.net (slow3-v.mail.gandi.net [217.70.178.89]) by mx1.freebsd.org (Postfix) with ESMTP id B750A8FC13 for ; Thu, 12 May 2011 15:19:27 +0000 (UTC) X-WhiteListed: mail was accepted with no delay X-WhiteListed: mail was accepted with no delay Received: from relay3-d.mail.gandi.net (relay3-d.mail.gandi.net [217.70.183.195]) by slow3-v.mail.gandi.net (Postfix) with ESMTP id E49C786274 for ; Thu, 12 May 2011 17:01:02 +0200 (CEST) X-Originating-IP: 217.70.178.131 Received: from mfilter11-d.gandi.net (mfilter11-d.gandi.net [217.70.178.131]) by relay3-d.mail.gandi.net (Postfix) with ESMTP id 1AE1FA80AE for ; Thu, 12 May 2011 17:00:51 +0200 (CEST) X-Virus-Scanned: Debian amavisd-new at undef13-d.mgt.gandi.net Received: from relay3-d.mail.gandi.net ([217.70.183.195]) by mfilter11-d.gandi.net (mfilter11-d.gandi.net [10.0.15.180]) (amavisd-new, port 10024) with ESMTP id J9qCWg-qGFOC for ; Thu, 12 May 2011 17:00:48 +0200 (CEST) X-Originating-IP: 209.85.212.54 Received: from mail-vw0-f54.google.com (mail-vw0-f54.google.com [209.85.212.54]) (Authenticated sender: gs@omegacube.fr) by relay3-d.mail.gandi.net (Postfix) with ESMTPSA id 5D69AA80B3 for ; Thu, 12 May 2011 17:00:48 +0200 (CEST) Received: by vws18 with SMTP id 18so1596849vws.13 for ; Thu, 12 May 2011 08:00:47 -0700 (PDT) Received: by 10.220.187.76 with SMTP id cv12mr89731vcb.128.1305212447196; Thu, 12 May 2011 08:00:47 -0700 (PDT) MIME-Version: 1.0 Received: by 10.220.203.137 with HTTP; Thu, 12 May 2011 08:00:27 -0700 (PDT) In-Reply-To: <4DCBEEE0.9060705@steadinet.fr> References: <4DCBEEE0.9060705@steadinet.fr> From: Guillaume Seigneuret Date: Thu, 12 May 2011 17:00:27 +0200 Message-ID: To: laurent.cligny@steadinet.fr Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: freebsd-xen@freebsd.org Subject: Re: [FreeBSD 8.2 amd64 XENHVM] DomU terrible network performance trought NAT X-BeenThere: freebsd-xen@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussion of the freebsd port to xen - implementation and usage List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 12 May 2011 15:19:28 -0000 Maybe you should have a look on the tcp window size values. I had such a behavior with two gateways who was not playing the same way with the TCP window size which made my network damn slow. If you have a linux gateway in front of your FreeBSD VM, it should be this. Command Description sysctl net.inet.tcp.rfc1323=3D1 Activate window scaling and timestamp optio= ns according to RFC 1323.sysctl ipc.maxsockbuf=3D*[sbmax]* Set maximum size of TCP window.sysctl net.inet.tcp.recvspace=3D*[wstd]* Set default size of TCP receive window.sysctl net.inet.tcp.sendspace=3D*[wstd]* Set default size of TCP transmit window.sysctl kern.ipc.nmbclusters View maximum number of mbuf clusters. Used for storage of data packets to/from the network interface. Can only be set att boot time - see above. sysctl net.inet.tcp.liondmask=3D= 7Used to enable the "netlion" patch above. Cordialement, *Guillaume Seigneuret* *Network and System Security Architect* *Web* : http://www.omegacube.fr *Address* : H=F4tel Technologique Marseille Innovation - BP 100 45 rue Frederic Joliot Curie Technop=F4le de Ch=E2teau Gombert 13382 Marseille Cedex 13 2011/5/12 Laurent Cligny > Hello all, > > I want to setup a FreeBSD DomU VM as a network NAT gateway in order to > provide Internet access to other FreeBSD and Linux DomU VMs. > My Dom0 is Xen Cloud Platform 1.0 on a Dell Poweredge 210 with 8 cores, > 16GiB RAM and one NIC. > > All FreeBSD VM are 8.2 amd64 with XENHVM kernel anf the Linux VM is a > Paravirtualized Debian amd64. > > The NAT gateway is a two-NIC box, with one (xn0) configured with a > public Internet address and the other (xn1) configured with a class A > private address (10.0.0.254). > The Internet traffic is very good from my FreeBSD NAT gateway to the > Internet (~ 50MiB/s) and also between other VMs on the private network > (~ 70MiB/s trough scp) after applying the patch here > (http://www.mail-archive.com/freebsd-xen@freebsd.org/msg00855.html) > fixing the "too many frags" problem. > > Here is a schema of my setup with the observed net speed on it: > > ---------- --------------- ---------------------- > |Internet|---xn0---|FBSD DomU NAT|---xn1---|FBSD and Linux DomUs| > ---------- --------------- ---------------------- > <-------> <-------> > 50MiB/s 70MiB/s > > <-------------------------------> > 0KiB/s > I tried doing NAT on the FBSD gateway with PF and also with NATd after > shutting down PF and unloaded the kernel modules pf.ko and pflog.ko, but > I have the same perf problems with both solutions. Also I tried > disabling net.inet.tcp.tso and did ifconfig -tso on all NICs on NAT > gateway and other VMs without change. > > I don't see anything on the error console or in /var/log/message. > > When i'm trying going though NAT with a Linux paravirt DomU, the network > perf is slightly better but don't go over 5KiB/s. > > Finally I put my Linux paravirt DomU VM as a NAT gateway in place of the > FreeBSD one, and the network perf is now normal through it (50MiB/s) > from the FreeBSD DomU VMs. > > As I'm very happy with FreeBSD for my environment I'd like to keep as > much as this lovely OS for all my needs, so if anyone have an idea where > the problem can lies, and what to test next to have a clue of what's > happening, I will be very thankfull. > > Thanks in advance. > > -- > /Regards,/ > > *Laurent Cligny > /Founder/* > 02 97 37 71 14 > 06 25 40 86 48 > laurent.cligny@steadinet.fr > > Steadinet > > > _______________________________________________ > freebsd-xen@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-xen > To unsubscribe, send any mail to "freebsd-xen-unsubscribe@freebsd.org" > >