From owner-freebsd-net@FreeBSD.ORG Tue Feb 28 08:53:31 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A247316A42C for ; Tue, 28 Feb 2006 08:53:31 +0000 (GMT) (envelope-from service_ist@abwesend.de) Received: from mail.gmx.net (mail.gmx.de [213.165.64.20]) by mx1.FreeBSD.org (Postfix) with SMTP id 04EEB43D68 for ; Tue, 28 Feb 2006 08:53:30 +0000 (GMT) (envelope-from service_ist@abwesend.de) Received: (qmail 9725 invoked by uid 0); 28 Feb 2006 08:53:29 -0000 Received: from 84.160.18.162 by www024.gmx.net with HTTP; Tue, 28 Feb 2006 09:53:30 +0100 (MET) Date: Tue, 28 Feb 2006 09:53:30 +0100 (MET) From: service_ist@abwesend.de To: freebsd-net@freebsd.org MIME-Version: 1.0 X-Priority: 3 (Normal) X-Authenticated: #442816 Message-ID: <29981.1141116810@www024.gmx.net> X-Mailer: WWW-Mail 1.6 (Global Message Exchange) X-Flags: 0001 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Subject: Only one concurrent connection in jail possible (5.4) X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 28 Feb 2006 08:53:31 -0000 Hi, I've setup a server with 16 jails using 5.4. Right after bringing it up I wondered about its bad performance. CPU load does not increase 30% - and these are pikes when I'm running Spamassassin. The usual sytem load is 0.00 The problem must be something different. When I installed squid, I noticed the client take hours to get a webpage. At first, I thougt this might be a DNS-problem and defined an address for outgoing UDP-connections in squid. But this didn't help. For testing, I installed tinyproxy - same problem! I realized, that I couldn't make any input via the ssh-Connection as long as the client tried to get a page via the proxy. It seems as if the jail handels only one concurrent network connection. Getting a webpage via proxy takes up to 30 or more seconds, the log shows each file being fetched seperatly with up to 1 second delay between - just as long as it takes to download one of the files using wget. Usually, the proxy fetches the files in parallel. The ssh-connection I'm logged in with stays up - but nothing is transmitted: The connection freezes and is available again as soon as the proxy-transfer is completed. Transfer with other ssh-connections to other jails on that machine or the host system aren't affected at this time: One can use the ssh-connection without interference. But I think that they (the jails) are affected by the same problem when one of their processes opens a network connection - this would explain the bad performance of the services run in the other jails (postfix and mailman for example). The host does not run a paketfilter, DNS resolution in the jails is working. I'd appreciate help very much since I don't have any idea what this might come from. Peter -- 10 GB Mailbox, 100 FreeSMS/Monat http://www.gmx.net/de/go/topmail +++ GMX - die erste Adresse für Mail, Message, More +++