Date: Sun, 25 Oct 2015 16:46:56 +0000 From: James Lodge <James@Lodge.me.uk> To: "freebsd-net@freebsd.org" <freebsd-net@freebsd.org> Subject: Jail - PF - NAT - Network Performance Message-ID: <VI1PR06MB1037187D07A9C500B3E4E791F9240@VI1PR06MB1037.eurprd06.prod.outlook.com>
next in thread | raw e-mail | index | archive | help
Dear All, I wonder if you'd be so kind as to help/point me in the right direction in = order to fix a network performance issue I seem to have. I currently have a FreeBSD 10.1 host running on Digital Ocean. I have multi= ple jails and I'm not using vimage. I'm using PF on the host to NAT traffic from said jails and all is working = as expected. I have a jail running OpenVPN and clients can connect and traf= fic is routed to the Internet down the tunnel via PF/NAT. The issue I'm see= ing is download speeds to the client from the Internet on the external side= on PF. Upload always seem reasonable, but download is always woeful. I'm u= sing a Windows machine as the client if that make any odds. I've narrowed it down to be PF/NAT/External Interface (possibly) as I have = a web server in another jail on the same host. The web server is hosting a = 1GB file. If I download the 1GB using the web server's private IP address d= own the OpenVPN tunnel I get a reasonable speed of about 2MB/s where as dow= nloading the same 1GB file from a public web server via the OpenVPN tunnel = (so going through PF/NAT on the host) results in 30KB/s maximum. Just to re= iterate the point, the web server running on the FreeBSD host on DO is publ= icly accessible on the Internet. If I disconnect my OpenVPN and use the pub= lic IP to download the 1GB I get 5-6MB/s which is the speed on my VDSL2 cir= cuit. Any help massively appreciated Regards James
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?VI1PR06MB1037187D07A9C500B3E4E791F9240>