Re: Poor network performance with Xen + OpenVPN?
I've not tried running OpenVPN against itself in a test bed. I no longer have the option as I had my provider downgrade my problematic VM from 4.4 to 3.4, which made the problem disappear. The OpenVPN config's I use are pretty standard. Server: port XXYYZ dev tun ca CA cert CERT key KEY dh DH server A.B.C.D 255.255.255.0 ifconfig-pool-persist ipp.txt keepalive 2 8 comp-lzo user nobody group nobody persist-key persist-tun status openvpn-status.log verb 3 push dhcp-option DNS 8.8.8.8 push dhcp-option DNS 8.8.4.4 Client: client dev tun proto udp remote A XXYYZ remote B XXYYZ resolv-retry infinite nobind user nobody group nobody persist-key persist-tun ca CA cert CERT key KEY ns-cert-type server verb 3 ping 2 ping-restart 5 On Sat, Aug 1, 2015 at 12:45 PM, Egoitz Aurrekoetxea ego...@sarenet.es wrote: Could you paste your onpenvpn’s server and client config files?. Which OS the client runs? Have you tested this openvpn connectivity without any network devices between them?. With for example an ip in the loopback interface of the openvpn server? Best regards, [image: sarenet] *Egoitz Aurrekoetxea* Departamento de sistemas 944 209 470 Parque Tecnológico. Edificio 103 48170 Zamudio (Bizkaia) ego...@sarenet.es www.sarenet.es Antes de imprimir este correo electrónico piense si es necesario hacerlo. El 30/7/2015, a las 11:41, seanr...@gmail.com escribió: I have the same issue. I managed to track it down to a difference between somewhere between Xen 3.4 and 4.4 (my provider uses both). 3.4 works fine (I can sustain a few mbps through OpenVPN). 4.4 I get ~0.05mbps max. I wasn't able to track it down. Both with the virtual drivers (if_xn) with all combinations of tso, lro, rxcsum and txcsum on/off tested. Sean On Wed, Jul 29, 2015 at 2:58 PM, Karl Pielorz kpielorz_...@tdx.co.uk wrote: --On 29 July 2015 14:28 +0200 Egoitz Aurrekoetxea ego...@sarenet.es wrote: Hi! Have you disabled tso, lro and friends?. If by that you mean, ifconfig xn0 -rxcsum -txcsum -tso4 -lro Yes - I've tried that on the virtual host running OpenVPN, it didn't seem to make any difference :( I'll hopefully get some more time later to look at it again. Regards, -Karl ___ freebsd-xen@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-xen To unsubscribe, send any mail to freebsd-xen-unsubscr...@freebsd.org ___ freebsd-xen@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-xen To unsubscribe, send any mail to freebsd-xen-unsubscr...@freebsd.org
Re: Poor network performance with Xen + OpenVPN?
I have the same issue. I managed to track it down to a difference between somewhere between Xen 3.4 and 4.4 (my provider uses both). 3.4 works fine (I can sustain a few mbps through OpenVPN). 4.4 I get ~0.05mbps max. I wasn't able to track it down. Both with the virtual drivers (if_xn) with all combinations of tso, lro, rxcsum and txcsum on/off tested. Sean On Wed, Jul 29, 2015 at 2:58 PM, Karl Pielorz kpielorz_...@tdx.co.uk wrote: --On 29 July 2015 14:28 +0200 Egoitz Aurrekoetxea ego...@sarenet.es wrote: Hi! Have you disabled tso, lro and friends?. If by that you mean, ifconfig xn0 -rxcsum -txcsum -tso4 -lro Yes - I've tried that on the virtual host running OpenVPN, it didn't seem to make any difference :( I'll hopefully get some more time later to look at it again. Regards, -Karl ___ freebsd-xen@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-xen To unsubscribe, send any mail to freebsd-xen-unsubscr...@freebsd.org ___ freebsd-xen@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-xen To unsubscribe, send any mail to freebsd-xen-unsubscr...@freebsd.org
Re: Poor network performance with Xen + OpenVPN?
--On 29 July 2015 14:28 +0200 Egoitz Aurrekoetxea ego...@sarenet.es wrote: Hi! Have you disabled tso, lro and friends?. If by that you mean, ifconfig xn0 -rxcsum -txcsum -tso4 -lro Yes - I've tried that on the virtual host running OpenVPN, it didn't seem to make any difference :( I'll hopefully get some more time later to look at it again. Regards, -Karl ___ freebsd-xen@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-xen To unsubscribe, send any mail to freebsd-xen-unsubscr...@freebsd.org
Re: Poor network performance with Xen + OpenVPN?
Hi! Have you disabled tso, lro and friends?. Regards, Egoitz Aurrekoetxea Departamento de sistemas 944 209 470 Parque Tecnológico. Edificio 103 48170 Zamudio (Bizkaia) ego...@sarenet.es mailto:ego...@sarenet.es www.sarenet.es http://www.sarenet.es/ Antes de imprimir este correo electrónico piense si es necesario hacerlo. El 29/7/2015, a las 8:47, Karl Pielorz kpielorz_...@tdx.co.uk escribió: Hi All, A while ago I ran into an issue with FreeBSD + Xen and networking (where FreeBSD PVHVM domU's can't route traffic to/from other domU's (fbsd/linux/windows) - e.g. as a default gateway). I seem to have run into what appears to be another network issue now - XenServer 6.5-SP1 +hotfixes, with FreeBSD 10.1-p4 (as PVHVM), and OpenVPN 2.3.7 Everything 'works OK' - but the performance is pretty poor. Most noticeable - if you have a browser open fetching pages via the VPN - the pages arrive very slowly, and any ssh sessions etc. are instantly put on a 'go slow', you also start getting ping timeouts when pinging hosts the other side of the VM/VPN until the pages are fetched. Swap back to a bare metal system (on the same networks) - it works fine, switch back over to the VM - and again, performance is lousy. The host running OpenVPN isn't really under any load (it's only job is running OpenVPN) - nor is it's XenServer. If I connect to another OpenVPN host which is running on an HVM FreeBSD 9.1 domU - performance is indistinguishable from the bare metal (as you'd expect considering the relatively low volumes of traffic over the VPN etc.) Can anyone suggest any fixes / where to look to try and keep it as PVHVM, and get the performance back? - as we've already got a collection of HVM machines (to work round the other network problem) - which I don't really want to add to, as they're not agile :( Cheers, -Karl ___ freebsd-xen@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-xen To unsubscribe, send any mail to freebsd-xen-unsubscr...@freebsd.org ___ freebsd-xen@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-xen To unsubscribe, send any mail to freebsd-xen-unsubscr...@freebsd.org
