From owner-freebsd-xen@FreeBSD.ORG  Thu May 12 14:45:30 2011
Return-Path: <owner-freebsd-xen@FreeBSD.ORG>
Delivered-To: freebsd-xen@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id B15021065673
	for <freebsd-xen@freebsd.org>; Thu, 12 May 2011 14:45:30 +0000 (UTC)
	(envelope-from laurent.cligny@steadinet.fr)
Received: from smtp.steadinet.fr (steadinet.fr [88.191.77.166])
	by mx1.freebsd.org (Postfix) with ESMTP id 461658FC13
	for <freebsd-xen@freebsd.org>; Thu, 12 May 2011 14:45:30 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
	by smtp.steadinet.fr (Postfix) with SMTP id 152ED1D4A78
	for <freebsd-xen@freebsd.org>; Thu, 12 May 2011 16:29:55 +0200 (CEST)
Received: from [192.168.1.10] (ARennes-555-1-203-34.w2-10.abo.wanadoo.fr
	[2.10.234.34])
	by smtp.steadinet.fr (Postfix) with ESMTPSA id 198FA1D4A6E
	for <freebsd-xen@freebsd.org>; Thu, 12 May 2011 16:29:53 +0200 (CEST)
Message-ID: <4DCBEEE0.9060705@steadinet.fr>
Date: Thu, 12 May 2011 16:29:52 +0200
From: Laurent Cligny <laurent.cligny@steadinet.fr>
Organization: Steadinet
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US;
	rv:1.9.2.15) Gecko/20110402 Iceowl/1.0b2 Icedove/3.1.9
MIME-Version: 1.0
To: freebsd-xen@freebsd.org
Content-Type: multipart/mixed; boundary="------------000208000907060105050905"
X-DSPAM-Result: Innocent
X-DSPAM-Processed: Thu May 12 16:29:55 2011
X-DSPAM-Confidence: 0.5000
X-DSPAM-Probability: 0.5000
X-DSPAM-Signature: 64,4dcbeee37249238915244
X-DSPAM-Factors: 27, the, 0.50000, the, 0.50000, a, 0.50000, a, 0.50000,
	and, 0.50000, and, 0.50000, with, 0.50000, with, 0.50000,
	is, 0.50000, is, 0.50000, I, 0.50000, I, 0.50000, to, 0.50000,
	to, 0.50000, FreeBSD, 0.50000, FreeBSD, 0.50000, on, 0.50000,
	on, 0.50000, NAT, 0.50000, NAT, 0.50000, gateway, 0.50000,
	gateway, 0.50000, DomU, 0.50000, DomU, 0.50000,
	NAT+gateway, 0.50000, NAT+gateway, 0.50000, in, 0.50000
X-Content-Filtered-By: Mailman/MimeDel 2.1.5
Subject: [FreeBSD 8.2 amd64 XENHVM] DomU terrible network performance
	trought NAT
X-BeenThere: freebsd-xen@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: laurent.cligny@steadinet.fr
List-Id: Discussion of the freebsd port to xen - implementation and usage
	<freebsd-xen.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-xen>,
	<mailto:freebsd-xen-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-xen>
List-Post: <mailto:freebsd-xen@freebsd.org>
List-Help: <mailto:freebsd-xen-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-xen>,
	<mailto:freebsd-xen-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 12 May 2011 14:45:30 -0000

This is a multi-part message in MIME format.
--------------000208000907060105050905
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit

Hello all,

I want to setup a FreeBSD DomU VM as a network NAT gateway in order to
provide Internet access to other FreeBSD and Linux DomU VMs.
My Dom0 is Xen Cloud Platform 1.0 on a Dell Poweredge 210 with 8 cores,
16GiB RAM and one NIC.

All FreeBSD VM are 8.2 amd64 with XENHVM kernel anf the Linux VM is a
Paravirtualized Debian amd64.

The NAT gateway is a two-NIC box, with one (xn0) configured with a
public Internet address and the other (xn1) configured with a class A
private address (10.0.0.254).
The Internet traffic is very good from my FreeBSD NAT gateway to the
Internet (~ 50MiB/s) and also between other VMs on the private network
(~ 70MiB/s trough scp) after applying the patch here
(http://www.mail-archive.com/freebsd-xen@freebsd.org/msg00855.html)
fixing the "too many frags" problem.

Here is a schema of my setup with the observed net speed on it:

----------         ---------------         ----------------------
|Internet|---xn0---|FBSD DomU NAT|---xn1---|FBSD and Linux DomUs|
----------         ---------------         ----------------------
          <------->               <------->
           50MiB/s                 70MiB/s

          <------------------------------->
           0KiB/s <network speed< 5 KiB/s

I tried doing NAT on the FBSD gateway with PF and also with NATd after
shutting down PF and unloaded the kernel modules pf.ko and pflog.ko, but
I have the same perf problems with both solutions. Also I tried
disabling net.inet.tcp.tso and did ifconfig -tso on all NICs on NAT
gateway and other VMs without change.

I don't see anything on the error console or in /var/log/message.

When i'm trying going though NAT with a Linux paravirt DomU, the network
perf is slightly better but don't go over 5KiB/s.

Finally I put my Linux paravirt DomU VM as a NAT gateway in place of the
FreeBSD one, and the network perf is now normal through it (50MiB/s)
from the FreeBSD DomU VMs.

As I'm very happy with FreeBSD for my environment I'd like to keep as
much as this lovely OS for all my needs, so if anyone have an idea where
the problem can lies, and what to test next to have a clue of what's
happening, I will be very thankfull.

Thanks in advance.

-- 
/Regards,/

*Laurent Cligny
/Founder/*
02 97 37 71 14
06 25 40 86 48
laurent.cligny@steadinet.fr

Steadinet <http://www.steadinet.fr>


--------------000208000907060105050905--