From owner-freebsd-xen@FreeBSD.ORG Sun Apr 20 03:34:42 2014 Return-Path: Delivered-To: freebsd-xen@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B0337C51 for ; Sun, 20 Apr 2014 03:34:42 +0000 (UTC) Received: from mail-ve0-x234.google.com (mail-ve0-x234.google.com [IPv6:2607:f8b0:400c:c01::234]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 66BFB1235 for ; Sun, 20 Apr 2014 03:34:42 +0000 (UTC) Received: by mail-ve0-f180.google.com with SMTP id jz11so5735722veb.11 for ; Sat, 19 Apr 2014 20:34:41 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=references:in-reply-to:mime-version:content-transfer-encoding :content-type:message-id:cc:from:subject:date:to; bh=jyQuSFDA9rjVFRLx+pYv0xv1s4WwDLR4zlgsL7BgsOE=; b=jlOaAfQiPwgHnlHtS28/JIAnH64/gzi0vARjtmVFoKtd14CV47Q7bl84a+H5SsbP4Y hCyexVrJrkps/mWnTZ7Q+lEfCMtb3Ywq7dcpaV66+NISgLGIlgcjMxaRlnqfMXZnSC0x S6b1ycASjE2fllh0u9OLPxuqClbXTJvbfjvIBiEbXefRIhQye6kBsFbV9jfksNG49L2o yZpbk9sHgnJhssBPRq+B+MMcu8LkbVtUAZEf0zrroQ8Pi+cDzxfC6Wgf49dQXfHbwuhl 0KA8ccBhscs+8eAdUBVUVu1KpyEEomJRi0vJcdYtxkczHvXxuGD0tyWUhTkfUCsGTzy+ s7tw== X-Received: by 10.220.159.4 with SMTP id h4mr23431515vcx.1.1397964881460; Sat, 19 Apr 2014 20:34:41 -0700 (PDT) Received: from [192.168.1.101] (189-13-78-68.user.veloxzone.com.br. [189.13.78.68]) by mx.google.com with ESMTPSA id dv2sm68396788vdb.2.2014.04.19.20.34.39 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Sat, 19 Apr 2014 20:34:40 -0700 (PDT) References: <2C3A747F-DA88-4815-A930-7C5EB1CD6238@gmail.com> In-Reply-To: Mime-Version: 1.0 (1.0) Message-Id: <42A9E3AE-0209-4038-A5D3-2713511BA59F@gmail.com> X-Mailer: iPad Mail (9B206) From: Tiago Ribeiro Subject: Re: VM in Xen 4.1; poor packet forwarding performance on xn0 Date: Sun, 20 Apr 2014 00:34:41 -0300 To: "seanrees@gmail.com" Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.17 Cc: "freebsd-xen@freebsd.org" X-BeenThere: freebsd-xen@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: Discussion of the freebsd port to xen - implementation and usage List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 20 Apr 2014 03:34:42 -0000 Em 19/04/2014, =C3=A0s 10:17, "seanrees@gmail.com" escr= eveu: > On Sat, Apr 19, 2014 at 1:11 PM, Tiago Ribeiro wrote: >=20 >=20 > > Em 18/04/2014, =C3=A0s 11:57, "seanrees@gmail.com" e= screveu: > > > > Hi there freebsd-xen, > > > > I tried first on freebsd-questions@ without success, so I thought to ret= ry > > here. > > > > I run OpenVPN on a FreeBSD 10.0-Rp1 VM in Xen 4.1 (HVM). I am experienci= ng > > slow network performance on xn0 that seems to have developed after I > > upgraded to FreeBSD 10 (no other changes). I can only achieve about 0.5m= bps > > through this interface when forwarding packets; packets in a single > > direction are fine (e.g; downloading to the VPS or pushing from the VPS)= > > and clock in at many (>10 usually) mbps. > > > > Interestingly, my identical VM (configuration managed centrally) running= on > > Xen 3.4 (HVM) does *not* have this issue. > > > > I did a little debugging and here's what I've noticed: > > - Not related to OpenVPN, repro'd using ssh -d. > > - Slow VM has a very low rate of context switches (~250) while > > forwarding, fast VM has a lot more (~2000) sampled over 5 seconds using > > systat -v. > > - I can't repro a context switch limit (tried a limited fork() bomb). > > - Tried with *and* without LRO and TSO on xn0 (and all combinations of > > LRO and TSO on/off) > > > > I started digging into the Xen drivers but I realised I am not equipped t= o > > debug this. I'm looking for suggestions on what to check. My provider is= > > offering to move me to an older Xen host but I'd like to see if I can he= lp > > identify a bug either in my configuration or perhaps in FreeBSD's Xen co= de. > > > > Sean > > _____________________________________________ >=20 >=20 > Do you use pf? >=20 > I do. Fairly simple ruleset: default deny, a few specific port allows, NAT= . >=20 > Sean I can't help you, i'm very interested in this topic. I have case when i use x= enserver with freebsd 10, and pf with nat, and works ok, and case with dom0 d= ebian 6 and do not work, and one case with netbsd dom0, and freebsd 9 with k= ernel compiled for xen, and works fine.=