From owner-freebsd-current@FreeBSD.ORG  Tue Mar 30 10:32:46 2004
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Delivered-To: freebsd-current@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 7D33516A4DF
	for <current@freebsd.org>; Tue, 30 Mar 2004 10:32:46 -0800 (PST)
Received: from pimout2-ext.prodigy.net (pimout2-ext.prodigy.net
	[207.115.63.101])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 384B543D2D
	for <current@freebsd.org>; Tue, 30 Mar 2004 10:32:46 -0800 (PST)
	(envelope-from julian@elischer.org)
Received: from elischer.org (adsl-216-100-132-94.dsl.snfc21.pacbell.net
	[216.100.132.94])i2UIWhTa155194;	Tue, 30 Mar 2004 13:32:43 -0500
Message-ID: <4069BCDE.8040405@elischer.org>
Date: Tue, 30 Mar 2004 10:30:54 -0800
From: Julian Elischer <julian@elischer.org>
User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.4b) Gecko/20030524
X-Accept-Language: en, hu
MIME-Version: 1.0
To: =?UTF-8?B?RGFnLUVybGluZyDnv70=?= <des@des.no>
References: <xzpisgm46h7.fsf@dwp.des.no>
In-Reply-To: <xzpisgm46h7.fsf@dwp.des.no>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit
cc: current@freebsd.org
Subject: Re: performance of jailed processes
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
	<freebsd-current.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 30 Mar 2004 18:32:46 -0000

Dag-Erling Smørgrav wrote:
> Can anyone explain why jailed processes seem to perform much worse
> than non-jailed processes in recent -CURRENT?
> 
> Specifically, running a query against a remote MySQL server from
> inside a jail takes an order of magnitude more time than from outside
> the jail.  Tcpdump shows that the TCP packets carrying the result are
> evenly spaced, so this is not a matter of the server timing out on a
> DNS lookup or anything like that.
> 
> Running a configure script also takes much longer inside the jail than
> outisde, and again, progress is even (though slow), so it is clearly
> not a matter of DNS timing out.
> 
> There is no NFS or NIS in the equation either.  Parts of the file
> space inside the jail is a nullfs mount, but we've also tried without
> nullfs.
> 
> The system currently uses SCHED_ULE, but we had similar trouble with
> SCHED_4BSD on 5.1-RELEASE before we went -CURRENT.
> 
> The machine currently has ~2600 processes running in ~400 jails.  Is
> it conceivable that be scalability issues, perhaps in the credentials
> code, could cause vastly increased syscall overhead for jailed

that suggests 400 addresses, which suggests that lots of linked lists are being 
traversed  for received packets..

> processes?
> 
> DES


-- 
+------------------------------------+       ______ _  __
|   __--_|\  Julian Elischer         |       \     U \/ / hard at work in
|  /       \ julian@elischer.org     +------>x   USA    \ a very strange
| (   OZ    )                                \___   ___ | country !
+- X_.---._/    presently in San Francisco       \_/   \\
           v