From owner-freebsd-net@freebsd.org Sun Dec 10 20:20:31 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id C3EACE9A575 for ; Sun, 10 Dec 2017 20:20:31 +0000 (UTC) (envelope-from trashcan@ellael.org) Received: from mx1.enfer-du-nord.net (mx1.enfer-du-nord.net [IPv6:2001:41d0:d:3049:1:1:0:1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 8FEC41244 for ; Sun, 10 Dec 2017 20:20:31 +0000 (UTC) (envelope-from trashcan@ellael.org) Received: from [IPv6:2003:8c:2e67:d601:d8dd:c75a:db8c:227a] (p2003008C2E67D601D8DDC75ADB8C227A.dip0.t-ipconnect.de [IPv6:2003:8c:2e67:d601:d8dd:c75a:db8c:227a]) by mx1.enfer-du-nord.net (Postfix) with ESMTPSA id 3yvyBh6DTSzT8w; Sun, 10 Dec 2017 21:20:28 +0100 (CET) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 11.1 \(3445.4.7\)) Subject: Re: [IPsec] Weird performance issue via IPsec/racoon tunnel From: Michael Grimm In-Reply-To: <5A2D93BA.9020709@grosbein.net> Date: Sun, 10 Dec 2017 21:20:26 +0100 Cc: freebsd-net@FreeBSD.org Content-Transfer-Encoding: quoted-printable Message-Id: References: <7A6EF712-920E-40BF-B155-113EE6C00AEA@ellael.org> <5A2D703F.8040004@grosbein.net> <3B480730-FF34-45B8-8636-9FCD4E97A2B9@ellael.org> <5A2D93BA.9020709@grosbein.net> To: Eugene Grosbein X-Virus-Scanned: clamav-milter 0.99.2 at mail X-Virus-Status: Clean X-Mailer: Apple Mail (2.3445.4.7) X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 10 Dec 2017 20:20:31 -0000 Eugene Grosbein wrote: > 11.12.2017 2:54, Michael Grimm wrote: >> *BUT* if I do boot with the default 1500 setting, >> changing the MTU to e.g. 1450 and *immediately* back to 1500 = manually, >> I do not encounter any performance loss at all. Why? >> Even when booting 1490 and immediately setting the MTU manually to = 1500 I do not see any performance loss. Strange. >=20 > Interface MTU is used to assing 'mtu' attribute to corresponding route = in the system routing table. > Lowering interface MTU lowers route mtu, but raising interface MTU = does *not* raises route mtu, > use "route -n get" command to check it out. So, you still use low mtu = really. Bingo!=20 NEW> ifconfig vtnet0 vtnet0: flags=3D8843 = metric 0 mtu 1490 NEW> route -n get freebsd.org ... recvpipe sendpipe ssthresh rtt,msec mtu weight = expire 0 0 0 0 1490 1 = 0=20 NEW> ifconfig vtnet0 mtu 1500 up NEW> ifconfig vtnet0 vtnet0: flags=3D8843 = metric 0 mtu 1500 NEW> route -n get spiegel.de ... recvpipe sendpipe ssthresh rtt,msec mtu weight = expire 0 0 0 0 1490 1 = 0=20 I didn't know that. And that explains all my observations. >> Hmm, how would one check that? The output is to fast for me ;-) = Seriously, how should one check this? >=20 > With your eyes :-) Use tcpdump -c flag to limit number of lines, = redirect output to a file > and carefully compare some packets using their ID that tcpshow shows. Ok. I will do that at some later time ;-) I'd like to thank you again for your input and with kind regards, Michael