Performance issues with VNET/bridge/VLAN
Patrick M. Hausen
hausen at punkt.de
Fri Feb 22 18:48:41 UTC 2019
Hi!
> Am 22.02.2019 um 18:03 schrieb Michael Grimm <trashcan at ellael.org>:
>
> Am 2019-02-22 11:31, schrieb Patrick M. Hausen:
>
> [x-posted to freebsd-jail at freebsd.org]
>
>> The machine is an iocage jail host, all jails with VNET.
>> The problem is: network performance in the jails (not on the host!) is abysmal
>> with the second setup. Not consistently so, everything *seems* to work
>> but e.g. a customer complained that checking out a project from github
>> happend at 15k/s … that’s when we started to investigate.
>
> [...]
>
>> *Any* idea what might be going on here? We use VNET all the same on all the
>> hosts and it is still labelled „experimental", yes. But all the parts that
>> make up the different setups - bridge(4), vlan(4) - have been in FreeBSD
>> for ages. I’m just combining features orthogonally like every good sysadmin ;-)
>> If someone is willing to do some investigation, I think I can provide a test
>> system and remote access …
>
> This sounds familiar to me, please have a look at the following two threads:
>
> https://lists.freebsd.org/pipermail/freebsd-jail/2019-February/003684.html
> https://lists.freebsd.org/pipermail/freebsd-net/2017-December/049470.html
>
> If your hosts run on cloud infrastructure odds are that the mentioned settings will work in your case.
Bare metal. We *provide* cloud infrastructure by the means of jails and VNET.
See this URL for the shameless marketing plug [tm] ;-) Or my talk at EuroBSDCon 2017 in Paris.
https://infrastructure.punkt.de/de/produkte/proserver.html
And no PF, no NAT, no IPFW - just the setup I showed in my first mail
and of course epair(4) interfaces added to the bridge by iocage …
We happened to have a handful of servers without enough free uplink ports
in the respective racks and thought we could get away cheaply using trunks
and VLANs.
But I’ll fiddle with LRO nonetheless and report if that changes anything.
Thanks
Patrick
--
punkt.de GmbH Internet - Dienstleistungen - Beratung
Kaiserallee 13a Tel.: 0721 9109-0 Fax: -100
76133 Karlsruhe info at punkt.de http://punkt.de
AG Mannheim 108285 Gf: Juergen Egeling
More information about the freebsd-jail
mailing list