From nobody Sun Sep 15 17:44:51 2024
X-Original-To: freebsd-net@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4X6Fmy35wzz5WV8H
	for <freebsd-net@mlmmj.nyi.freebsd.org>; Sun, 15 Sep 2024 17:45:06 +0000 (UTC)
	(envelope-from zarychtam@plan-b.pwste.edu.pl)
Received: from plan-b.pwste.edu.pl (plan-b.pwste.edu.pl [IPv6:2001:678:618::40])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (2048 bits) client-digest SHA256)
	(Client CN "plan-b.pwste.edu.pl", Issuer "GEANT OV RSA CA 4" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4X6Fmw4YyVz4jZJ
	for <freebsd-net@freebsd.org>; Sun, 15 Sep 2024 17:45:04 +0000 (UTC)
	(envelope-from zarychtam@plan-b.pwste.edu.pl)
Authentication-Results: mx1.freebsd.org;
	dkim=pass header.d=plan-b.pwste.edu.pl header.s=plan-b-mailer header.b="m1Q3I/xV";
	dmarc=pass (policy=quarantine) header.from=plan-b.pwste.edu.pl;
	spf=pass (mx1.freebsd.org: domain of zarychtam@plan-b.pwste.edu.pl designates 2001:678:618::40 as permitted sender) smtp.mailfrom=zarychtam@plan-b.pwste.edu.pl
Received: from plan-b.pwste.edu.pl (zarychtam@localhost [127.0.0.1])
	by plan-b.pwste.edu.pl (8.18.1/8.17.2) with ESMTPS id 48FHiqna044492
	(version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NO);
	Sun, 15 Sep 2024 19:44:53 +0200 (CEST)
	(envelope-from zarychtam@plan-b.pwste.edu.pl)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=plan-b.pwste.edu.pl;
	s=plan-b-mailer; t=1726422293;
	bh=iE7UYqWN8JbFKmNmmk7X5RpZp4ntYnmKtxTa0xlNmog=;
	h=Date:From:To:Cc:Subject:References:In-Reply-To;
	b=m1Q3I/xVigS9tupIL3SYqtIIpE8/jzRYPwoZQ3uRPhPhqi4fhFSgOf8Avvw9NejGf
	 JLnhk5fNJgstgBn0wj/LSYVdY0qILu2HJudaZe0mY9DCgBHpwZrpXYxXD47t7YDBZU
	 E6F/S4PvgdSx8pgmoMzVt8tPQiv3R8N1iLCxUJUr9uIUQl4NiE9isYJW+uycO5MZTK
	 cVtC7gbAXy/EUG7C3S7cZBjUCSefuyc/V5y4Dw3FRT1lSrkKbQL7ICt/s3eTEDk4N9
	 bi3iCnjsT9+AmI4yyma8kMPeV170+uNvKq5ZRSG4FKig5LFGfZRxORZFMKDde9HEf1
	 jaATdJLcE2tcg==
Received: (from zarychtam@localhost)
	by plan-b.pwste.edu.pl (8.18.1/8.18.1/Submit) id 48FHiqtM044491;
	Sun, 15 Sep 2024 19:44:52 +0200 (CEST)
	(envelope-from zarychtam)
Date: Sun, 15 Sep 2024 19:44:51 +0200
From: Marek Zarychta <zarychtam@plan-b.pwste.edu.pl>
To: Sad Clouds <cryintothebluesky@gmail.com>
Cc: freebsd-net@freebsd.org
Subject: Re: Performance issues with vnet jails + epair + bridge
Message-ID: <ZucdE8yME-r9kWdy@plan-b.pwste.edu.pl>
References: <20240912181618.7895d10ad5ff2ebae9883192@gmail.com>
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-net
List-Help: <mailto:freebsd-net+help@freebsd.org>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Subscribe: <mailto:freebsd-net+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-net+unsubscribe@freebsd.org>
Sender: owner-freebsd-net@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <20240912181618.7895d10ad5ff2ebae9883192@gmail.com>
X-Spamd-Bar: ---
X-Spamd-Result: default: False [-3.99 / 15.00];
	NEURAL_HAM_MEDIUM(-1.00)[-1.000];
	NEURAL_HAM_LONG(-1.00)[-1.000];
	NEURAL_HAM_SHORT(-0.99)[-0.988];
	DMARC_POLICY_ALLOW(-0.50)[plan-b.pwste.edu.pl,quarantine];
	R_SPF_ALLOW(-0.20)[+mx];
	R_DKIM_ALLOW(-0.20)[plan-b.pwste.edu.pl:s=plan-b-mailer];
	MIME_GOOD(-0.10)[text/plain];
	ARC_NA(0.00)[];
	MISSING_XM_UA(0.00)[];
	ASN(0.00)[asn:206006, ipnet:2001:678:618::/48, country:PL];
	MIME_TRACE(0.00)[0:+];
	TO_DN_SOME(0.00)[];
	FREEMAIL_TO(0.00)[gmail.com];
	RCPT_COUNT_TWO(0.00)[2];
	MLMMJ_DEST(0.00)[freebsd-net@freebsd.org];
	FROM_EQ_ENVFROM(0.00)[];
	FROM_HAS_DN(0.00)[];
	MID_RHS_MATCH_FROM(0.00)[];
	RCVD_COUNT_TWO(0.00)[2];
	RCVD_TLS_LAST(0.00)[];
	TO_MATCH_ENVRCPT_SOME(0.00)[];
	DKIM_TRACE(0.00)[plan-b.pwste.edu.pl:+]
X-Rspamd-Queue-Id: 4X6Fmw4YyVz4jZJ

Dnia Thu, Sep 12, 2024 at 06:16:18PM +0100, Sad Clouds napisał(a):
> Hi, I'm using FreeBSD-14.1 and on this particular system I only have a
> single physical network interface, so I followed instructions for
> networking vnet jails via epair and bridge, e.g.
> 
> devel
> {
>         vnet;
>         vnet.interface = "e0b_devel";
>         exec.prestart += "/jails/jib addm devel genet0";
>         exec.poststop += "/jails/jib destroy devel";
> }
> 
> The issue is bulk TCP performance throughput between this jail and the
> host is quite poor, with one CPU spinning 100% in kernel and others
> sitting mostly idle.
> 
> It seems there is some lock contention somewhere, but I'm not sure if
> this is around vnet, epair or bridge subsystems. Are there
> other alternatives for vnet jails? Can anyone recommend specific
> deployment scenarios? I've seen references to netgraph which could be
> used with jails. Does it have better performance and scalability and
> could replace epair and bridge combination?
> 
> Thanks.

Have you tried to use kernel built with "options RSS" ? 
From my experience it could help in some specific scenarios.

-- 
Marek Zarychta