Re: Performance issues with vnet jails + epair + bridge
Date: Mon, 16 Sep 2024 14:32:11 UTC
On 15/09/2024 19:56, Sad Clouds wrote: > On Sun, 15 Sep 2024 18:01:07 +0100 > Doug Rabson <dfr@rabson.org> wrote: > >> I just did a throughput test with iperf3 client on a FreeBSD 14.1 host with >> an intel 10GB nic connecting to an iperf3 server running in a vnet jail on >> a truenas host (13.something) also with an intel 10GB nic and I get full >> 10GB throughput in this setup. In the past, I had to disable LRO on the >> truenas host for this to work properly. >> >> Doug. > > Hello Doug, can you please confirm that you are NOT using if_epair(4)? I > imagine you dedicate one of the Intel 10Gb ports to a jail. This is not > an option for some of us, so a virtual NIC of some sort is the only > option with vnet jails. Other people also mentioned that vnet by itself > is not an issue and your test confirms this, however I'm observing poor > scalability specifically with the epair virtual NIC. > > I will be trying netgraph when I have some more time. If there are > other alternatives to if_epair then I would be interested to learn > about them. Try ngbuddy, it will help you with configuring netgraph. Or you can create second loopback interface, for example lo1 and put your jails on it. I don't know what your scenario is, but I used lo1 in the past with private IPs (10.x.x.x or 172.16.x.x) for jails not facing the outside world, just communicating with the host) You can put something similar to rc.conf: cloned_interfaces="lo1" # interface where all jails will bind ifconfig_lo1="inet 172.16.55.22 netmask 255.255.255.0" Then run: service netif cloneup Kind regards Miroslav Lachman