From owner-freebsd-stable@FreeBSD.ORG  Mon Mar 16 00:34:30 2015
Return-Path: <owner-freebsd-stable@FreeBSD.ORG>
Delivered-To: freebsd-stable@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id E3876545
 for <freebsd-stable@freebsd.org>; Mon, 16 Mar 2015 00:34:30 +0000 (UTC)
Received: from smarthost1.sentex.ca (smarthost1.sentex.ca
 [IPv6:2607:f3e0:0:1::12])
 (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
 (Client CN "smarthost.sentex.ca", Issuer "smarthost.sentex.ca" (not verified))
 by mx1.freebsd.org (Postfix) with ESMTPS id AC79BE2A
 for <freebsd-stable@freebsd.org>; Mon, 16 Mar 2015 00:34:30 +0000 (UTC)
Received: from [IPv6:2607:f3e0:0:4:f025:8813:7603:7e4a] (saphire3.sentex.ca
 [IPv6:2607:f3e0:0:4:f025:8813:7603:7e4a])
 by smarthost1.sentex.ca (8.14.9/8.14.9) with ESMTP id t2G0YTKR012896
 for <freebsd-stable@freebsd.org>; Sun, 15 Mar 2015 20:34:29 -0400 (EDT)
 (envelope-from mike@sentex.net)
Message-ID: <5506250A.2000506@sentex.net>
Date: Sun, 15 Mar 2015 20:34:18 -0400
From: Mike Tancsa <mike@sentex.net>
Organization: Sentex Communications
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64;
 rv:31.0) Gecko/20100101 Thunderbird/31.5.0
MIME-Version: 1.0
To: FreeBSD-STABLE Mailing List <freebsd-stable@freebsd.org>
Subject: 35-40% performance drop releng9 vs releng10 openvpn
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
X-Scanned-By: MIMEDefang 2.75
X-BeenThere: freebsd-stable@freebsd.org
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-stable>,
 <mailto:freebsd-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-stable/>
List-Post: <mailto:freebsd-stable@freebsd.org>
List-Help: <mailto:freebsd-stable-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
 <mailto:freebsd-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 16 Mar 2015 00:34:31 -0000

As part of moving from a RELENG8 based image to a RELENG9 or 10, I was 
doing some simple performance testing and found RELENG_9 to be quite a 
bit faster when generating traffic through a pcengines APU (dual core, 
AMD64, 2G of RAM).  Both are using generic kernels

blasting across an aes-128cbc tunnel, on releng9 I get


# dd if=/dev/zero | nc 10.3.24.25 500

326002688 bytes transferred in 37.188139 secs (8766308 bytes/sec)


vs

# dd if=/dev/zero | nc 10.3.24.25 500
146982400 bytes transferred in 27.750440 secs (5296579 bytes/sec)
on releng10.

Both have identical pf rules, but disabling pf does not make much of a 
difference in speed.

I havent started checking any of the default tunables. The box will be 
functioning as a VPN router and I was hoping to get at least 50Mb/s out 
of it, and I can do that on RELENG9, but not 10.
Any ideas what to do with RELENG10 to get comparable performance out of it ?

	---Mike



-- 
-------------------
Mike Tancsa, tel +1 519 651 3400
Sentex Communications, mike@sentex.net
Providing Internet services since 1994 www.sentex.net
Cambridge, Ontario Canada   http://www.tancsa.com/