FreeBSD tunnels / performance et'al (gif/tun etc.)

Karl Pielorz kpielorz at
Fri Jan 23 07:48:23 PST 2004

--On 20 January 2004 21:40 -0500 Robert Watson <rwatson at> wrote:

> On Tue, 20 Jan 2004, Karl Pielorz wrote:
>> I've just setup a FreeBSD tunnel (we've tried both gif and tun [via
>> nos-tun]) now between two fairly large networks of machines...
> What version of FreeBSD are you using?  If using FreeBSD 5.x, you may well
> want to switch to 4.x for at least one more minor version, as interrupt
> latency hasn't been optimized in 5.x yet since the move to interrupt
> threads, and the network stack also runs with Giant in 5.2 out of the
> box.  I wouldn't think this would hurt you as much as seen below, but
> it's worth keeping in mind.
> Also, I would generally expect gif, gre, et al, to be faster than
> tun-based tunneling, as they avoid the trip through userspace, which
> involves a number of packet copies.

We're already using 4.9. I also take your point about gif being quicker 
than switching to user space and back (And, in testing - tun was indeed 
even slower than gif).

In the end we fixed this problem by putting stupidly fast machines at each 
end (i.e. P4 2.6Ghz) - we also made some tweaks to the tcp sysctls (such as 
disabling delayed acks, and closing the window size down) - which also 
seemed to help.

I'm just wondering if it was something 'weird' such as the delay over the 
tunnel being on average 'just the right delay time' to cause problems that 
you wouldn't get on a LAN or something? :)



More information about the freebsd-questions mailing list