I'll probably kick myself when I figure this one out, but here's a riddle for you.
pfsense is 2.0RC3. Atom D510 (2x1.6GHz, GBE) Clear DF bit: enabled Scrub: disabled I have a number of real and virtual hosts (single ESXi server with vlans) connected to pfsense through a Netgear gigabit switch using vlans. All hosts are wired and local, so latency is <3 ms in all cases. I noticed some serious slowness using nfs, so I investigated with iperf. All iperf tests were half-duplex, 4 threads, 30 seconds in duration to the server, like so: iperf -c rip -P4 -t30. Here is the results matrix: Client Real/Virtual Vlan Server Real/Virtual Vlan Result Notes ren real 85 rip virtual 240 17 Mbps routed: slow crag virtual 250 rip virtual 240 17 Mbps routed: slow slab virtual 85 rip virtual 240 17 Mbps routed: slow slab virtual 85 crag virtual 250 345 Mbps routed ren real 85 crag virtual 250 320 Mbps routed ren real 85 mule real 85 950 Mbps L2 wire speed ren real 85 mule real 250 380 Mbps routed ren real 85 slab virtual 85 950 Mbps L2 wire speed slab virtual 85 mule real 25 548 Mbps routed mule real 240 rip virtual 240 950 Mbps L2 wire speed I hope that's not too confusing. To summarize, any two machines, real or virtual, get iperf results near wire speed when on the same L2 network. Any two machines on different (routed) networks see iperf speeds between 320 and 550, which is expected due to the limitations of the router. The exception is rip. Of my three virtual hosts, which all live on the same ESXi server, only rip is seeing very slow iperf speeds (and similar nfs speeds) when acting as server to routed hosts. I can't explain this, as rip has access to more cores and RAM on the ESXi host than the other VMs. There is no pfsense limiter in place to throttle this traffic. top shows no strain on rip during the tests. All real and VM hosts are running Ubuntu x86_64, although rip is 11.04 while the others are 10.10. All VMs have open-vm-tools installed. I guess this could be an issue with pfsense, Ubuntu 11.04, or ESXi. I'm not sure which, but I find it odd that 1/3 VMs has poor network performance, but only when the traffic is routed. Any ideas where to look? db --------------------------------------------------------------------- To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
